Overview

URL matelly.com/
IP3.64.163.50
ASNAMAZON-02
Location Germany
Report completed2022-11-25 09:31:29 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-25 2 matelly.com/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (25)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-25 05:51:47 UTC 34.117.237.239
mnemonic passive DNS dan.com (4) 27401 2013-05-26 00:22:42 UTC 2022-11-24 14:41:42 UTC 3.70.113.20
mnemonic passive DNS ocsp.pki.goog (6) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
mnemonic passive DNS js.intercomcdn.com (2) 2440 2020-07-20 12:22:33 UTC 2022-11-25 06:04:21 UTC 143.204.55.80
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-25 06:07:43 UTC 142.251.1.157
mnemonic passive DNS www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-25 05:54:26 UTC 142.250.74.164
mnemonic passive DNS matelly.com (1) 0 2016-01-02 19:54:22 UTC 2022-11-14 15:06:01 UTC 3.64.163.50 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-25 06:03:02 UTC 34.102.187.140
mnemonic passive DNS widget.trustpilot.com (1) 6018 2017-09-05 07:45:53 UTC 2022-11-24 22:25:16 UTC 143.204.55.80
mnemonic passive DNS cdn3.dan.com (5) 95121 No data No data 143.204.55.5
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-25 06:21:31 UTC 142.250.74.174
mnemonic passive DNS fonts.intercomcdn.com (1) 59711 No data No data 54.230.111.87
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
mnemonic passive DNS cdn2.dan.com (5) 96184 No data No data 143.204.55.5
mnemonic passive DNS widget.intercom.io (1) 2417 2020-07-20 12:16:46 UTC 2022-11-25 06:04:21 UTC 54.230.111.119
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-11-25 05:54:34 UTC 142.250.74.3
mnemonic passive DNS r3.o.lencr.org (6) 344 No data No data 23.36.77.32
mnemonic passive DNS cdn1.dan.com (8) 88667 No data No data 143.204.55.5
mnemonic passive DNS cdn0.dan.com (6) 98973 No data No data 143.204.55.83
mnemonic passive DNS www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-25 06:34:38 UTC 142.250.74.168
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.191.210.155
mnemonic passive DNS api-iam.intercom.io (1) 2892 2018-11-02 22:54:36 UTC 2022-11-25 06:04:22 UTC 34.202.228.243


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 3.64.163.50

Date UQ / IDS / BL URL IP
2022-12-01 02:04:40 +0000
0 - 0 - 1 pro-line.co/desj.zip 3.64.163.50
2022-12-01 01:48:35 +0000
0 - 0 - 1 despots.xyz/ 3.64.163.50
2022-11-30 15:43:30 +0000
0 - 0 - 1 politelyfuckyourself.com/ 3.64.163.50
2022-11-30 07:24:28 +0000
0 - 0 - 6 www.10-euro.com/nvp4/ 3.64.163.50
2022-11-30 03:51:19 +0000
0 - 0 - 1 pizzatoo.com/invoice/microsoft.new.zip 3.64.163.50

Last 5 reports on ASN: AMAZON-02

Date UQ / IDS / BL URL IP
2022-12-01 10:30:11 +0000
0 - 0 - 1 braokeextrefore.com/7177936e-7e87-4662-8b42-9 (...) 3.124.99.72
2022-12-01 10:27:49 +0000
0 - 0 - 10 mindfulness-news.org/ 54.250.33.196
2022-12-01 10:26:58 +0000
0 - 0 - 5 igamenest.com/ 18.133.177.169
2022-12-01 10:24:18 +0000
0 - 0 - 1 braokeextrefore.com/c04bf79f-0241-416e-9d76-3 (...) 3.124.99.72
2022-12-01 10:21:31 +0000
0 - 0 - 2 nmrhk.com/oop/2135_md/2/551/784/97/94914 99.83.154.118

Last 1 reports on domain: matelly.com

Date UQ / IDS / BL URL IP
2022-11-25 09:31:29 +0000
0 - 0 - 1 matelly.com/ 3.64.163.50

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-30 06:47:22 +0000
0 - 0 - 1 vilalusa.com/33q4i6f 162.255.119.236
2022-11-29 21:30:13 +0000
0 - 0 - 4 mersai.com/ 52.58.78.16
2022-11-29 06:42:33 +0000
0 - 0 - 4 simulee.com/ 52.58.78.16
2022-11-27 14:20:54 +0000
0 - 0 - 4 almotor.com/ 3.64.163.50
2022-11-27 06:56:56 +0000
0 - 0 - 6 suredeath.com/hbb 3.64.163.50


JavaScript

Executed Scripts (27)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 15, repeated: 1) - SHA256: c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e

                                        < !DOCTYPE html >
                                    


HTTP Transactions (67)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: matelly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         3.64.163.50
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Server: openresty
Date: Fri, 25 Nov 2022 09:31:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Location: http://dan.com/buy-domain/matelly.com?redirected=true
Cache-Control: no-cache
X-Request-Id: b56e19c5-b310-4006-9ddd-33d5a7856c0e
X-Runtime: 0.044075


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with no line terminators
Size:   119
Md5:    4d6cdb7bdcb4a1c10987fba2288e4979
Sha1:   29b25318b158f65666d5d6f53a16ea71af91d1c8
Sha256: 64dd2e12c4cb20d2060048e601b502b129a663b17cc21af9ad93b0b11d5e1b03

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11164
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 09:31:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5892
Cache-Control: max-age=95885
Date: Fri, 25 Nov 2022 09:31:18 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:09:23 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2696
Expires: Fri, 25 Nov 2022 10:16:14 GMT
Date: Fri, 25 Nov 2022 09:31:18 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 09:19:04 GMT
cache-control: public,max-age=3600
age: 734
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: uzd1DIRQyIfg+sYp7DjfhXLGMxGt4vBw0xQT1i5z5FMIpoDXeQkS32S9oxvSeSSGy5CrGLHD3TA=
x-amz-request-id: 2VDHT2HA11KNNQ09
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:40:44 GMT
age: 3034
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 09:31:18 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1 
Host: widget.trustpilot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.80
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Fri, 25 Nov 2022 01:28:24 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tKnUpmWQ3659bjhS5z0fJ7uUVGERU1T79Bf7LrBEtBvFnKUvOLOsPQ==
age: 28975
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Size:   6124
Md5:    5add60196e5f96a414fb4b9586764e5d
Sha1:   633f471b3c2fcedeef9cad90cb5bf56f5fe55588
Sha256: 5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
                                        
                                            GET /packs/js/runtime~public/product-2fe2dda32aa2d2a2aa67.js HTTP/1.1 
Host: cdn1.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 786
server: openresty
date: Tue, 01 Nov 2022 11:05:04 GMT
last-modified: Tue, 01 Nov 2022 11:03:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QSHXe1TRvIiXKXgfxVjAl5pknszUtFgNt4xZphhYVXbDQjjSccuHRQ==
age: 2067974
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1516)
Size:   786
Md5:    37935f037e803e39105049fb0adeb1d4
Sha1:   f0a909ba834ba0ede36be821631ed8146699c8cb
Sha256: aae6afa879fa3810847400272ebe7786d3f2b2d1be87ef9d16a235f05797b3bf
                                        
                                            GET /assets/public/trustpilot-logo-008df92415278c07b98aab23d543867b3eb67c71c794afef0a84823cd7cc0df2.png HTTP/1.1 
Host: cdn0.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.83
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 4185
server: openresty
date: Thu, 10 Nov 2022 01:11:03 GMT
last-modified: Wed, 27 Oct 2021 14:42:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aHgsc933PTAe0ssv69AWpykjOiijM9VQNIn88pl9qBNWROtLHFnksg==
age: 1326015
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 270 x 66, 8-bit/color RGBA, non-interlaced\012- data
Size:   4185
Md5:    18907774a48bbf9c3e0a1cc915a0d870
Sha1:   7c434b9d7e66d861c54aa7805b7abaaa6d18bcf9
Sha256: 008df92415278c07b98aab23d543867b3eb67c71c794afef0a84823cd7cc0df2
                                        
                                            GET /assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js HTTP/1.1 
Host: cdn1.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 4434
server: openresty
date: Sat, 12 Nov 2022 03:32:31 GMT
last-modified: Thu, 09 Dec 2021 13:49:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FL9wKi5ACb9abino9A4dztB9LhEDZzHix3MEttZLvdFMvuAx7Q4AoQ==
age: 1144727
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15400), with no line terminators
Size:   4434
Md5:    de2f4a801d555fd16c042093f091acd4
Sha1:   86110e7d996ff7d52e1bbb9f0083f5369c965634
Sha256: 8d772411db1b7ce8f803656bdc1e7e0dfb299eb51371d957fe5ef8656a4819c6
                                        
                                            GET /packs/js/6-17cd7884e1fbb9bc9d21.chunk.js HTTP/1.1 
Host: cdn0.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.83
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 65352
server: openresty
date: Mon, 14 Nov 2022 13:26:19 GMT
last-modified: Mon, 14 Nov 2022 13:24:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SnXULZ9LxwgroEOU4gWix0JKOzxh4IcuBpzNEGzxtVlRE-u82cVJWw==
age: 936299
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   65352
Md5:    27e648758f2bca5f82c01704a02cb711
Sha1:   166c0f2e5b295e2f9e475f2c03923de511f83f2a
Sha256: 7e3c00bfc50b0666525c90c95e75f24db094b46ef147710d5b1016355259a311
                                        
                                            GET /packs/js/public/shared-cc69b24f7d7e677da7f1.chunk.js HTTP/1.1 
Host: cdn0.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.83
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 478
server: openresty
date: Mon, 14 Nov 2022 13:26:19 GMT
last-modified: Mon, 14 Nov 2022 13:24:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6NHqIMFa26VM1DEh4O2eBIDqG5F1N-O_6lvTFDdHMSQ6xIy5-LEcLA==
age: 936299
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1221)
Size:   478
Md5:    af698bb82b7244cb2c9b49d2523c4391
Sha1:   9d49e7e4e196deb139101b59348e7ce8c4694cd6
Sha256: ee9646f6085fc74455edba721c1266b274d0a0810b05d08be0080c786e5f5af5
                                        
                                            GET /assets/public-198532e9723712e0837005f51b06515cad8242a733da64023d5e09532b6ad70e.css HTTP/1.1 
Host: cdn1.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 69530
server: openresty
date: Wed, 23 Nov 2022 10:27:56 GMT
last-modified: Wed, 23 Nov 2022 10:22:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IEn6HC7jbUXAB1lfcNbd9_ecTMLIBHhlBxnjEfQCCORMLf2oxIFanQ==
age: 169402
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size:   69530
Md5:    83408b2a4e0c237783d98bfe120cb727
Sha1:   60dbee30bbe06fdca43979b5e45ece1940ce773a
Sha256: c0b11d9828f79dbc334943a19a74c89fa3044e1a45af8e3eebca7c88cc6241bd
                                        
                                            GET /packs/js/7-9f2b0a405868ca7e1ebb.chunk.js HTTP/1.1 
Host: cdn0.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.83
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 3847
server: openresty
date: Mon, 14 Nov 2022 04:28:09 GMT
last-modified: Fri, 11 Nov 2022 13:47:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6YtgFz9nLk2_T1MRc9TCQReuXFF1B7mrZ6sARsXiWt1jYmKvL1zs1g==
age: 968589
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10731)
Size:   3847
Md5:    7c97b54dfb49782afb5ce46f523704fc
Sha1:   8549fec01dab2cf5535a774a77f65c6851633706
Sha256: ca7fa7462027e775c795aca746425bf09b6b7febb39846cd0a3ce7862269072d
                                        
                                            GET /packs/js/public/product-9cb2b969d78da3fff831.chunk.js HTTP/1.1 
Host: cdn3.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 58643
server: openresty
date: Mon, 14 Nov 2022 13:26:19 GMT
last-modified: Mon, 14 Nov 2022 13:24:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dfK3gueQhkaxccwMV5wCl6MuLadI7sPBzTqQMMIQQYw3TkTbularJw==
age: 936299
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   58643
Md5:    38aa80339e1604d0fb23e6a590b8d99f
Sha1:   42e8a1da362d5c9d1c30a2bed8110e47bbb1af55
Sha256: 4491e723b398a01925c063978fc71d5c399fd80eb10dfc5ab376a250550ca43d
                                        
                                            GET /assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js HTTP/1.1 
Host: cdn1.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 982
server: openresty
date: Wed, 16 Nov 2022 01:55:36 GMT
last-modified: Thu, 09 Dec 2021 13:49:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: artEbtOEKIYe2V4eE5FyGJt4eiiOa-cYw1RS9W4sFIdh3tcmhD2mnQ==
age: 804942
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1896), with no line terminators
Size:   982
Md5:    7e27a1f78cf2901cf631835d1abdd80d
Sha1:   2a470ea7454f0d0da5d3f8c22052f96fdf949eb4
Sha256: 1b1e6270bc0e76e8f70a5024015b12e3833db1d9a3d8252a343b57edd2efdf2f
                                        
                                            GET /packs/js/3-9876ac5e584cf01380f0.chunk.js HTTP/1.1 
Host: cdn3.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 55649
server: openresty
date: Mon, 14 Nov 2022 13:26:19 GMT
last-modified: Mon, 14 Nov 2022 13:24:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: t8vYr-fYEPh98nExgEFNayIqAJPeAyQlQ0g3F_oGDOnw5Vzg7TgzfQ==
age: 936299
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65450)
Size:   55649
Md5:    344cf972b803b139cbe02cbbd55f0c63
Sha1:   beb028cc1664bce14495b9a4e6d22355c80fd180
Sha256: 08ff1998650ec7851229c8f0c9f231d3facd71bec2d3e52ae525cedd3e5206a0
                                        
                                            GET /packs/js/runtime~public/shared-849f663fc27cc3b2248e.js HTTP/1.1 
Host: cdn0.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.83
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 790
server: openresty
date: Wed, 09 Nov 2022 01:32:23 GMT
last-modified: Tue, 08 Nov 2022 17:04:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IO_-nVi5ymjVbvQQU2pKgP_r7z3_ElmntAll1oME-9eBKcwJQQWOSQ==
age: 1411135
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1516)
Size:   790
Md5:    5ded16adb29a0b410ea4663d16d31c40
Sha1:   dee72581a73c3a15eaa55c2da69baf6920f67871
Sha256: 212fa11629c831197de8b65ec9632e120479f34eeff90626c7f9d9c9d423e247
                                        
                                            GET /packs/js/runtime~public/fonts-029da93a03dc79cb1656.js HTTP/1.1 
Host: cdn3.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 790
server: openresty
date: Tue, 08 Nov 2022 02:59:30 GMT
last-modified: Mon, 07 Nov 2022 16:03:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Dyl6kgJi4X0-pQMmqvtj9W7YLBa10egu21xMlN7FDJKTikSsIs2lRw==
age: 1492308
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1516)
Size:   790
Md5:    4e1579868f8057dd0a8bf0b25fd96af4
Sha1:   40120bcce3f1a49de1b36e4d8c0856be56a2a7ff
Sha256: 65f6e4a432f30b9fccae58f470530f2993073543286126fd92bfa5707c3deb6f
                                        
                                            GET /assets/logos/Main@2x-0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379.svg HTTP/1.1 
Host: cdn2.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 11658
server: openresty
date: Mon, 22 Aug 2022 01:42:32 GMT
last-modified: Mon, 18 Jul 2022 15:41:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vSqVqkMmEAdUTqnS9SH8Irbkffpi6C-SKoWDyRXOAswvAk5Rz65KxQ==
age: 8236127
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4396)
Size:   11658
Md5:    386fcff0359a238feae3616089163f60
Sha1:   3861370145d1176cdbeb8d44c70638efd49507e7
Sha256: 0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:08:53 GMT
cache-control: public,max-age=3600
age: 1346
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /assets/public/payment_logos-5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387.png HTTP/1.1 
Host: cdn1.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/assets/public-198532e9723712e0837005f51b06515cad8242a733da64023d5e09532b6ad70e.css
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 3181
server: openresty
date: Sun, 28 Aug 2022 01:45:55 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: C4FK-WoXPyTlyiO6v2pH5CG4Xm-DSXqMYwNIIFnwW1hZfJpEoQV0Vg==
age: 7717524
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 272 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   3181
Md5:    1a20ff7a7df04a852f968c5c988dd6fa
Sha1:   260328a70eeb31d942e6bf3afdc3ba0abf9534f7
Sha256: 5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387
                                        
                                            GET /assets/public/benefits-payments-fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851.svg HTTP/1.1 
Host: cdn0.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.83
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 4341
server: openresty
date: Mon, 31 Oct 2022 09:35:37 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: o-DT98TYEGlTR20AUz4jc7N1nFI4x_p92ycabYYUI5KF5StOQyY0HQ==
age: 2159742
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (633)
Size:   4341
Md5:    4663788bd6ea455409d8d873a1a67005
Sha1:   96bb83e405812d18655e9211ad390d0fbde6a7b1
Sha256: fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851
                                        
                                            GET /assets/public/benefits-protection-523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f.svg HTTP/1.1 
Host: cdn2.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 4277
server: openresty
date: Wed, 07 Sep 2022 02:34:32 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7l6qwu182tNWa8ZqaoJCUesqQ6X3ZJacYTRabuFokFHbtp2W-coFOw==
age: 6850607
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (898)
Size:   4277
Md5:    b4a9f0ba344eb285f99ea324daeab7d0
Sha1:   82020383fea04966c27241f53e7aad2a74eab53a
Sha256: 523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f
                                        
                                            GET /assets/public/benefits-transfers-374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606.svg HTTP/1.1 
Host: cdn1.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/assets/public-198532e9723712e0837005f51b06515cad8242a733da64023d5e09532b6ad70e.css
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 2452
server: openresty
date: Fri, 04 Nov 2022 02:07:13 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9t0GaXvIem2dy5pOh0irKascQa8jDwI0XDD8q7CoQemZsjN5Ipzgqg==
age: 1841046
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2008)
Size:   2452
Md5:    60377485c532698023ddb3324aafaff7
Sha1:   9fa2b7b0ee6792bdf3641cb45446b6d72496de1a
Sha256: 374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606
                                        
                                            GET /assets/GraphikDan-Semibold-Web-560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc.woff2 HTTP/1.1 
Host: cdn3.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: application/font-woff2
                                        
content-length: 42052
server: openresty
date: Sun, 28 Aug 2022 13:39:13 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: S6GYgRBdxsBZXevmkrR8Lgt_KZIPtJGstHfDj_j4xBENUy6b-JLLwg==
age: 7674726
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 42052, version 1.0\012- data
Size:   42052
Md5:    7d992431ee5e40d98d9ab99cb5cde954
Sha1:   3e82b380c81c2f83e143e4bb1a4437903c689f05
Sha256: 560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc
                                        
                                            GET /assets/GraphikDan-Light-Web-683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e.woff2 HTTP/1.1 
Host: cdn1.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: application/font-woff2
                                        
content-length: 34092
server: openresty
date: Sun, 02 Oct 2022 02:47:45 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D0AdNtVzcA59g5JE9hWvunXyZ0uvQvP28xWIp_dULQEIKaZ0Lu9C5Q==
age: 4689814
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 34092, version 1.0\012- data
Size:   34092
Md5:    9e90e7eccd164bdeee5ae1e9331316d5
Sha1:   4a8c44ec681947f676ee97f33aab743a079eff7b
Sha256: 683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e
                                        
                                            GET /assets/GraphikDan-Bold-Web-11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a.woff2 HTTP/1.1 
Host: cdn2.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: application/font-woff2
                                        
content-length: 38556
server: openresty
date: Tue, 04 Oct 2022 23:13:23 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RQrMAMSBMOj06Xm6HBG09_2ycKJ0lv8v5rp72ltZQe2C2iTR9u8bZg==
age: 4443476
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 38556, version 1.0\012- data
Size:   38556
Md5:    15e0a4e9b6fc2834eec6ccba1973aa45
Sha1:   080a7126b7fb4063ea36c06beca3ebfdc4cc63ef
Sha256: 11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a
                                        
                                            GET /assets/GraphikDan-Regular-Web-1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6.woff2 HTTP/1.1 
Host: cdn1.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: application/font-woff2
                                        
content-length: 37172
server: openresty
date: Thu, 25 Aug 2022 03:15:09 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ET8qjIdzcGwqxcGYai6E866AQtAl1aGMhcH1ehAZlr_T1LFli9a3vA==
age: 7971370
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 37172, version 1.0\012- data
Size:   37172
Md5:    6b2f88dd1fc37ad2228bc4b0e12bb011
Sha1:   088cd68a9ce402835ff00e8e2c8ef2ccf4081a3b
Sha256: 1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6
                                        
                                            GET /assets/GraphikDan-Medium-Web-cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3.woff2 HTTP/1.1 
Host: cdn2.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: application/font-woff2
                                        
content-length: 36308
server: openresty
date: Sat, 01 Oct 2022 04:00:17 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UjxjPRBVbfclU48PEr5epiBieh953dIeOK4CvVCj88iRBQ-Qo8l1Tw==
age: 4771862
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 36308, version 1.0\012- data
Size:   36308
Md5:    47f09a78e5d17d771fb06bc91e174499
Sha1:   b335fe0226d224782678ff7bea49773993e6f052
Sha256: cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3
                                        
                                            GET /packs/spritemap.svg HTTP/1.1 
Host: dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/buy-domain/matelly.com?redirected=true
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0; bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=3V7XfNBWVJ7HJcnTcQwKhCJ014MdT2ySIcL2oaWPj7YANlPpTjxnqpa7k37oG%2BMM%2BgWEkT9a9NWJ%2B9QKuJi8cBDp13c%2BkkF%2Bgwoj11hwnqlLEgXTTnp5sseGUlhhqxEHPa1xkZLxfiUaMmbaeTYdxtXmR33U%2FApMNCQZv%2FyigbQ83JVSLqP271nRkTLtos%2BFSvNlxGpkKMRqOLaUlOKrZaByOHH4XHi2xfOXIn5NNQvXbEw4jtQMtwpgXBd0d%2BD6%2BvsUX5a3MpXn7y399UPPCwS9WV0Z9TUlQmwNpbr1M7jpjANHZ1zu35lR4NQSkmcPKNkBFqYULzUp2jmm1wBPnQGw0bvfkPdopsS5yzIUsThWYkByKc6Lg7kAPFY8xP5xc3Gl7RN73A%2BMFmop%2FYpM0x5oVr4dqgGbelN%2F9i%2FWz96qR3z%2FMi9ldlcl3pbTryj%2BuIS%2B%2FlM2hjimY6kSt0I9BQ%3D%3D--KZraaMmBgjcaaa9c--4fCC9xzdDdya3ktPFuKPPw%3D%3D; time_zone_offset=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         3.70.113.20
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: openresty
date: Fri, 25 Nov 2022 09:31:19 GMT
vary: Accept-Encoding
last-modified: Fri, 25 Nov 2022 09:29:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20796
Md5:    e10f3899bf560f4eabb4ca4d345c5d0f
Sha1:   890f8e0f53999cb7a24e5a0d1ef4a43caf667917
Sha256: c8080b911fac7d0385f8503ca471a0cd326c85052a34d6076f4e72c6fe90eeeb
                                        
                                            GET /gtm.js?id=GTM-P9NHQJ HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:31:19 GMT
expires: Fri, 25 Nov 2022 09:31:19 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42950
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2688)
Size:   42950
Md5:    4cfe10ae3c0fa3271117a49fe070e0a5
Sha1:   f0c1ffb02dc8af47508f0a95b5cedd36774be58f
Sha256: e386b1964dbd073aba8b84a09502bf664f5494281b04637ea824e55bce8cee49
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png HTTP/1.1 
Host: cdn2.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 3054
server: openresty
date: Tue, 06 Sep 2022 00:23:51 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: juY4dMEvHpjBnvn5KlyD25EvfmmeZyQIebj-I5SuxGl39ja6jgRjSg==
age: 6944848
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Size:   3054
Md5:    0c59777f5725af9a1d2d9153da1d7176
Sha1:   bc06fbcbf2170fe049279b7a1b6003eef8d6986a
Sha256: 56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290
                                        
                                            GET /assets/icons/favicon-17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f.ico HTTP/1.1 
Host: cdn3.dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         143.204.55.5
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
                                        
content-length: 15406
server: openresty
date: Fri, 02 Sep 2022 02:50:15 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hZq-dmJ_beC1pV2Jpnu6wAtbdrcZ1kcrKE7Kiy3Wy6VKSxRS9iiAlQ==
age: 7281664
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   15406
Md5:    91b5b75e4f52df43982200873c1feef6
Sha1:   8a01193959229d10a361d4965e305490544c428c
Sha256: 17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 08:41:08 GMT
expires: Fri, 25 Nov 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 3011
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 953
Cache-Control: max-age=85883
Date: Fri, 25 Nov 2022 09:31:19 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 09:22:42 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /api/domains/suggestions?client_id=156527 HTTP/1.1 
Host: dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/buy-domain/matelly.com?redirected=true
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0; bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=3V7XfNBWVJ7HJcnTcQwKhCJ014MdT2ySIcL2oaWPj7YANlPpTjxnqpa7k37oG%2BMM%2BgWEkT9a9NWJ%2B9QKuJi8cBDp13c%2BkkF%2Bgwoj11hwnqlLEgXTTnp5sseGUlhhqxEHPa1xkZLxfiUaMmbaeTYdxtXmR33U%2FApMNCQZv%2FyigbQ83JVSLqP271nRkTLtos%2BFSvNlxGpkKMRqOLaUlOKrZaByOHH4XHi2xfOXIn5NNQvXbEw4jtQMtwpgXBd0d%2BD6%2BvsUX5a3MpXn7y399UPPCwS9WV0Z9TUlQmwNpbr1M7jpjANHZ1zu35lR4NQSkmcPKNkBFqYULzUp2jmm1wBPnQGw0bvfkPdopsS5yzIUsThWYkByKc6Lg7kAPFY8xP5xc3Gl7RN73A%2BMFmop%2FYpM0x5oVr4dqgGbelN%2F9i%2FWz96qR3z%2FMi9ldlcl3pbTryj%2BuIS%2B%2FlM2hjimY6kSt0I9BQ%3D%3D--KZraaMmBgjcaaa9c--4fCC9xzdDdya3ktPFuKPPw%3D%3D; time_zone_offset=0; _gid=GA1.2.1205943267.1669368679; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         3.70.113.20
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: openresty
date: Fri, 25 Nov 2022 09:31:19 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"35625d5f071de976980fa4c29758e926"
cache-control: max-age=0, private, must-revalidate
x-request-id: 0a9239b3-4f5b-4823-90e1-f2fe3ac9917f
x-runtime: 0.026989
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /widget/e2frgfyw HTTP/1.1 
Host: widget.intercom.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.119
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
content-length: 6172
last-modified: Thu, 24 Nov 2022 14:58:28 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: ddcMZdoz7.Ft5MOnKxEG2cFAnk4rwvsr
accept-ranges: bytes
server: AmazonS3
date: Fri, 25 Nov 2022 09:15:27 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "2ae7988f8a36ffe5129d1d5fe7eff3a5"
x-cache: Error from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: RqqAJHu9oOp2nxsDxFQuDRfBLiL6Q6VRafwuQu9Q_3BjnXmmDjmmYQ==
age: 953
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Size:   6172
Md5:    2ae7988f8a36ffe5129d1d5fe7eff3a5
Sha1:   fd70d049f6f3a5b4cf11022c768a80e37ffdcdc5
Sha256: 3961112a169274a6e8fdbd9b51f740f06336b58c876f897c2f4de8f200bdb831
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=1100622874&gjid=1107714492&_gid=1205943267.1669368679&_u=YCDAgEABAAAAAEAAI~&z=1962440241 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://dan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.251.1.157
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://dan.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 25 Nov 2022 09:31:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /frame.29383c3d.js HTTP/1.1 
Host: js.intercomcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.80
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
content-length: 138202
last-modified: Thu, 24 Nov 2022 14:56:58 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: dTQBmeA3rv9DQuy3pjnaXSTeiRITEWBQ
accept-ranges: bytes
server: AmazonS3
date: Fri, 25 Nov 2022 08:58:32 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "aee42aa78743e7c3ef7469f45825c922"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: mfa56CUes_M2OZ0N3h_TciCCFCD7ezpZnbpMhNWJnQYWG5u1li5x9w==
age: 1967
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   138202
Md5:    aee42aa78743e7c3ef7469f45825c922
Sha1:   351bde99f8d2a3585751dbe63e81bbd21e763b02
Sha256: c7b2f0532ed128f419b7a98b466304f30a860d1df7a612d97f6767e0279d8fc8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113420
Date: Fri, 25 Nov 2022 09:31:19 GMT
Etag: "637f9ada-1d7"
Expires: Sat, 26 Nov 2022 17:01:39 GMT
Last-Modified: Thu, 24 Nov 2022 16:24:58 GMT
Server: ECS (dcb/7FA8)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XVYo0LU0GTtZ1qgVf1IQ-carZwQI7I0e2FHEvP40fApmSxLEbSmYFA==
Age: 2201

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=1100622874&_u=YCDAgEABAAAAAEAAI~&z=1423524514 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 09:31:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=1100622874&_u=YCDAgEABAAAAAEAAI~&z=1423524514 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 09:31:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:31:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /domain_views HTTP/1.1 
Host: dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/buy-domain/matelly.com?redirected=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 139
Origin: https://dan.com
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0; bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=3V7XfNBWVJ7HJcnTcQwKhCJ014MdT2ySIcL2oaWPj7YANlPpTjxnqpa7k37oG%2BMM%2BgWEkT9a9NWJ%2B9QKuJi8cBDp13c%2BkkF%2Bgwoj11hwnqlLEgXTTnp5sseGUlhhqxEHPa1xkZLxfiUaMmbaeTYdxtXmR33U%2FApMNCQZv%2FyigbQ83JVSLqP271nRkTLtos%2BFSvNlxGpkKMRqOLaUlOKrZaByOHH4XHi2xfOXIn5NNQvXbEw4jtQMtwpgXBd0d%2BD6%2BvsUX5a3MpXn7y399UPPCwS9WV0Z9TUlQmwNpbr1M7jpjANHZ1zu35lR4NQSkmcPKNkBFqYULzUp2jmm1wBPnQGw0bvfkPdopsS5yzIUsThWYkByKc6Lg7kAPFY8xP5xc3Gl7RN73A%2BMFmop%2FYpM0x5oVr4dqgGbelN%2F9i%2FWz96qR3z%2FMi9ldlcl3pbTryj%2BuIS%2B%2FlM2hjimY6kSt0I9BQ%3D%3D--KZraaMmBgjcaaa9c--4fCC9xzdDdya3ktPFuKPPw%3D%3D; time_zone_offset=0; _gid=GA1.2.1205943267.1669368679; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         3.70.113.20
HTTP/2 200 OK
content-type: text/html
                                        
server: openresty
date: Fri, 25 Nov 2022 09:31:19 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
set-cookie: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=IGQKeb6COMQqiGMXR2%2BBBK5McjTZ1bB6XFAC2rVenZwCo4VVDSp6qXyjzFY8KAeLgZY%2BHwfrVSYv43h1gcht7a9tSDT3tkdfzjV8bxqa%2F3KqdtErecFdQjtRqAfpjhvCtVMWn80zHRo1XqDuCbw4xnixhdLodejvv3HWIYEo6KQBLS8MPWBlmo2L%2FS4ZCTUllfYXfuacy79WLN5xmYTkexpFHcGqmZRgr4rKtUtS6glszBAdJyepUFi4Z1fphTOgVVbNaMkwdpo3iwEQWadb7wzz57M7HbEhYCyWTeRlFsJrAdLSfaIrBwN6DET6ZJw%2FA9Ck0TS9s16uXI%2FerRfc7E1ySh6smAzFfJo6Q17OwYGakCLzZpmOup3UuZa8Hj8fA%2FNBwpyZrpuCZuqqEBOecbw2do9gsxTN%2B0upjFJYGujXImNMKnAqW%2BYYNrsp2TITB7PmSaCNPFraOjE7vVcpZnbWVQiEq%2Br%2FBYUD21jDbz7S3gpIGU3EJpiEkqwr%2BK4VxK1v8%2BqAXYCsTzyO--%2FBgboU9bvEBuDHmt--KrOCGVUUw5PSXDydmsWXyA%3D%3D; path=/; secure; HttpOnly
x-request-id: d33ee6c4-cf64-4007-9789-c9e2cefe0e9f
x-runtime: 0.013043
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99919
Date: Fri, 25 Nov 2022 09:31:19 GMT
Etag: "637f5a44-1d7"
Expires: Sat, 26 Nov 2022 13:16:38 GMT
Last-Modified: Thu, 24 Nov 2022 11:49:24 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PVFnbmpKRWp8RNvxyeCzYSBFb5v7kzXWq4ZqnP-b-mH37lZAvJr6vw==
Age: 5234

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ORsnKAPzPbboA0qqJv13Bw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.191.210.155
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5R17Pyqw+XmscKUAj2ZTvy3kKbo=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19240
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:31:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19240
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:31:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19240
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:31:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19240
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 09:31:20 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 18500
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tCG6Llkb9UHrJDHyxk5RgLkQ3Cds3dXRc0uMhy_9GbnzgMWk5UBS6w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:04:29 GMT
age: 74316
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10950
Md5:    4abf25d4a15ce58edadd54994b3434a2
Sha1:   18800e21d05596f7b64213072dee7dda5c1faf61
Sha256: 633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 41028
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8089
Md5:    c8f6118fc03f31862ff68fef8a2b9a7f
Sha1:   318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
Sha256: cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lr9z8FWWpMGtxtvcYzeT-ewuydSzpma8I06pszLDQIICotFkB_SZlA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:30 GMT
age: 41750
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8917
Md5:    5863138af1ddbba34a7856242a7b3a06
Sha1:   2eba66ff6539388c48562503e8d11ff0e060350a
Sha256: d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 41752
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6130
Md5:    ba7b9c131ab7e5998f25b069ba3860a0
Sha1:   0214fc0deecb1115766802f42cfd256e3c479490
Sha256: 717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 52790
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2351
Md5:    66d06d3cac1784e4ce6c8c89c300f10a
Sha1:   41ef94d198bbf98185eb332a3b6934c3c26c3afc
Sha256: 55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
                                        
                                            POST /messenger/web/ping HTTP/1.1 
Host: api-iam.intercom.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 494
Origin: https://dan.com
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.202.228.243
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Fri, 25 Nov 2022 09:31:20 GMT
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1669368690
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13330
access-control-allow-origin: https://dan.com
vary: Accept,Accept-Encoding
x-intercom-version: 99274168ad70f53a3c18be71b3586ae767d16740
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 0000aj00ru8ugo1bt2sg
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"ee77838fbeb4529d070b8a907e523264"
x-runtime: 0.227075
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-01adf57c3f83dd4fa
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (3225), with no line terminators
Size:   1462
Md5:    f2d8c63c9834606c6de75bf6a82bd78d
Sha1:   41dfb2f2cdc68101f22970bb1034769163732884
Sha256: 8913c9bec4cd86b50b1889bdb1f9f851f5ea951e3411398e6e25a5973ba3cb76
                                        
                                            GET /messenger-m4/proximanova-regular.woff HTTP/1.1 
Host: fonts.intercomcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.87
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 28960
date: Fri, 18 Nov 2022 09:10:40 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 17 Nov 2022 13:54:45 GMT
etag: "a7942249ca925ef356c0f2b1dab17ef3"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000
x-amz-version-id: ebq9pyRY7kszwAwVrH2DKI_ekdqtL0.L
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: jtn7daiYhWw1xZKq2uMYOxfUVKkW3ttCA_dxPpnLXpAGaU9qZ2Udqg==
age: 606048
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 28960, version 1.0\012- data
Size:   28960
Md5:    a7942249ca925ef356c0f2b1dab17ef3
Sha1:   122ae210e1fbfc1b4730f6f934dae6586b76592b
Sha256: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
                                        
                                            GET /buy-domain/matelly.com?redirected=true HTTP/1.1 
Host: dan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         3.70.113.20
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty
date: Fri, 25 Nov 2022 09:31:18 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"abeaa7c6a975cbcbc5cc2c9a8b490fa1"
cache-control: max-age=0, private, must-revalidate
set-cookie: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=3V7XfNBWVJ7HJcnTcQwKhCJ014MdT2ySIcL2oaWPj7YANlPpTjxnqpa7k37oG%2BMM%2BgWEkT9a9NWJ%2B9QKuJi8cBDp13c%2BkkF%2Bgwoj11hwnqlLEgXTTnp5sseGUlhhqxEHPa1xkZLxfiUaMmbaeTYdxtXmR33U%2FApMNCQZv%2FyigbQ83JVSLqP271nRkTLtos%2BFSvNlxGpkKMRqOLaUlOKrZaByOHH4XHi2xfOXIn5NNQvXbEw4jtQMtwpgXBd0d%2BD6%2BvsUX5a3MpXn7y399UPPCwS9WV0Z9TUlQmwNpbr1M7jpjANHZ1zu35lR4NQSkmcPKNkBFqYULzUp2jmm1wBPnQGw0bvfkPdopsS5yzIUsThWYkByKc6Lg7kAPFY8xP5xc3Gl7RN73A%2BMFmop%2FYpM0x5oVr4dqgGbelN%2F9i%2FWz96qR3z%2FMi9ldlcl3pbTryj%2BuIS%2B%2FlM2hjimY6kSt0I9BQ%3D%3D--KZraaMmBgjcaaa9c--4fCC9xzdDdya3ktPFuKPPw%3D%3D; path=/; secure; HttpOnly
x-request-id: e4906bf4-ccfe-481c-a7f6-d1a0cdfc003a
x-runtime: 0.075362
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /vendor.f7693627.js HTTP/1.1 
Host: js.intercomcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.80
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
content-length: 108174
last-modified: Thu, 24 Nov 2022 14:56:58 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: imQW8UVxb5Qb5NbAXz2HQIPHIt_mQR5E
accept-ranges: bytes
server: AmazonS3
date: Fri, 25 Nov 2022 08:58:32 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "da627a8b7f786b0e8681b89dfe518410"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: T9z5aVxVnhWaHkTtJAqR2aZnLLAmCNIrJPto5V2xQ1yhnoNpbffwPw==
age: 1967
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2


--- Additional Info ---