GET /9f961cb1-cf52-4303-9131-56622bd15a1c HTTP/1.1
Host: dratingmaject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
 18.195.149.11
HTTP/1.1 302
Server: nginx
Date: Sun, 04 Sep 2022 03:54:57 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://0ee06.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5MDcyMCIsImxhbmRlcl9pZCI6IjEyNSJ9&click_id=whdqprkoaujinrpii3413k9c&subid=9dd1b15d-f028-4d41-b731-bec13c85ae61
Pragma: no-cache
Set-Cookie: 9f961cb1-cf52-4303-9131-56622bd15a1c-v4=rLjSnfBV2xftAQRm_ddoKJh1I3TKhpajwe5_dyE_npM; Max-Age=86400; Expires=Mon, 05-Sep-2022 03:54:57 GMT; Domain=dratingmaject.com; Path=/; HttpOnly
cc-v4=p1ZtYWYCfMT5EKo4at9zyUbhHH%2BOSpyW3w%2F8DywBNxP%2BV6IqUdx6Ar18IWRn9uocJZobWthUHMULZ8CogMf7qE7sbiN2%2F3JABN97OjM7fZ9mXILc45H%2Bq9couhFpznJ93Iq6QP2zwVY9Ibtct5q7aA%3D%3D; Max-Age=31536000; Expires=Mon, 04-Sep-2023 03:54:57 GMT; Domain=dratingmaject.com; Path=/; HttpOnly
|
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
 143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 04 Sep 2022 03:43:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -RoWvf5_2hph3KO2YWUsC3b7373ElRhiCgeOJH1jqUXnYNaSWWg3jA==
Age: 668
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2296
Expires: Sun, 04 Sep 2022 04:33:13 GMT
Date: Sun, 04 Sep 2022 03:54:57 GMT
Connection: keep-alive
|
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5_Sf9ipV8Voe7Q_sMRsfgwutDxsR_2Pmi65cGS2tim_WXyG842K-Rg==
age: 9580
X-Firefox-Spdy: h2
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Sun, 04 Sep 2022 03:54:57 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 04 Sep 2022 03:38:16 GMT
Cache-Control: max-age=3600
Expires: Sun, 04 Sep 2022 03:54:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R5HyMgufrrZBUScSL7Hsu0eH5G7nI7ccKxJWmaBy0uvXWylKeVrrFw==
Age: 1002
|
GET /899979446 HTTP/1.1
Host: other.landerhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
 188.240.52.20
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:54:58 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IlN1SUpCbWZaY01Qdnc1VHBaOCtmS1E9PSIsInZhbHVlIjoieE0xQUZPTTlOYlhOQ3FLZnYvUUFqZXhwblMyTXlMTTlPeWFFa28yaHVaTFZVZTd1L3FHbnVwaCs1TUp2eHQreitkTk93dnBrQjliaFFFY3RyYzlPdTJEUDdtU3Z2ZHpFZmU0NjFUTmhnRmlzbTRpTHRudEMxaTZ3eVpiZWQ0RXAiLCJtYWMiOiJjNDZlMmI0OWJiZTg5MjQxNjdjMGIzZjRjNTA0YmM5NDBkMmE2Mzk3YmYxMTliYzM3MDhiNTViNDI1MmQyOGJhIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:58 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IkJ6cmIrOHkranVRR1VnQlRMc1NIdlE9PSIsInZhbHVlIjoid0tCbFVyWGh6QU5aUFZMbHlZbEZUOVV2UGlBVjFwam13NjhOa1lTRTBRZkFhbXNQVWFXSW54T09HTnowZ0JSYjMrUUVEakduSnZIQmU5M0FkMzZ5MThTR3FFTG5aSXBsR3J6WFIxeUtqcmJKZWFFSWQ3eDh4UkdtenJQQm5vS3IiLCJtYWMiOiJmM2RiZGYzOWE5N2Q3MjUxMjZhYmYwYzZmNDFkOWUzMDljMTkwNDI1MTY3NDAyZGYxNDY0YjQ2MmViMzY0MzNkIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:58 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
GET /npm/@fpjs-incubator/botd-agent@0/dist/botd.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
 151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.1.20
x-jsd-version-type: version
etag: W/"2349-ZoOIlhfcFugXpJwXzjjzWO/fFjg"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 03:54:58 GMT
age: 23881
x-served-by: cache-fra19148-FRA, cache-bma1629-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 3067
X-Firefox-Spdy: h2
|
GET /npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.3.5
x-jsd-version-type: version
etag: W/"8392-Rfi4DUKsZmgOw+7TcNmFhcx8ixc"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Sep 2022 03:54:58 GMT
age: 10293
x-served-by: cache-fra19145-FRA, cache-bma1629-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 14137
X-Firefox-Spdy: h2
|
GET /landingpages/mcafee/360.png HTTP/1.1
Host: other.landerhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://other.landerhd.com/899979446
Cookie: XSRF-TOKEN=eyJpdiI6IlN1SUpCbWZaY01Qdnc1VHBaOCtmS1E9PSIsInZhbHVlIjoieE0xQUZPTTlOYlhOQ3FLZnYvUUFqZXhwblMyTXlMTTlPeWFFa28yaHVaTFZVZTd1L3FHbnVwaCs1TUp2eHQreitkTk93dnBrQjliaFFFY3RyYzlPdTJEUDdtU3Z2ZHpFZmU0NjFUTmhnRmlzbTRpTHRudEMxaTZ3eVpiZWQ0RXAiLCJtYWMiOiJjNDZlMmI0OWJiZTg5MjQxNjdjMGIzZjRjNTA0YmM5NDBkMmE2Mzk3YmYxMTliYzM3MDhiNTViNDI1MmQyOGJhIiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6IkJ6cmIrOHkranVRR1VnQlRMc1NIdlE9PSIsInZhbHVlIjoid0tCbFVyWGh6QU5aUFZMbHlZbEZUOVV2UGlBVjFwam13NjhOa1lTRTBRZkFhbXNQVWFXSW54T09HTnowZ0JSYjMrUUVEakduSnZIQmU5M0FkMzZ5MThTR3FFTG5aSXBsR3J6WFIxeUtqcmJKZWFFSWQ3eDh4UkdtenJQQm5vS3IiLCJtYWMiOiJmM2RiZGYzOWE5N2Q3MjUxMjZhYmYwYzZmNDFkOWUzMDljMTkwNDI1MTY3NDAyZGYxNDY0YjQ2MmViMzY0MzNkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
188.240.52.20
HTTP/2 200 OK
content-type: image/png
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:54:58 GMT
content-length: 38110
last-modified: Wed, 31 Aug 2022 12:57:34 GMT
etag: "630f5abe-94de"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
GET /landingpages/mcafee/os_versions.png HTTP/1.1
Host: other.landerhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://other.landerhd.com/899979446
Cookie: XSRF-TOKEN=eyJpdiI6IlN1SUpCbWZaY01Qdnc1VHBaOCtmS1E9PSIsInZhbHVlIjoieE0xQUZPTTlOYlhOQ3FLZnYvUUFqZXhwblMyTXlMTTlPeWFFa28yaHVaTFZVZTd1L3FHbnVwaCs1TUp2eHQreitkTk93dnBrQjliaFFFY3RyYzlPdTJEUDdtU3Z2ZHpFZmU0NjFUTmhnRmlzbTRpTHRudEMxaTZ3eVpiZWQ0RXAiLCJtYWMiOiJjNDZlMmI0OWJiZTg5MjQxNjdjMGIzZjRjNTA0YmM5NDBkMmE2Mzk3YmYxMTliYzM3MDhiNTViNDI1MmQyOGJhIiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6IkJ6cmIrOHkranVRR1VnQlRMc1NIdlE9PSIsInZhbHVlIjoid0tCbFVyWGh6QU5aUFZMbHlZbEZUOVV2UGlBVjFwam13NjhOa1lTRTBRZkFhbXNQVWFXSW54T09HTnowZ0JSYjMrUUVEakduSnZIQmU5M0FkMzZ5MThTR3FFTG5aSXBsR3J6WFIxeUtqcmJKZWFFSWQ3eDh4UkdtenJQQm5vS3IiLCJtYWMiOiJmM2RiZGYzOWE5N2Q3MjUxMjZhYmYwYzZmNDFkOWUzMDljMTkwNDI1MTY3NDAyZGYxNDY0YjQ2MmViMzY0MzNkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
188.240.52.20
HTTP/2 200 OK
content-type: image/png
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:54:58 GMT
content-length: 3073
last-modified: Wed, 31 Aug 2022 12:57:27 GMT
etag: "630f5ab7-c01"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
GET /releases/v5.7.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://other.landerhd.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
172.67.169.247
HTTP/2 200 OK
content-type: font/woff2
date: Sun, 04 Sep 2022 03:54:58 GMT
content-length: 74348
x-amz-id-2: 3/jdcpXI5+xJK7nwn8d2HdkJXJ8r1+io6huMQ4QXh7pg2id0g0n3j3YsvIgin01B5xYbhPbKRn0=
x-amz-request-id: JK0848QW7EBGRV95
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:46:18 GMT
etag: "462806316fea535a6a57651bc2b000b0"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 114668
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuDeKahzfdBjk6aWr65%2BKsmFLJ%2FQJEBtqptCUFX%2BVxB1%2BrvGuhJIq9WbgHG93g6tbY7xZHoj6sDUr7m4bd7kVFkVr7ehCNuz9HJhW1xWE3TYcAJyvildXFQV6035rGtmwq06vCVp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7453c973fa560b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
GET /landingpages/mcafee/bg.jpg HTTP/1.1
Host: other.landerhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://other.landerhd.com/899979446
Cookie: XSRF-TOKEN=eyJpdiI6IlN1SUpCbWZaY01Qdnc1VHBaOCtmS1E9PSIsInZhbHVlIjoieE0xQUZPTTlOYlhOQ3FLZnYvUUFqZXhwblMyTXlMTTlPeWFFa28yaHVaTFZVZTd1L3FHbnVwaCs1TUp2eHQreitkTk93dnBrQjliaFFFY3RyYzlPdTJEUDdtU3Z2ZHpFZmU0NjFUTmhnRmlzbTRpTHRudEMxaTZ3eVpiZWQ0RXAiLCJtYWMiOiJjNDZlMmI0OWJiZTg5MjQxNjdjMGIzZjRjNTA0YmM5NDBkMmE2Mzk3YmYxMTliYzM3MDhiNTViNDI1MmQyOGJhIiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6IkJ6cmIrOHkranVRR1VnQlRMc1NIdlE9PSIsInZhbHVlIjoid0tCbFVyWGh6QU5aUFZMbHlZbEZUOVV2UGlBVjFwam13NjhOa1lTRTBRZkFhbXNQVWFXSW54T09HTnowZ0JSYjMrUUVEakduSnZIQmU5M0FkMzZ5MThTR3FFTG5aSXBsR3J6WFIxeUtqcmJKZWFFSWQ3eDh4UkdtenJQQm5vS3IiLCJtYWMiOiJmM2RiZGYzOWE5N2Q3MjUxMjZhYmYwYzZmNDFkOWUzMDljMTkwNDI1MTY3NDAyZGYxNDY0YjQ2MmViMzY0MzNkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
188.240.52.20
HTTP/2 200 OK
content-type: image/jpeg
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:54:58 GMT
content-length: 129948
last-modified: Wed, 31 Aug 2022 12:57:28 GMT
etag: "630f5ab8-1fb9c"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 03:54:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "A82FA9FA394FD9411F112A671AB6C2597BB2721D"
Expires: Sun, 04 Sep 2022 14:00:00 GMT
Last-Modified: Sun, 04 Sep 2022 02:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2714
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7453c97438edb521-OSL
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 6163
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 03:54:58 GMT
Last-Modified: Sun, 04 Sep 2022 02:12:15 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 2345
Cache-Control: max-age=103852
Date: Sun, 04 Sep 2022 03:54:58 GMT
Etag: "63130b15-1d7"
Expires: Mon, 05 Sep 2022 08:45:50 GMT
Last-Modified: Sat, 03 Sep 2022 08:06:45 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 1178
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 03:54:58 GMT
Last-Modified: Sun, 04 Sep 2022 03:35:20 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 03:54:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /gtm.js?id=GTM-TRL5HN2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Sep 2022 03:54:58 GMT
expires: Sun, 04 Sep 2022 03:54:58 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46452
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 03:54:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 2971
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 03:54:58 GMT
Last-Modified: Sun, 04 Sep 2022 03:05:27 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
|
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 03:54:58 GMT
Last-Modified: Sun, 04 Sep 2022 02:45:48 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dP5SpFVr3cYLSKLFYceYMsepNpwlaVbdLno0qmYMFcg9jPtni8jNKg==
Age: 4150
|
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /PVZcgQpvam0j48ul3JxYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
search
44.240.207.158
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +b3q3Zr/cyjtBdcrrX5TtQkVjV4=
|
POST /api/v1/detect?token=HtazsqGCe7nkVaIHchA&version=0.1.20 HTTP/1.1
Host: botd.fpapi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://other.landerhd.com/
Content-Type: text/plain
Origin: https://other.landerhd.com
Content-Length: 21670
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.198.204.7
HTTP/2 200 OK
content-type: application/octet-stream
date: Sun, 04 Sep 2022 03:54:59 GMT
content-length: 313
server: nginx
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Origin, Content-Length, Accept-Encoding, Authorization, Auth-Subscriptions, Botd-Password
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://other.landerhd.com
x-amzn-trace-id: Root=1-63142192-4fe36b2c3ba1010a43af5b95
X-Firefox-Spdy: h2
|
GET /landingpages/mcafee/favicon.ico HTTP/1.1
Host: other.landerhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://other.landerhd.com/899979446
Cookie: XSRF-TOKEN=eyJpdiI6IlN1SUpCbWZaY01Qdnc1VHBaOCtmS1E9PSIsInZhbHVlIjoieE0xQUZPTTlOYlhOQ3FLZnYvUUFqZXhwblMyTXlMTTlPeWFFa28yaHVaTFZVZTd1L3FHbnVwaCs1TUp2eHQreitkTk93dnBrQjliaFFFY3RyYzlPdTJEUDdtU3Z2ZHpFZmU0NjFUTmhnRmlzbTRpTHRudEMxaTZ3eVpiZWQ0RXAiLCJtYWMiOiJjNDZlMmI0OWJiZTg5MjQxNjdjMGIzZjRjNTA0YmM5NDBkMmE2Mzk3YmYxMTliYzM3MDhiNTViNDI1MmQyOGJhIiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6IkJ6cmIrOHkranVRR1VnQlRMc1NIdlE9PSIsInZhbHVlIjoid0tCbFVyWGh6QU5aUFZMbHlZbEZUOVV2UGlBVjFwam13NjhOa1lTRTBRZkFhbXNQVWFXSW54T09HTnowZ0JSYjMrUUVEakduSnZIQmU5M0FkMzZ5MThTR3FFTG5aSXBsR3J6WFIxeUtqcmJKZWFFSWQ3eDh4UkdtenJQQm5vS3IiLCJtYWMiOiJmM2RiZGYzOWE5N2Q3MjUxMjZhYmYwYzZmNDFkOWUzMDljMTkwNDI1MTY3NDAyZGYxNDY0YjQ2MmViMzY0MzNkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
188.240.52.20
HTTP/2 200 OK
content-type: image/x-icon
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:54:59 GMT
content-length: 1150
last-modified: Wed, 31 Aug 2022 12:57:27 GMT
etag: "630f5ab7-47e"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 5835
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 03:54:59 GMT
Last-Modified: Sun, 04 Sep 2022 02:17:44 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sun, 04 Sep 2022 02:41:12 GMT
expires: Sun, 04 Sep 2022 04:41:12 GMT
cache-control: public, max-age=7200
age: 4427
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 03:54:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /modules.d5eb3c97b67a0b8958ff.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
143.204.55.96
HTTP/2 200 OK
content-type: application/javascript
content-length: 65509
date: Fri, 02 Sep 2022 09:50:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5a03435fb2b1019b1b00d7bc5c267f72"
last-modified: Fri, 02 Sep 2022 09:49:47 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OxWOQjdtVIVoEJ3ulnDrtuuR-fwCeDGTxPiSvdJi8xxbEo_mmJxxZA==
age: 151493
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 03:54:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Sep 2022 03:54:59 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S420018504%3A1662263699246100&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVNTCBwHyzC-DKDv7CEAuzZPLLvkvP2-Z7Pmq7laJypQNtvsUGVJkl73eiiC5xgUKyrhuj5
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-irfWT-XiiHuyLt9RrscewQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:0GySkiR8CACeKJ9MW29qlPvUtUC1_g:OS36IX9SaZ9WnPEZ;Path=/;Expires=Tue, 03-Sep-2024 03:54:59 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Sep 2022 03:54:59 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1894852716%3A1662263699259279&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmU2miKgvelo9xZ2p92dpg8UI0ThAutmyisakmMTbmuPvxnTHT3aAMGDA4gc7outxjw3HNHk
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-jsOu_t4A5EJpX5Z_sN5VLw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:ypv4IhxGYqR6xscgFTm1gdc4-lMRgA:1SmVdk73YNq2sZ8v;Path=/;Expires=Tue, 03-Sep-2024 03:54:59 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
GET /box-1ada912494ba7fc7aca15fcef1c2a7ae.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://other.landerhd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
143.204.55.118
HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Wed, 13 Jul 2022 08:33:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified: Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Dg3RJimakwI1j18RwJjpdhGhfCEl78dob6FRQt0X6NIGgr9Dgh5gSQ==
age: 4562513
X-Firefox-Spdy: h2
|
GET /v3/signin/identifier?dsh=S420018504%3A1662263699246100&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVNTCBwHyzC-DKDv7CEAuzZPLLvkvP2-Z7Pmq7laJypQNtvsUGVJkl73eiiC5xgUKyrhuj5 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
216.58.207.237
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 04 Sep 2022 03:54:59 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-5NN2J13ZBNc0Vkce7VjD_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=V-NkeUl4rBpXZYjl9gYC9y9FlPUgRW8FIoft8j87lufBEMUoRsrO_4jmMt2Xb1nmiYp08164Ld3YMD6AMxP_50GYp6DgB3nrwPRnjW8SGCTmlrj6OL9qVCxVTFGdI_2rs03_2jgZepI6TS7vxArw5jactLttHtj66U6gCCunX20; expires=Mon, 06-Mar-2023 03:54:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 4316
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 03:54:59 GMT
Last-Modified: Sun, 04 Sep 2022 02:43:03 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 03:54:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-165133312-2&cid=1834756651.1662263696&jid=1111743696&gjid=1001252301&_gid=1538719023.1662263696&_u=YEBAAEAAAAAAAC~&z=1622410457 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://other.landerhd.com
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
142.251.1.155
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: https://other.landerhd.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Sep 2022 03:54:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 03:54:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /smartlink-css/63142191fbc47b1b1b0407df HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 352
Origin: https://other.landerhd.com
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
188.240.52.20
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:54:59 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IkVDMXZrbTFYWSt0ZTF3cTBJeHZqOEE9PSIsInZhbHVlIjoicDJEa3VoKzFWVDhReDdvOEZtcTdNU3FLeUxlNXBHQ2hUWmhvS2tiZW5KeEo1cFcyLzd5NVNHcnRIbUtwektTL1lNdExGN0NuWEp2KzIrZFB4TVRXTWwyRHl2ZU50ZnBOSmo5WHZhTlRZMmt0Mm9wNm1jM29ReVFqLzRISUJ5V3ciLCJtYWMiOiJhZmRlMWRmMmJhYjBkNzU0MmQ1ZDc4OTc5MjUwYjk3YTEzNGI3NmE0ODdjM2MxMGZkYjIzYjMwMWE0NjMwYTI0IiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:59 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IllhVVh5Rk5Yb2w1S2JkT1FibFpWWkE9PSIsInZhbHVlIjoicFhLalRTL3hKVmRvaWlob25XZXdyL2ZMYnR6SXVKaWRYZFFmdkxGVjAxT2s1WFRlWEN5YWdFbVJ1ZlJVaXFGZVhENWlhVThxUjBqWjFqVm53Q3hZcVpUeUtqQWh5NmNuN0p1ZEl5TERvZndrNUpmTFdzTWMrYlRyWUpwQTlMNjUiLCJtYWMiOiI2YTdkN2ZlOTMxMThmN2E0MWMzN2Q4YjZjNTM1YzY0YmY5ZWFiNWNhNmZlYjQxZGU3ODFiYjNmMmIyOGI1ZTVkIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2336
Expires: Sun, 04 Sep 2022 04:33:56 GMT
Date: Sun, 04 Sep 2022 03:55:00 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2336
Expires: Sun, 04 Sep 2022 04:33:56 GMT
Date: Sun, 04 Sep 2022 03:55:00 GMT
Connection: keep-alive
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 5652
x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwHErUIAMFmNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oU-qOKW_Jy8MV0HLQWofKsOi_qseUcyZRoP5LoyLsCclpCgf6NHiBA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 22:02:43 GMT
age: 21137
etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 8688
x-amzn-requestid: 1c5fbc89-8ce8-4792-b713-f2c0ceeab737
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wifFJYoAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7a9-214311e155c661ff77d89906;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wd9SF3txQNTVUaSPcKQ_nQfPt1pBjFbuHzSZiQjfbGBSb-i7J8Rgjg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:44:29 GMT
age: 22231
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9690
x-amzn-requestid: 614c99f8-116a-4603-bcde-3fbd5bfa14d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wx1HInIAMFiYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c80b-25c09c3227d72395408782f0;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5_jCLvdAC-XR-ax3RUbbx9275KPwACOPtAMxSbmv-aP-Lra4sC5zvw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:51:41 GMT
age: 21799
etag: "babb88202741bbf2d4fd25e0731a4a7a6fcc28f8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c475e9b-fa82-4942-8a4a-d6d3f5061558.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10713
x-amzn-requestid: d546a12c-c549-4ad3-80ad-6bad452927d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5winGzHIAMFTPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7aa-2060c6611eb4abb777cc17a8;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnd2mdQQcKzRP5RAJXmcJUSmO_AnlUgVrkT5tBR38PtfK_bThFBTtg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:47:53 GMT
age: 22027
etag: "383a0661fa09d9b48745b507389d0505303b6182"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87cad5e1-a1b5-47c6-9dc3-339735fecc60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 6129
x-amzn-requestid: 93447f39-3086-4613-8d08-5c766fb52a16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5xR7GuyoAMF0DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c8d8-7f2c8d6d0edee0d05a3f8a72;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6IvNAKj8WXAxkIgrqalpdeYP18ZN8DfAlt_8Q54Wob-pWr6mpZILGA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:47:09 GMT
age: 22071
etag: "87d4277c53e3320b8f0f9e564c112ade8e6fa8d9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1814521f-0914-48f7-8ea7-8c2d8155c055.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10147
x-amzn-requestid: 7c2c3756-fc7b-4386-8c88-f1b42beed37a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxLzHEAHoAMFV8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631059ad-063448962d443e107716b726;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 07:05:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZGR4HPl3KOfSdZzialXKeNrH_DzJzUvyLlwFtx0MQOp0VNsOtdC-bg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 16:25:21 GMT
age: 41379
etag: "19288de373e2bc69a51c9e0c6f49f5cf4e0d8759"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5MDcyMCIsImxhbmRlcl9pZCI6IjEyNSJ9&click_id=whdqprkoaujinrpii3413k9c&subid=9dd1b15d-f028-4d41-b731-bec13c85ae61 HTTP/1.1
Host: 0ee06.trknovi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
|
search
188.240.52.20
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:54:57 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImhKNTZoYWFhS0ZvMTJuQ2dSbUpnSkE9PSIsInZhbHVlIjoiY25SckJWRHkvYnNGR3g5VU9CWnV6bDJibUpIeTA5QWZmRjhINlRRTXpmbWR6endYWEVDQ0V6OGgzZlpocUZIWDl2MHhrRHIrNnZPY2NySGxkbXJPbjlkSTZudnByallFVXFhYlZDZE4ydFFrU1lKbjZmeDR2bWUzY29sVlgrWTUiLCJtYWMiOiI5OGExZjlmOTM4NTQ5NmNkNzIzOTg3YThhYTdhYTBlZmIyNDQ4OTQxY2YxNzNmNTRkZTkzMjM5Y2RhMDRlNGJhIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:57 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IkJwZ3J4bUhPcWE1N3NxNEJlZTNRYUE9PSIsInZhbHVlIjoiUUVLNmVCL1lNVUpkT3cvSHNWeFFUNEswS2dHVlN0S2hoUWdSYmY3cmJKbDlpa0RIWXBMNEJhQkYyMVV4NjdoRmpGd0hPWW4vdS9QYW81UjROd0FuMEh5cldlaDlzWDVTdzNwV1UwZUpHOUVjZDJ1UDE5ZWlPcURTT0VLWnNKaEgiLCJtYWMiOiIwYzFjOWMxZDY2N2E2NThmNTY0YzZkMjQzYjVlZTIxNGJhZjRkZmY0YTI2ODBhNzc1ZDQyMWZjM2IyMTE3ZTMxIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:57 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://other.landerhd.com
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
172.67.169.247
HTTP/2 200 OK
content-type: text/css
date: Sun, 04 Sep 2022 03:54:58 GMT
x-amz-id-2: 5NP8+xqRh1FzZXuC3zm1osHKfH9eWYVU3hULOnty9foAbYVoWS+RrTgF3GpHTQPZ4zo7NrfhwaQ=
x-amz-request-id: FGM1ZV7T0WW9J2JQ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2203389
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ezsl5vh5PTPEeKkQWDYlguIUNrg%2Fp4AtIwUVrbE4XQChvevg5ZoVbvPwZDted1dFLvJJeGq4peK4CziG4Yi3HNXhZsGvyG3d%2BmqHmnmz0GiwbgAPjJU8W3Z%2F%2BE7UE9Ap1RyCqNXv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7453c9736a160b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /smartlink-css/63142191fbc47b1b1b0407df?sop=2&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://other.landerhd.com
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
188.240.52.20
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:55:00 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IllCb09iU1NMaktMWEFHdkNnNE1MR3c9PSIsInZhbHVlIjoicjdLMy9uYWNJS0UyZXN6OXp2eTV4Q0drQmlyY1c4NU1qS3lrVXJqWXZHTHBqQ1FUZnVxaUtzTURGVndISEtWbklGaTZFbDVIMmN6c0dRdGhaZ0RUbUF2OWlwV0cwSzEzM0l5MFFJNWdnZDhwOXlxOGR5WUpyeStpYi81ai9oaWoiLCJtYWMiOiJlMGJmY2NiMzcwMmYxMzYyODE3Njg0OGIxOGZmNTY0ZWZkZDdmNGE3NzNlMGNlMDM3ZDJhODYxN2ExNjEyMzFiIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:55:00 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6ImRRVVNya2NIdW4yaWxHS1ppdklSL3c9PSIsInZhbHVlIjoiZk03U3RtVWw3eWhIdW95K3JUanh0aUdrcDM0RHljVnIrclBYUjQ3SnJFY2w2LzdkNnhEeFd2TUlqay82OGgrYUs2OFF6NlI2ZDd3QXhsdGVJcS8wNXFFTVNoNEdrbjErNjFpTHNpTHJKZDA2Sk1JRlptSDVqSldwN1A4bVNzd08iLCJtYWMiOiJhYzZkZDA1OTg4Yzg5ZWQxOWUwNTk1NTI5ZmVmZmM4YzgzODE0N2NjOWZlMDAyN2ExOTI5NWE4YjcyZGU0ZDQ4IiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:55:00 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /smartlink-css/63142191fbc47b1b1b0407df?sop=3&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://other.landerhd.com
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
188.240.52.20
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:55:01 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IjhieVREMFVwb2p3T0t0TVFESTV4Umc9PSIsInZhbHVlIjoiZW5ISkNEdW0vS3pWaDRNN0ZUQS94RzFQeVI4TzdqaUJaUUFPSHJnNmh4bHZobjdVZ1B1THMzNFFQdHRHeWhwcE9GWHdDVFlaWmFBRHFFQ2pvZjkwanRFdUJtR1M5ak9EdXM4UVBFMTZXVFlicEZnYWJ3bDVJaHFobUI0RDQ1VEgiLCJtYWMiOiIwYjI0ZTMzOTllMzFjZTBjN2RmZjQzNWNhMDU2MThiNTBhOGU5N2FhYmYwNDc0YjY2N2E4YjllNDBhZjY0OWEzIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:55:01 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IkdiOG8wd3N6YTFLVFFDaDUwd28vc1E9PSIsInZhbHVlIjoiM1BVRnphTDFwWmRxbXBFNGpzNGZqR0ZHSXM2TGtoRDVqUXJEQWVTcE1LSXpyUTFJcEJQOXZveHdYcWpOQkFacHNCakNDNzFnYi9pdjhsS3BuY3hIM01IN2ZBamM5Yzd1UUpXOTNLclpXMjI0azdNV1k5c1BZNmU3dElYdVI0enAiLCJtYWMiOiI2ODE5NDM3YzhjMTQyYTcxMDk2OGQ2OGRiZmE2YzM1OTIwYTc2M2UwOTc1M2ZiZDRhNWVhNjVlOTZhMTQyNGZlIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:55:01 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /de/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico HTTP/1.1
Host: www.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
35.186.224.25
HTTP/2 302 Found
date: Sun, 04 Sep 2022 03:54:58 GMT
x-powered-by: Express
set-cookie: sp_usid=b505dffe-7aa0-482a-bbc6-758162820616; Max-Age=1800; Domain=spotify.com; Path=/; Secure
sp_m=de; Path=/; Domain=.spotify.com; Max-Age=115516800; Expires=Sun, 03 May 2026 03:54:58 GMT; Secure; HttpOnly; SameSite=Lax
sp_t=8d1a1cd2-7464-49fd-b5ae-179398f55c42; Path=/; Domain=.spotify.com; Max-Age=31536000; Expires=Mon, 04 Sep 2023 03:54:58 GMT; Secure
sp_new=1; Path=/; Domain=.spotify.com; Max-Age=86400; Expires=Mon, 05 Sep 2022 03:54:58 GMT; Secure
sp_landing=https%3A%2F%2Fwww.spotify.com%2Fde%2Flogin%2F; Path=/; Domain=.spotify.com; Max-Age=86400; Expires=Mon, 05 Sep 2022 03:54:58 GMT; Secure; HttpOnly
location: https://accounts.spotify.com/login?continue=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico&_locale=de-DE
x-join-the-band: https://www.spotify.com/jobs/
content-security-policy: base-uri 'none'; connect-src https: wss:; form-action https:; frame-ancestors 'self' https://*.spotify.com https://*.spotify.net; object-src 'none'
sp-trace-id: bbc9de21d7e417a5
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /smartlink-css/63142191fbc47b1b1b0407df?sop=1&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://other.landerhd.com
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
188.240.52.20
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:54:59 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6Ik8ycHZWVHBEaWV0ejZRaVhvYURQTnc9PSIsInZhbHVlIjoieXVMSkpuZng5ZWtKSDVibzk5c090YUUremJZcjV0YnRjUTJFakRFY2Iydis0Q0pXSVQ0QTFNWlBZNWZyYS9MeFJMOUd4cXNJUnZmbWtxeHpsczBZQzRFSURhdm1KOUtFcGEwSEtlTTFDRWdKY2xuSEhjY0FiWFlld1pvcWdtdVQiLCJtYWMiOiIyZTIwN2NjYzFjYzAyMjQyMmRiODNiMTU5OGVkNzUwOTg1ZTM2NjFkYzZlOTU5MTZmYTUzOWI5ZWY3OGU1YjBiIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:59 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IlFyMU9xL1M3QUgzV1QwcjBkblZ4ZkE9PSIsInZhbHVlIjoiRnNjaWRkV090cXo0TW14NXY4L2lveUhjOE5YSGJpZEE1ODJ2eElUSEppOFpnRDhUUTcxejloTC85VTdNaWpGcm9DTUJySjJwNTJZMWVCSTFQQmFUTUdLMjBOcmMySzhoT0JXZE1ISTQzUkxrZ3FRcS9YOWVqQVl1SEpKQzlsU3AiLCJtYWMiOiIwOWM2ZDNhMTAzNDgxZjVhYzgyM2JhZWM4ZDU3YWExMWIyNTllZDJkOWU1MTMyMWMxNzlkNGYyYzIwM2I1MjA2IiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
--- Additional Info ---
|
POST /api/v2/client/sites/2841648/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 130
Origin: https://other.landerhd.com
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
 54.170.132.149
HTTP/2 200 OK
content-type: application/json
date: Sun, 04 Sep 2022 03:54:59 GMT
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /smartlink-css/63142191fbc47b1b1b0407df HTTP/1.1
Host: 0ee06.trknovi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0ee06.trknovi.com/smartlink?track=eyJ1c2VyX2lkIjoxMzc5LCJjcmVhdGl2ZV9pZCI6IjI5MDcyMCIsImxhbmRlcl9pZCI6IjEyNSJ9&click_id=whdqprkoaujinrpii3413k9c&subid=9dd1b15d-f028-4d41-b731-bec13c85ae61
Cookie: XSRF-TOKEN=eyJpdiI6ImhKNTZoYWFhS0ZvMTJuQ2dSbUpnSkE9PSIsInZhbHVlIjoiY25SckJWRHkvYnNGR3g5VU9CWnV6bDJibUpIeTA5QWZmRjhINlRRTXpmbWR6endYWEVDQ0V6OGgzZlpocUZIWDl2MHhrRHIrNnZPY2NySGxkbXJPbjlkSTZudnByallFVXFhYlZDZE4ydFFrU1lKbjZmeDR2bWUzY29sVlgrWTUiLCJtYWMiOiI5OGExZjlmOTM4NTQ5NmNkNzIzOTg3YThhYTdhYTBlZmIyNDQ4OTQxY2YxNzNmNTRkZTkzMjM5Y2RhMDRlNGJhIiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6IkJwZ3J4bUhPcWE1N3NxNEJlZTNRYUE9PSIsInZhbHVlIjoiUUVLNmVCL1lNVUpkT3cvSHNWeFFUNEswS2dHVlN0S2hoUWdSYmY3cmJKbDlpa0RIWXBMNEJhQkYyMVV4NjdoRmpGd0hPWW4vdS9QYW81UjROd0FuMEh5cldlaDlzWDVTdzNwV1UwZUpHOUVjZDJ1UDE5ZWlPcURTT0VLWnNKaEgiLCJtYWMiOiIwYzFjOWMxZDY2N2E2NThmNTY0YzZkMjQzYjVlZTIxNGJhZjRkZmY0YTI2ODBhNzc1ZDQyMWZjM2IyMTE3ZTMxIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
188.240.52.20
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:54:57 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IkhNUlY2alRiZEVJaGNOVEJvZDAzL1E9PSIsInZhbHVlIjoielo3LzRGUDhESzdsMk5mWW5tWVVvZzlqZm0vNjFVeXVqMTJ1OWkwdGdJbTdUNEVpd0JNYkJ5UFNBbWU1dEVJYU83dFc4RU9ZNjJrOHM5T1E4NS84NjZweWROME10T210cWpLVk53bTNEOXZiclkvc09hVmQ5bDZVZGd5VHBGL0oiLCJtYWMiOiJmMTFhNzM1NWE4MWJjZGEzNDFkNzQyZDM5YTlhNDY0YmU1MGIwMzBhMGFhM2Q5NGI4M2QwNTA0OWU2YzE4MDdhIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:57 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IkovTnJRdTZIK2xZeDNVRFVyZTl6cXc9PSIsInZhbHVlIjoic2YvRDQwdUV0VExkVC9YWlpQZXM1SFNGRWNFSk1vKzJjOWpQQmR0S2lieVZBeGJkcDNWOXNTV2RhOVNyOFpMVkpJYlFkK3pKL3IwS1U4S2pEQ1BjLy9GakF0M2tkd2tUQVYxY0g4NWN4K2J6bXlMakdLblhTTFNBVFFnZGFYYXoiLCJtYWMiOiI0OTBmZjYwYjlhMzA0MWM4N2QwZmU2ODM5MTYzM2I4N2EyMjc4YTBjZmM5MWZmM2RjZTBhNWRhMDdlNDc4MmY4IiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:57 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /login?cont=https%3A%2F%2Fwww.dropbox.com%2Fstatic%2Fimages%2Ficons%2Ficon_spacer-vflN3BYt2.gif HTTP/1.1
Host: www.dropbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
162.125.71.18
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache,no-cache, no-store
content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client 'nonce-2938dDILt4C2/9EXKZyS' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-2938dDILt4C2/9EXKZyS' 'nonce-Cw/FJRkhHcjDgDN+6dmX'
referrer-policy: strict-origin-when-cross-origin
set-cookie: gvc=MTk0NDM1OTQ4OTkxNjM2ODg1MjI5NjI1MjczNzk0MjUyMjQ2MzQ3; expires=Fri, 03 Sep 2027 03:54:58 GMT; HttpOnly; Path=/; SameSite=None; Secure
t=pFHtal3p2GzXBAtst3WH6Q_1; Domain=dropbox.com; expires=Wed, 03 Sep 2025 03:54:58 GMT; HttpOnly; Path=/; SameSite=None; Secure
__Host-js_csrf=pFHtal3p2GzXBAtst3WH6Q_1; expires=Wed, 03 Sep 2025 03:54:58 GMT; Path=/; SameSite=None; Secure
__Host-ss=vp_E-kkMPk; expires=Wed, 03 Sep 2025 03:54:58 GMT; HttpOnly; Path=/; SameSite=Strict; Secure
locale=en; Domain=dropbox.com; expires=Fri, 03 Sep 2027 03:54:58 GMT; Path=/; SameSite=None; Secure
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-server-response-time: 211
x-xss-protection: 1; mode=block
date: Sun, 04 Sep 2022 03:54:58 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 0111c5677fb34fb8a465415fa16a4c5c
X-Firefox-Spdy: h2
--- Additional Info ---
|
POST /smartlink-css/63142191fbc47b1b1b0407df?fingerprintid=9e4947f35751465411fd1a4f5c358c78 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 22286
Origin: https://other.landerhd.com
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
188.240.52.20
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:54:59 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IkZLdjF5WXliMEM1Ymd5TmVWZVBQemc9PSIsInZhbHVlIjoiREdnMW5zeXhQNW1Bb21pK3hEOWFpQm5WWFdKZ1JEaFhBeGZzN29mTk93OHhmaE9pMHpJc0VXRlNkQlFpRVQ4OVo3K3FUeGVRV1g0Y2o5cXBXaSt4OVMyWEFoSTF2UnZRZjBTaVRUWWxWNnFTdDUxR3hsTGIwdnhVckZhakRySmQiLCJtYWMiOiJlZmYxMmE3YmZjN2ZiMGUyYTMwMDM3MTBlYjcyZTIzNzI4YWY0YTdjNTZkNGQ0OTI3MmRkYTBjMjA3OGIzNDJlIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:59 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IjN1WEZORFlQZWZYV0xwS2JqNU9pUHc9PSIsInZhbHVlIjoiUDhxOVZuZmcyWEIvenV4N2MweVhUY1FlMTN4N0dzMENoMWtLdFRERkRvWURFUWdqWEUzOEhMc1Q3Wm5kUVFVTy9pdWh1QWpDWXcybURxNmF4RnZDZjJxZXlGRkZvSHlOQ1JhMFYreDI3b2RJTC9Yd0Q1cXFHZ2kxV0Y5OTcvKzQiLCJtYWMiOiJjMjEyZWY2YTFmNmY1N2FiZmI5N2RmMmU5ODIxNzdkM2I4ZTkyMDc3NzFlNjA2YmNkMjNiYzFhNTEyYTg5YmFhIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|
GET /smartlink-css/63142191fbc47b1b1b0407df?sop=6&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://other.landerhd.com
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
188.240.52.20
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:55:04 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IkgvRUYzeHFPUi9FVkt4ejFKdlhSSGc9PSIsInZhbHVlIjoidVM2VEp0aEJrMlI2cEg5U0p4NVJkTy8xeUlOQ1lORmh2NFkvV0M0dkk2bVZpcXBKS01QVUdqWWFoYmdVM3cwWmJZYTF6a1JSZ0xxcjdlR1BvaE9DTjhNS2RaenYwZ1IzZHhzWXdkdTR1Qk4veFJ4K3d2TEFwUFZ3cE1rTjczeDkiLCJtYWMiOiI0OGRmMTdjYWZkOTQzZjhmMDI2YWU0OWM5YTg4OTU0ZmNlYWQ3NzZmYTU4NTFjMWU2ZmJmYTgxMGVjNjlhMDM2IiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:55:04 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6InlsYlMrUDE3SzJaUmMvSWFkdGgxdXc9PSIsInZhbHVlIjoiMFRlMjFxaGZEOWFOaDBMRjFuZm1ZeVMxRHRnOW0wQnFTeENGWS8rZ1FVblpGclpFYUxvZFdUbDRLQmZ3WDFiOUJJTlZtbGFLK2hUbG9vamxKdnlmSUEvTEt4blo4bjBHalBqNXdSc1RqUi9IaGlOVWFMT1l6ejFaU1F5MFdZTVEiLCJtYWMiOiJjYmZhZGRkMzA1Yjc3ZjRhZjdjOTA3MTUzYzFmMTY4OGU1MWYzZmU0OThiNjdhM2Y0NTYzNmQxMzFiNmZlZDk2IiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:55:04 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /smartlink?mongo_id=63142191fbc47b1b1b0407df&mongo_grouped_id=63142191fbc47b1b1b0407e0&redirect_url=https%3A%2F%2Fother.landerhd.com%2F899979446&fingerprint=eyJ3ZWJkcml2ZXIiOjAsImhlYWRsZXNzIjowLCJjaHJvbWUiOjAsIm9uTGluZSI6MSwiY29va2llRW5hYmxlZCI6MSwicGx1Z2lucyI6MCwibWltZVR5cGVzIjowLCJzY3JlZW5XaWR0aCI6MTI4MCwic2NyZWVuSGVpZ2h0IjoxMDI0LCJvdXRlcldpZHRoIjoxMjgwLCJvdXRlckhlaWdodCI6MTAyNCwiY29sb3JEZXB0aCI6MjQsImRldmljZU1lbW9yeSI6MCwiaGFyZHdhcmVDb25jdXJyZW5jeSI6MTYsInN0YW5kYWxvbmUiOjAsInRpbWV6b25lIjoiVVRDIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxhbmd1YWdlcyI6WyJlbi1VUyIsImVuIl0sInBsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidG91Y2giOjAsImlmcmFtZSI6MCwiZXZhbCI6MzcsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwib3ZlcnJpZGUiOjEsImR1cmF0aW9uIjo1MH0=&js=1 HTTP/1.1
Host: 0ee06.trknovi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkhNUlY2alRiZEVJaGNOVEJvZDAzL1E9PSIsInZhbHVlIjoielo3LzRGUDhESzdsMk5mWW5tWVVvZzlqZm0vNjFVeXVqMTJ1OWkwdGdJbTdUNEVpd0JNYkJ5UFNBbWU1dEVJYU83dFc4RU9ZNjJrOHM5T1E4NS84NjZweWROME10T210cWpLVk53bTNEOXZiclkvc09hVmQ5bDZVZGd5VHBGL0oiLCJtYWMiOiJmMTFhNzM1NWE4MWJjZGEzNDFkNzQyZDM5YTlhNDY0YmU1MGIwMzBhMGFhM2Q5NGI4M2QwNTA0OWU2YzE4MDdhIiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6IkovTnJRdTZIK2xZeDNVRFVyZTl6cXc9PSIsInZhbHVlIjoic2YvRDQwdUV0VExkVC9YWlpQZXM1SFNGRWNFSk1vKzJjOWpQQmR0S2lieVZBeGJkcDNWOXNTV2RhOVNyOFpMVkpJYlFkK3pKL3IwS1U4S2pEQ1BjLy9GakF0M2tkd2tUQVYxY0g4NWN4K2J6bXlMakdLblhTTFNBVFFnZGFYYXoiLCJtYWMiOiI0OTBmZjYwYjlhMzA0MWM4N2QwZmU2ODM5MTYzM2I4N2EyMjc4YTBjZmM5MWZmM2RjZTBhNWRhMDdlNDc4MmY4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
|
search
188.240.52.20
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:54:58 GMT
location: https://other.landerhd.com/899979446
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IkR5WFp1emF4TFBLS0IxbGE2dEdnSlE9PSIsInZhbHVlIjoiekJ1azdDRXQrbnI3bUFsUFNQejBJdUZBMHlLcWw3QkdERHlvV0tpQ2hBMXZvV28zdXJvSFZXRzB6aGJHamRkYVV0aDZzMjA1a1Y4cnNHQkYzRXllZ0NUV3BPSGY2K2dtNnRsNk1jV3djRDNiTk1nZVZEd2l6cFJuMFhWQlR1b2MiLCJtYWMiOiJhYzk5OWFkOTUwZDhkYmY4ZWQ1ODVlNGQyYmYzNDBjM2M0MTRmMDE0YjNjYjE0MjcwMzA4YmM2NzZhNzRlZDc3IiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:58 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6Imh4K0RRcHgwSG9vU25qWGlGbTV5enc9PSIsInZhbHVlIjoid0w5NXZtMjcrYUJQWU5HSGNtdUZKd1dWSUtHcXpMbFdpYXdXVTYvR3hHOUMrcmh2STFuMldEWGxoQXA4V0U1eVRJaG9XbGUwa3NwN2xHOUhUL3ZCb2UyVWZUTUpJTnpHbUxtM0JVUTRqYkR5cTRkMUVuUWtZbTdCbmpvdWh6MisiLCJtYWMiOiJiYTdkNGVhZWFlZDAyNWNiNjg1NzA5YjIwNzg5NjRhZjI5NTEyNjkzMDhjNzIxZGIyZjI0MjExNDE4NTYzYzA2IiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:54:58 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /c/hotjar-2841648.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
54.230.111.8
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sun, 04 Sep 2022 03:54:44 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/9ff89682c1392d5ae031fb9fa7247cb9
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NApVGLAHdWXU_tfrsSbZ556_YNgtGEUXWayZEc5QRofnJrxUqWSD4Q==
age: 15
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
31.13.72.36
HTTP/2 200 OK
content-type: text/html; charset="utf-8"
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
x-fb-debug: 7/Ozqmafqk9dPQcr4vcIVOEdriLSbJdvsEnqaWhI7i3zfzTscQoFafg+Xbwd6C9qg9eOcGC1CHz5R9wPG4gIZw==
date: Sun, 04 Sep 2022 03:54:59 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /smartlink-css/63142191fbc47b1b1b0407df?sop=4&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://other.landerhd.com
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
188.240.52.20
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:55:02 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IlNXNXBQWFIwcDNUQ2pqc0tjb3lFTWc9PSIsInZhbHVlIjoiV0lxeERRQWR6NklLTnhZWndUME5qNWo1ZDFJZWllK2ZDNUxjcXZtMk5oWVhsak5qWW1yNGgvQUREeWhYSGovZ1psend2bkNhQmtUKzJpc1BNcFhrTFdiRzZOQ1p4MEVGcXc0OS8rTXFCbkVhUlhsMHc1eWlCd3IremVpU1lORnEiLCJtYWMiOiIwZWVhOWE0YzAxOTZlMGE5NjY2OTVjYWFkMGQzYjYxNmI3NmIyMDEwNGI5YTY4YTllZDZkOWViYWExYmNiNzQ0IiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:55:02 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IlBYYTh6ZVQvckZwL05jVDZ3dWpLRWc9PSIsInZhbHVlIjoieGk4ZWdyMm9wNCtMVHJPbkJRSllLTEtQV0pacS9HNjdSSjYwVkR1NnVTZm5JM3NhNkV1am45dnVQL1psM0tHeElVb2gyMnJDOXBVcFQyK1FwVjFZeEMrd1hHVEgwYUo5ak9TejdPRUtwU05mRFRubjZEVXBYWU82azZKaHlMUXUiLCJtYWMiOiIxODgyOWRiMWQ0ZGM4M2ZmMzEyODE1ZTRhNmNiMTM4MWY1MTk3MTA0MzA0MjI5OTczODlhYzA3MmY3ZDdhNzFiIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:55:02 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /landing-interaction/899979446 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://other.landerhd.com
Connection: keep-alive
Referer: https://other.landerhd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
188.240.52.20
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx/1.19.10
date: Sun, 04 Sep 2022 03:55:06 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IkVQYmZhK3ZmbU12dkhUTFBvN3ZpWlE9PSIsInZhbHVlIjoiRTdmMU1VVXNKU3VGNS9mejNlVVBqbE5DUE5zR0RpVXJROFBrMC9tbWxxT3BVUnB4K24xdGN5TDJHK1ZkbWJKVCthdXFBODV2djFsUGUyd0dhSm12TmFmeWNqWW1wbS82S3llbVZrcVRCa0J5TW8vNnBjeTNpTGluOHRsaytCNTciLCJtYWMiOiI0MTBmMTU4YzJkZGMzNDA0YzA5YjFlMWI2MzIzOWRhMWIzMTdhMTMwZTljZmQ4YTI5OTNlYWI4NDY5YzA2NmI1IiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:55:06 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6Im9Qck5TZXllWU40WFhPUHdtaWh0Qnc9PSIsInZhbHVlIjoiLzEzUVcrY0lHbGo1ZDVGYXVGN2Z2WHNaUUVIV05UUnlxVUc5eC85c3FJNm5IV1d6dzYyeWdPQ0ZMMFRLWkVQWDBtdlYya1hqdVUvaEhYN2NUY0ZkQ3p1MkZiV2FacEVIMWMrTGVucis3QnVxS0tHK2JiUlpncVJOL3J4UEVnejgiLCJtYWMiOiI5NTViZGIwMTQ3ZGFiYmQ1MzE3OGEwMmQ1ZmE1NjY2MTMzN2Y2YTRjMGRkNmUyYWQ4M2FlYWZiYTVkOTljZDhkIiwidGFnIjoiIn0%3D; expires=Sun, 04-Sep-2022 05:55:06 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
--- Additional Info ---
Alerts:
Blocklists:
- fortinet: Phishing
|