www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
54.166.191.140301 Moved Permanently 0 B URL HTTP/1.1 www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
IP 54.166.191.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_ HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-length: 0
Location: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Connection: close
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 01:13:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3txOB88FKaYD2jOQGtAtSPEXefKEDtrrLgT71T-_oVoOuwXilGjUIw==
Age: 3260
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2917
Expires: Thu, 22 Sep 2022 02:56:50 GMT
Date: Thu, 22 Sep 2022 02:08:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dmK9hFjZ7PwGk-W6beY1sy6dMnPNY2edo12Z_K569LZSevLFn02eKg==
age: 77580
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 02:08:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 22 Sep 2022 01:43:08 GMT
Expires: Thu, 22 Sep 2022 01:59:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8mmlHPSiEuGbALlbYmh4ZoDFPraKAjxqvHG6brbmGynkdzVZOLg_-Q==
Age: 1505
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6597
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:14 GMT
Last-Modified: Thu, 22 Sep 2022 00:18:17 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3477c78cff8ef559c24a54b04c85f6a
f8051be8f3ca7e1a608311f489689da52ef08287
5134c1e87bf433d124cdb790525f9e9f3c0319bf5dbc935faa0288eac266b5d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5134C1E87BF433D124CDB790525F9E9F3C0319BF5DBC935FAA0288EAC266B5D9"
Last-Modified: Wed, 21 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21581
Expires: Thu, 22 Sep 2022 08:07:55 GMT
Date: Thu, 22 Sep 2022 02:08:14 GMT
Connection: keep-alive
www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
54.166.191.140200 OK 7.2 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
IP 54.166.191.140:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1126)
Hash 802c1a720f05e41ba97e14fec5d8a3c2
2c9404868329803ca41ce7b3968fbf7126d820e7
392fda0f95a8cfca5fc515dbdd5237c168b82708d38dc6153bc0458bb1b6bd66
GET /2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_ HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:14 GMT
Server: Apache
Set-Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7237
Content-Type: text/html; charset=UTF-8
X-NID: N1
seal-memphis.bbb.org/logo/sehzbus/american-home-shield-22001027.png
82.102.27.18200 OK 6.3 kB URL HTTP/2 seal-memphis.bbb.org/logo/sehzbus/american-home-shield-22001027.png
IP 82.102.27.18:0
File type PNG image data, 200 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash 763e3cbbb601073d7941280514d7594a
4401e0ad7f4ffa185c6fb823bab44255c3235ca1
95b1c168421c050d8135143e0e5de675d132e06f9b491a2025d53e2d3d1e9b0f
GET /logo/sehzbus/american-home-shield-22001027.png HTTP/1.1
Host: seal-memphis.bbb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 22 Sep 2022 02:08:14 GMT
content-type: image/png
content-length: 6290
cache-control: max-age=14400
expires: Thu, 22 Sep 2022 06:08:14 GMT
last-modified: Wed, 21 Sep 2022 17:08:21 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: STALE
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wosyJDr9Gejh6cyd8jX42Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: j+YVxyRnMWXrgHc06EeHwESLG8o=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:400,500,700,900
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500,700,900
IP 142.250.74.10:0
Hash abd502c2c53e745493c68573c137d2f3
6128dd4575a7278fcbfcadf548af4e454109d861
57ab808489b4b958222b080d037137119871d09357491ba3b3f57c4e22e63b61
GET /css?family=Roboto:400,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 02:08:14 GMT
date: Thu, 22 Sep 2022 02:08:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.ahsquotes.com/2021/4/vendor/bootstrap/css/bootstrap.min.css?ver=1.2
54.166.191.140200 OK 30 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/vendor/bootstrap/css/bootstrap.min.css?ver=1.2
IP 54.166.191.140:0
Hash e0c874bfabb87b1e73b347c1c94974c7
1b97b85f3180e6e38cca372c4d6b61d2702aac34
a091ca32a6eb49559ef7c5ed97e2ab4b16ba49e41b9ba76efe6e6da646786e1a
Analyzer Verdict Alert fortinet Phishing
GET /2021/4/vendor/bootstrap/css/bootstrap.min.css?ver=1.2 HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:14 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 14:26:18 GMT
ETag: "36db0-5e7b2836eb17f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 29824
Content-Type: text/css
X-NID: N1
www.ahsquotes.com/2021/4/bundles/pyh_main_js-v=IYSNC0cAO_B-_TUsyGCiemgQo0mfVgmz1oShNb7ny1Q1.js
54.166.191.140200 OK 3.0 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/bundles/pyh_main_js-v=IYSNC0cAO_B-_TUsyGCiemgQo0mfVgmz1oShNb7ny1Q1.js
IP 54.166.191.140:0
File type ASCII text, with very long lines (409)
Hash 6e0fce21fbfad44e5b7bbf20982504ee
2a409add44d8278fd897d6bb4f4b4417318cbda7
60b26be75b7a13eb26ea8158def570fcdcd4e2b204189c3a07702477419f0cc1
Analyzer Verdict Alert fortinet Phishing
GET /2021/4/bundles/pyh_main_js-v=IYSNC0cAO_B-_TUsyGCiemgQo0mfVgmz1oShNb7ny1Q1.js HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:14 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 16:56:24 GMT
ETag: "2be6-5e77842ab4e12-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3048
Content-Type: application/javascript
X-NID: N2
www.ahsquotes.com/2021/4/css/heroic-features.css
54.166.191.140200 OK 263 B URL HTTP/1.1 www.ahsquotes.com/2021/4/css/heroic-features.css
IP 54.166.191.140:0
Hash d5a3d6db796f2ba2955c9f74d339c1fa
55f976163b961cdc4812286432024f7285d14e36
cae8fee21a0ae20764b40cf40a8b7f84dd3318399aaab279b5bbf2ebcfa18384
GET /2021/4/css/heroic-features.css HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:14 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 17:03:46 GMT
ETag: "17e-5e7785d02991f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 263
Content-Type: text/css
X-NID: N1
www.ahsquotes.com/2021/4/bundles/pyh_external_js-v=uN_DBNmZ1XZv0CCjSQ0FwwOJuRgjgQuhhe44tzI3abA1.js
54.166.191.140200 OK 132 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/bundles/pyh_external_js-v=uN_DBNmZ1XZv0CCjSQ0FwwOJuRgjgQuhhe44tzI3abA1.js
IP 54.166.191.140:0
File type ASCII text, with very long lines (500)
Size 132 kB (132385 bytes)
Hash b17aa7936b49419cf2e72515d76d2fc4
a35fd969c72a3108d97d7cb6fea7eaf3c71a6b63
d62c4a4df87febd0165d24bda59a7ca2256635d307646fe0a3d63d9a2e8425fc
Analyzer Verdict Alert fortinet Phishing
GET /2021/4/bundles/pyh_external_js-v=uN_DBNmZ1XZv0CCjSQ0FwwOJuRgjgQuhhe44tzI3abA1.js HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:14 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 16:56:45 GMT
ETag: "90b51-5e77843f5eec9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
X-NID: N1
www.ahsquotes.com/2021/4/img/arrow-down.jpg
54.166.191.140200 OK 1.2 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/img/arrow-down.jpg
IP 54.166.191.140:0
File type JPEG image data, baseline, precision 8, 50x23, components 3\012- data
Hash 09d1c77c82105353479d2daa353eff78
e4bcb0bb11789a12422ba82509e5255e8d69dc6c
19dacedc11e7b6d6f0f7ad8b8617e1816d5a50210fa085b945e1905154565881
GET /2021/4/img/arrow-down.jpg HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:14 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 16:56:49 GMT
ETag: "4a6-5e778442674ac"
Accept-Ranges: bytes
Content-Length: 1190
Content-Type: image/jpeg
X-NID: N1
www.ahsquotes.com/2021/4/img/bestcoverage.png
54.166.191.140200 OK 7.3 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/img/bestcoverage.png
IP 54.166.191.140:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash c24d640fa4c59c8a1a4d585ac886ab7a
ea3afd30349ce8e4c43bffcf5697941b67214091
e29331fe8b1a7b5c43ba1e9eaade80a7e9b95d07b0d1eb733c75f9f05d729f97
GET /2021/4/img/bestcoverage.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:14 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 16:56:54 GMT
ETag: "1cab-5e778447ee552"
Accept-Ranges: bytes
Content-Length: 7339
Content-Type: image/png
X-NID: N2
www.ahsquotes.com/2021/4/img/roofpic.png
54.166.191.140200 OK 14 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/img/roofpic.png
IP 54.166.191.140:0
File type PNG image data, 326 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash a6cc3cfe2bbd7dd06eb0f26aa2a5423e
38f466c16e003f6e2140298b5e3067bd02c74079
47ae751430fb4edf6e3da082576c4c8f21768e7687a25e563f0cc4c00f360324
GET /2021/4/img/roofpic.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:14 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 16:59:41 GMT
ETag: "3641-5e7784e732d61"
Accept-Ranges: bytes
Content-Length: 13889
Content-Type: image/png
X-NID: N2
seal-memphis.bbb.org/logo/american-home-shield-22001027.js
82.102.27.18200 OK 704 B URL HTTP/2 seal-memphis.bbb.org/logo/american-home-shield-22001027.js
IP 82.102.27.18:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1052), with no line terminators
Hash fcb9cf4d1f8ea7a65262f1ee1420f5a5
b3d7d1cad07d2202539cb45a06b43f8a6ab90eb9
7897e3609c74d58ab4cdcf6552b7589db6466606d83c99e515fb04d8d2119800
GET /logo/american-home-shield-22001027.js HTTP/1.1
Host: seal-memphis.bbb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 22 Sep 2022 02:08:14 GMT
content-type: application/javascript
content-length: 704
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 17:37:47 GMT
etag: "6ff458b460c8d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
expires: Thu, 22 Sep 2022 06:08:14 GMT
cache-control: max-age=14400
x-cache: STALE
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ahsquotes.com/2021/4/img/yourheat-mobile2.jpg
54.166.191.140200 OK 178 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/img/yourheat-mobile2.jpg
IP 54.166.191.140:0
File type JPEG image data, baseline, precision 8, 480x483, components 3\012- data
Size 178 kB (178010 bytes)
Hash a65d1157cd20c86d6ab16b77b967817f
442c49f6df5f265fca082733dfe61e29f1c6a2f9
a47c03872bf1411a1523788fc6155c6727006f7c89ca19336229aca75331dbef
GET /2021/4/img/yourheat-mobile2.jpg HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:14 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 17:01:11 GMT
ETag: "2b75a-5e77853caabde"
Accept-Ranges: bytes
Content-Length: 178010
Content-Type: image/jpeg
X-NID: N1
www.ahsquotes.com/2021/4/img/stars.png
54.166.191.140200 OK 754 B URL HTTP/1.1 www.ahsquotes.com/2021/4/img/stars.png
IP 54.166.191.140:0
File type PNG image data, 178 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a208a985081ef84b625a9509f7fc43d
c6f290baa388b8175be0f3952b198ba3ad6d6aba
5bcc2b1ca99030dffb0591241a0422ab9420ee6d8b154c4c689485aa33665e3b
GET /2021/4/img/stars.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:15 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 16:59:59 GMT
ETag: "2f2-5e7784f8151b3"
Accept-Ranges: bytes
Content-Length: 754
Content-Type: image/png
X-NID: N2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 23647
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TXTTWK9
142.250.74.72200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TXTTWK9
IP 142.250.74.72:0
File type ASCII text, with very long lines (2083)
Hash f4696f9f9d60ad39e5e00e5f1c890f92
8cd4357dcc3b24a84dd69dceca9fe026c1c40599
8571766dd7b11479343b6603fe54a86fcb846d38064d177026c57e5bf0103b3c
GET /gtm.js?id=GTM-TXTTWK9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Sep 2022 02:08:15 GMT
expires: Thu, 22 Sep 2022 02:08:15 GMT
cache-control: private, max-age=900
last-modified: Thu, 22 Sep 2022 00:26:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46499
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 7a1ffbedb6a5c54cbf86be919a59f713
f9fc85dbef6b84a83c617bf2276c26f2ebf99fa1
c05e379e812583f44277b28561d5295f4f011e7702184ce1b5ed7b6363a6894d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 02:08:15 GMT
Last-Modified: Thu, 22 Sep 2022 00:30:18 GMT
Server: ECS (dcb/7EA6)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x9SbxbBwNWG6ILTUthCiQWr72Msgcsbv_3AVScbzDLimWCNJYDDnKQ==
Age: 5877
www.ahsquotes.com/2021/4/vendor/bootstrap/css/proximanova-bold-webfont.woff2
54.166.191.140200 OK 20 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/vendor/bootstrap/css/proximanova-bold-webfont.woff2
IP 54.166.191.140:0
File type Web Open Font Format (Version 2), TrueType, length 20400, version 1.0\012- data
Hash b93b3eb4e6935343c057c52e376de3ee
aa4aeea4c0dc4623705c8d09363609d9877f4e5e
47a472e927299f17a4195267006fe71ec67d9d5dab6c7428daa397d2cbb7654e
Analyzer Verdict Alert fortinet Phishing
GET /2021/4/vendor/bootstrap/css/proximanova-bold-webfont.woff2 HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/vendor/bootstrap/css/bootstrap.min.css?ver=1.2
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:15 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 17:02:01 GMT
ETag: "4fb0-5e77856ccb113"
Accept-Ranges: bytes
Content-Length: 20400
X-NID: N1
www.ahsquotes.com/2021/4/vendor/bootstrap/css/proximanova-regular-webfont.woff2
54.166.191.140200 OK 20 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/vendor/bootstrap/css/proximanova-regular-webfont.woff2
IP 54.166.191.140:0
File type Web Open Font Format (Version 2), TrueType, length 20492, version 1.0\012- data
Hash e1186c864a5bd951999bedb1979db8e1
24e6ba54b18ad9c8cbfeabba023d112b73ad7867
704600063c5181fa92127c7621e53de23cf736318c5b88ded439dd94e513bac4
Analyzer Verdict Alert fortinet Phishing
GET /2021/4/vendor/bootstrap/css/proximanova-regular-webfont.woff2 HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/vendor/bootstrap/css/bootstrap.min.css?ver=1.2
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:15 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 17:02:14 GMT
ETag: "500c-5e77857888ee0"
Accept-Ranges: bytes
Content-Length: 20492
X-NID: N2
www.ahsquotes.com/2021/4/img/AHS_CMYK.svg
54.166.191.140200 OK 8.7 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/img/AHS_CMYK.svg
IP 54.166.191.140:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3581f57537b97335ce7d0d8fef448919
aa6321ce29992fbf1a42c74fec42c0849be8c333
785e103ab7847950b0a47be5b4d58f4a8b514b5f14d72c3dd7490d3735ab2a4f
Analyzer Verdict Alert fortinet Phishing
GET /2021/4/img/AHS_CMYK.svg HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:15 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 16:56:36 GMT
ETag: "21db-5e778436d07e0"
Accept-Ranges: bytes
Content-Length: 8667
Content-Type: image/svg+xml
X-NID: N1
www.ahsquotes.com/2021/4/vendor/bootstrap/css/proximanova-light-webfont.woff2
54.166.191.140200 OK 20 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/vendor/bootstrap/css/proximanova-light-webfont.woff2
IP 54.166.191.140:0
File type Web Open Font Format (Version 2), TrueType, length 20012, version 1.0\012- data
Hash e7b952ddd46fac75dfc79a093ee75d3f
8c8cf9edecbd31cad212254a3bd7fb38aff5abbc
46050ae88e7256f0540d6986ea6a2705a1e568c3b182f1032a7572f372af36c7
Analyzer Verdict Alert fortinet Phishing
GET /2021/4/vendor/bootstrap/css/proximanova-light-webfont.woff2 HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/vendor/bootstrap/css/bootstrap.min.css?ver=1.2
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:15 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 17:02:13 GMT
ETag: "4e2c-5e7785784973f"
Accept-Ranges: bytes
Content-Length: 20012
X-NID: N2
www.ahsquotes.com/2021/4/img/top.png
54.166.191.140200 OK 17 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/img/top.png
IP 54.166.191.140:0
File type PNG image data, 545 x 145, 8-bit/color RGBA, non-interlaced\012- data
Hash af1bb9abf9018c8f46dd20b1b4540591
3bbc6e1d86d17cbd616b6f19b5c48b5b6087ae97
8e945188eec89c50341b5edfdfe68687d66d1be6ed701cf6461aaa6b76763ca2
GET /2021/4/img/top.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:15 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 17:00:10 GMT
ETag: "42e1-5e7785025cf1f"
Accept-Ranges: bytes
Content-Length: 17121
Content-Type: image/png
X-NID: N2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash c73ecfbe0aec340c161d2a95f5e45b92
ccfb13a35010e0ee15792c495382ff443c4e3346
d584d47e546337239c98f426b72942dce06cf6407e781cf3fd58d40abe19470e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 02:08:15 GMT
Last-Modified: Thu, 22 Sep 2022 01:27:25 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TLshetNIM1695wNHjWF3NLQAKFj9Z_H6OpSTwpUrxKO00L9J3HTwhw==
Age: 2450
www.ahsquotes.com/2021/4/img/waching.jpg
54.166.191.140200 OK 214 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/img/waching.jpg
IP 54.166.191.140:0
File type JPEG image data, baseline, precision 8, 446x698, components 3\012- data
Size 214 kB (213864 bytes)
Hash bc33cc440349a8c3be2faf8ce582ad9a
5918d6e5253ca82a2163ca45c0f9c59373735568
f972eb6384af6d5267e5bd4060c1ce10070d867b8b156ad98ac713d6cdfefeab
GET /2021/4/img/waching.jpg HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:14 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 17:00:51 GMT
ETag: "34368-5e77852965249"
Accept-Ranges: bytes
Content-Length: 213864
Content-Type: image/jpeg
X-NID: N1
www.ahsquotes.com/2021/4/img/stamps.png
54.166.191.140200 OK 113 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/img/stamps.png
IP 54.166.191.140:0
File type PNG image data, 1263 x 184, 8-bit/color RGBA, non-interlaced\012- data
Size 113 kB (112965 bytes)
Hash 3526d39a8643b84402d2ec1458675db8
91d86a087bc34eda10032e2e064ebd755cfc2bca
b28fb9c54629e71f45aca28441ef4b1fcf90e879e6da4f5acae01ce98140c265
GET /2021/4/img/stamps.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:15 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 17:00:44 GMT
ETag: "1b945-5e778523083c2"
Accept-Ranges: bytes
Content-Length: 112965
Content-Type: image/png
X-NID: N2
www.ahsquotes.com/2021/4/img/stamps-mobile.png
54.166.191.140200 OK 130 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/img/stamps-mobile.png
IP 54.166.191.140:0
File type PNG image data, 480 x 628, 8-bit/color RGBA, non-interlaced\012- data
Size 130 kB (130540 bytes)
Hash fea56a61efcf54042dc7915bcc45976f
6faeeaa63ea3b2ac86c366fd2d6e159177c432ad
fba622279e8d25ad893b66cd9833169015a053835623b74c27a79c5c4b8c6273
GET /2021/4/img/stamps-mobile.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:15 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 17:00:20 GMT
ETag: "1fdec-5e77850bfec49"
Accept-Ranges: bytes
Content-Length: 130540
Content-Type: image/png
X-NID: N1
www.ahsquotes.com/2021/4/img/50.png
54.166.191.140200 OK 23 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/img/50.png
IP 54.166.191.140:0
File type PNG image data, 197 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash d86a9c3af8fc84f0e998aa143782668c
0dc4dbd45e977c1f3ad69258cd7b9294f53973d9
61519f7bbb43323c0d9255ad78aae768a4af15bbc26828a93d0a2a23f3f94f65
GET /2021/4/img/50.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:15 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 16:56:41 GMT
ETag: "5adb-5e77843b5e825"
Accept-Ranges: bytes
Content-Length: 23259
Content-Type: image/png
X-NID: N1
api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16638124947080.8872456303037575
34.236.64.108301 Moved Permanently 134 B URL HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16638124947080.8872456303037575
IP 34.236.64.108:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16638124947080.8872456303037575 HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Thu, 22 Sep 2022 02:08:15 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16638124947080.8872456303037575
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14013
Expires: Thu, 22 Sep 2022 06:01:48 GMT
Date: Thu, 22 Sep 2022 02:08:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14013
Expires: Thu, 22 Sep 2022 06:01:48 GMT
Date: Thu, 22 Sep 2022 02:08:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14013
Expires: Thu, 22 Sep 2022 06:01:48 GMT
Date: Thu, 22 Sep 2022 02:08:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14013
Expires: Thu, 22 Sep 2022 06:01:48 GMT
Date: Thu, 22 Sep 2022 02:08:15 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 9da9b8f549922ae777d213117284eb9e
f1c07bd1ee42004286976887167c2e537bcae4b3
12d844e3d3cee00170a662003f6f34060a4c72d79cbbe55a823efc843c71a2a3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 02:08:15 GMT
Last-Modified: Thu, 22 Sep 2022 00:25:02 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PpgdLkuvlZl4OwWFz7vT961UyG1JNXQwN6qYs97AK0M5GXKUI-ytUg==
Age: 6193
www.ahsquotes.com/2021/4/img/topbg.jpg
54.166.191.140200 OK 406 kB URL HTTP/1.1 www.ahsquotes.com/2021/4/img/topbg.jpg
IP 54.166.191.140:0
File type JPEG image data, baseline, precision 8, 1511x564, components 3\012- data
Size 406 kB (406473 bytes)
Hash 43d2e6ceb8d1e3368007df607d97a6be
282c0a53cc074e44500bc9a2ad7839d12c962760
fcff4f19df42c081a289a61c183ef75a1adf5f403a28df44a4bf89ac2223547c
GET /2021/4/img/topbg.jpg HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/vendor/bootstrap/css/bootstrap.min.css?ver=1.2
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 02:08:15 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 17:01:57 GMT
ETag: "633c9-5e778568864ae"
Accept-Ranges: bytes
Content-Length: 406473
Content-Type: image/jpeg
X-NID: N1
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eYUP9NfAkmU4A-mZvysejq1228Qfb8vbfdXOaHQvr6mjXhnVoWdqJw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
age: 16446
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a504981ee10d8341b64f19001464ae8a
56f228d7358ba9deef000f53214dc7c1dc358109
0ea3b6ed12f3adf9d56e7d9b61f284d28107d99f28ee4e66b4c078a9a1a0cbee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8861
x-amzn-requestid: 873e88ab-7afc-4b14-b428-d90ec2079741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuE0AoAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-0d25ab397a16c78907914e23;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UStTyIXPucbY9WmDl3W5bTyeT-2SJ5CTUjv8TLeexqZtKd1p2sJrNA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 03:25:34 GMT
age: 81761
etag: "56f228d7358ba9deef000f53214dc7c1dc358109"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d546012-e1d1-4ccd-a38f-d808cdfe4af0.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d546012-e1d1-4ccd-a38f-d808cdfe4af0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06589b53db5d3d6307e15e354325e252
af20ced3f00015ad8ae837d7cf3f39b9f5f0f752
513daca9889934875f2c453aaed4ce1af32628550a4b2f2b8e69533cb09eda56
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d546012-e1d1-4ccd-a38f-d808cdfe4af0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5161
x-amzn-requestid: 9ba63285-4cef-4604-bd12-95a99463e087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0wHYXIAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-1380adf019b16d5a50475cdb;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: aRS8EmSflaJJjXsdsfTjeovOMrdDXbiDlGHsLNpkB4NGyLsvgfQq_w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "af20ced3f00015ad8ae837d7cf3f39b9f5f0f752"
content-type: image/jpeg
age: 16446
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4ee5bbd-73ba-4da9-bcfc-b6aa9ce9eb86.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4ee5bbd-73ba-4da9-bcfc-b6aa9ce9eb86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 069a8e60288777306e90e53763f87811
e5bb6dd623282f8db053604a852dda28e6f6de8f
48acd402e55b65f5bbde1bc7b13b604f07b58742712c3e50b07c5a57c6c109a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4ee5bbd-73ba-4da9-bcfc-b6aa9ce9eb86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10670
x-amzn-requestid: 5c5bf01a-3f05-4afe-9f13-61f7d4e0901c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GPFHSDoAMFXww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b83f9-11818e616f4e330e714fc44f;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:36:57 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KxP2AbGmfJBn-tJOQ5EE658LMbwd3euUkKqnJhbtJiFIlJgT6PJ9xw==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:48:19 GMT
age: 15596
etag: "e5bb6dd623282f8db053604a852dda28e6f6de8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb268d425-806d-4e8d-98c9-df2f896671ce.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb268d425-806d-4e8d-98c9-df2f896671ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75d3255c85ff0dd5971b92c1df0d855a
01c5bd6a99e818c5d8aa961977c62231cb6f6f94
276915e715a3b193815fb0ea4df9ec98ca3b12775e9b8eb91926389ed8d9cfad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb268d425-806d-4e8d-98c9-df2f896671ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 7cda9a9f-ad39-420f-bd5a-e2bd358ac6e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F5-FO-oAMFXAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8372-5e5c9cc35d3eb14505ee3e32;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e9CzllZTXdhUwcWuWZvWwJ6B6E5LGDrpDa19bUk3FzQCrsrOB8hJHA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:35:36 GMT
etag: "01c5bd6a99e818c5d8aa961977c62231cb6f6f94"
content-type: image/jpeg
age: 16359
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd80c0b0-1f50-41ad-b183-4804f10ef060.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd80c0b0-1f50-41ad-b183-4804f10ef060.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8bb6194dcfc32bf02932f4bbb1dcec0
8fa5650de8e274f8fc2fb96e13a4976e0fedb6c9
45d8af4c39b0bcacd2909b6deec2fc080a6a64936b53ebd7f6309381358bcaa9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd80c0b0-1f50-41ad-b183-4804f10ef060.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9877
x-amzn-requestid: 865f77de-c569-4938-9ae9-b79b11ae0804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vF4oIAMF19w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-5111662b354f54bf3c2b77c9;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: epvqhKGy2mzjb3OLTsFvb1ruOFQBr0q-YpQDJYXpFhHiNgj9m8kktQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:09 GMT
etag: "8fa5650de8e274f8fc2fb96e13a4976e0fedb6c9"
content-type: image/jpeg
age: 16446
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c3dc89ea2daeec65f3255371661f2b1b
42d925fc09fe78ce664ba07b49883f027a024c5b
055a012e5b0c2d2f0c633da56e79db5744a2aad1d43fd52237fac385128fc7df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4699
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:15 GMT
Last-Modified: Thu, 22 Sep 2022 00:49:56 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Ujw5sCrTXwo7oCkuW5b9TU65MlB2RGBpl58D/j9vPEhQmGaf4vMAF3MyS17sK/LUdc1SjYl7rhKQnavnaLg9cw==
content-length: 26839
x-fb-trip-id: 1679558926
date: Thu, 22 Sep 2022 02:08:15 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ahsquotes.com/favicon.ico
54.166.191.140404 Not Found 196 B URL HTTP/1.1 www.ahsquotes.com/favicon.ico
IP 54.166.191.140:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /favicon.ico HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/4/?adname=42447&s1=&r=377925950&utm_source=directagents&utm_medium=affiliate&utm_campaign=42447_
Cookie: PHPSESSID=n7ja3v490qlne810aqbvn3ahr0; invoca_session=%7B%22ttl%22%3A%222022-10-22T02%3A08%3A15.438Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 22 Sep 2022 02:08:15 GMT
Server: Apache
Content-Length: 196
Content-Type: text/html; charset=iso-8859-1
X-NID: N1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c3dc89ea2daeec65f3255371661f2b1b
42d925fc09fe78ce664ba07b49883f027a024c5b
055a012e5b0c2d2f0c633da56e79db5744a2aad1d43fd52237fac385128fc7df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4699
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:15 GMT
Last-Modified: Thu, 22 Sep 2022 00:49:56 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
www.youtube.com/iframe_api
216.58.207.206200 OK 959 B URL HTTP/2 www.youtube.com/iframe_api
IP 216.58.207.206:0
File type ASCII text, with very long lines (509)
Hash 7fc13bf00dbc407451ff61170a67969e
2cff6d6a33d3e110bb55ee568f629aac0842e773
eeaec8ac6ceb2edced07b349ebc9f773a299300c2bdd98fb3e9abf40e002d47c
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Thu, 22 Sep 2022 02:08:15 GMT
date: Thu, 22 Sep 2022 02:08:15 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=0UlTCumTRjI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=BqcnANWB_o8; Domain=.youtube.com; Expires=Tue, 21-Mar-2023 02:08:15 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+025; expires=Sat, 21-Sep-2024 02:08:15 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 50daee7e39a3aa826091106d9a3deec1
1067670e3f19496322a33ed73888fa1217123960
a435e6e561e39a9c29d90d5c7e4ec7c507609e57ed2e51d656112b2117cec1f7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 02:08:16 GMT
Last-Modified: Thu, 22 Sep 2022 01:49:34 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bRKxGspLMwts3tCe5dfuRKCMVpDVzBKoJjj5utWwTPHV33qmb9uZQA==
Age: 1122
pnapi.invoca.net/1748/na.jsonp?network_id=1748&js_version=4.27.0&tag_id=1748%2F0021512948&request_data_shared_params=%7B%22adname%22%3A%2242447%22%2C%22s1%22%3Anull%2C%22r%22%3A%22377925950%22%2C%22utm_source%22%3A%22directagents%22%2C%22utm_medium%22%3A%22affiliate%22%2C%22utm_campaign%22%3A%2242447_%22%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_%22%2C%22invoca_id%22%3A%22i-76525e2f-2264-4830-eac7-e737031ab6d0%22%7D&client_messages=%7B%22allDataReset%22%3Atrue%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr1&
54.84.178.23200 OK 98 B URL HTTP/1.1 pnapi.invoca.net/1748/na.jsonp?network_id=1748&js_version=4.27.0&tag_id=1748%2F0021512948&request_data_shared_params=%7B%22adname%22%3A%2242447%22%2C%22s1%22%3Anull%2C%22r%22%3A%22377925950%22%2C%22utm_source%22%3A%22directagents%22%2C%22utm_medium%22%3A%22affiliate%22%2C%22utm_campaign%22%3A%2242447_%22%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_%22%2C%22invoca_id%22%3A%22i-76525e2f-2264-4830-eac7-e737031ab6d0%22%7D&client_messages=%7B%22allDataReset%22%3Atrue%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr1&
IP 54.84.178.23:0
File type ASCII text, with no line terminators
Hash 755c39f3fa744b86c9b779cd1b052188
e2916736621878663ced08684e15953fefebcd44
a3cac4ebe75119a43092b28fcd7f8f0ee4ea861728eb6902eff30b804e637fdb
GET /1748/na.jsonp?network_id=1748&js_version=4.27.0&tag_id=1748%2F0021512948&request_data_shared_params=%7B%22adname%22%3A%2242447%22%2C%22s1%22%3Anull%2C%22r%22%3A%22377925950%22%2C%22utm_source%22%3A%22directagents%22%2C%22utm_medium%22%3A%22affiliate%22%2C%22utm_campaign%22%3A%2242447_%22%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_%22%2C%22invoca_id%22%3A%22i-76525e2f-2264-4830-eac7-e737031ab6d0%22%7D&client_messages=%7B%22allDataReset%22%3Atrue%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr1& HTTP/1.1
Host: pnapi.invoca.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Thu, 22 Sep 2022 02:08:16 GMT
processing_time: 5.19708ms
Server: Goliath
Content-Length: 98
Connection: keep-alive
www.facebook.com/tr/?id=2616452262016491&ev=CompleteRegistration&dl=https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_&rl=&if=false&ts=1663812496110&cd[currency]=USD&cd[value]=31&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663812496109.1029863701&it=1663812495638&coo=false&rqm=GET
157.240.200.35200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=2616452262016491&ev=CompleteRegistration&dl=https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_&rl=&if=false&ts=1663812496110&cd[currency]=USD&cd[value]=31&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663812496109.1029863701&it=1663812495638&coo=false&rqm=GET
IP 157.240.200.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=2616452262016491&ev=CompleteRegistration&dl=https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_&rl=&if=false&ts=1663812496110&cd[currency]=USD&cd[value]=31&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663812496109.1029863701&it=1663812495638&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Thu, 22 Sep 2022 02:08:16 GMT
expires: Thu, 22 Sep 2022 02:08:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seal-blue.bbb.org/legacy.min.css
82.102.27.18200 OK 878 B URL HTTP/2 seal-blue.bbb.org/legacy.min.css
IP 82.102.27.18:0
File type ASCII text, with very long lines (2987), with no line terminators
Hash b2fc7d626e2bbdb5022983561aa8c575
9298848dbaa20df92b37e3b35ae92a8e7582f41e
12316d068017adf25397b21e6697ac361a531da039456e4e1076a490bc83254c
GET /legacy.min.css HTTP/1.1
Host: seal-blue.bbb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 22 Sep 2022 02:08:16 GMT
content-type: text/css
content-length: 878
cache-control: max-age=14400
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 17:37:47 GMT
etag: "2f7b5ab460c8d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
expires: Thu, 22 Sep 2022 06:08:16 GMT
x-cache: HIT
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-1685974-4&cid=1538868122.1663812496&jid=1413006137&gjid=993511100&_gid=1942210759.1663812496&_u=YGBACEAABAAAAC~&z=1136268130
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-1685974-4&cid=1538868122.1663812496&jid=1413006137&gjid=993511100&_gid=1942210759.1663812496&_u=YGBACEAABAAAAC~&z=1136268130
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-1685974-4&cid=1538868122.1663812496&jid=1413006137&gjid=993511100&_gid=1942210759.1663812496&_u=YGBACEAABAAAAC~&z=1136268130 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.ahsquotes.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Sep 2022 02:08:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-1685974-35&cid=1538868122.1663812496&jid=1337913181&gjid=1689429734&_gid=1942210759.1663812496&_u=YGDACEABBAAAAC~&z=654926324
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-1685974-35&cid=1538868122.1663812496&jid=1337913181&gjid=1689429734&_gid=1942210759.1663812496&_u=YGDACEABBAAAAC~&z=654926324
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-1685974-35&cid=1538868122.1663812496&jid=1337913181&gjid=1689429734&_gid=1942210759.1663812496&_u=YGDACEABBAAAAC~&z=654926324 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.ahsquotes.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 22 Sep 2022 02:08:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.trustedform.com/certs
34.236.64.108201 Created 475 B URL HTTP/2 api.trustedform.com/certs
IP 34.236.64.108:0
File type JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Hash a044f86b587b815fe85ee8bc5b0a23f6
0e7ca650a12b8ea4ff2b9d344de4d66bfe4cad26
fa3d4f0c48a6dcf108df54397f257d993a499724578d256add2d33f6cf44a664
POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 673
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
date: Thu, 22 Sep 2022 02:08:16 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 41630fb2c7ef9e435a8762b0943e0980
04b6c8bfe97bc5408e1450b5921331c6ae6de682
e9e83895eef14a5a26e91c9574fc9f60eb2f47959406eabe87b4618412519476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 41630fb2c7ef9e435a8762b0943e0980
04b6c8bfe97bc5408e1450b5921331c6ae6de682
e9e83895eef14a5a26e91c9574fc9f60eb2f47959406eabe87b4618412519476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1685974-4&cid=1538868122.1663812496&jid=1413006137&_u=YGBACEAABAAAAC~&z=1764092931
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1685974-4&cid=1538868122.1663812496&jid=1413006137&_u=YGBACEAABAAAAC~&z=1764092931
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1685974-4&cid=1538868122.1663812496&jid=1413006137&_u=YGBACEAABAAAAC~&z=1764092931 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 02:08:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1685974-4&cid=1538868122.1663812496&jid=1413006137&_u=YGBACEAABAAAAC~&z=1764092931
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1685974-4&cid=1538868122.1663812496&jid=1413006137&_u=YGBACEAABAAAAC~&z=1764092931
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1685974-4&cid=1538868122.1663812496&jid=1413006137&_u=YGBACEAABAAAAC~&z=1764092931 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 02:08:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1685974-35&cid=1538868122.1663812496&jid=1337913181&_u=YGDACEABBAAAAC~&z=338230144
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1685974-35&cid=1538868122.1663812496&jid=1337913181&_u=YGDACEABBAAAAC~&z=338230144
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1685974-35&cid=1538868122.1663812496&jid=1337913181&_u=YGDACEABBAAAAC~&z=338230144 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 02:08:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1685974-35&cid=1538868122.1663812496&jid=1337913181&_u=YGDACEABBAAAAC~&z=338230144
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1685974-35&cid=1538868122.1663812496&jid=1337913181&_u=YGDACEABBAAAAC~&z=338230144
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1685974-35&cid=1538868122.1663812496&jid=1337913181&_u=YGDACEABBAAAAC~&z=338230144 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 02:08:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 02:08:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.trustedform.com/certs/062ed4c66fa3cee37e4b1c67d5a18516d3c07619/snapshot
34.236.64.108204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/062ed4c66fa3cee37e4b1c67d5a18516d3c07619/snapshot
IP 34.236.64.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/062ed4c66fa3cee37e4b1c67d5a18516d3c07619/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 13883
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 22 Sep 2022 02:08:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/062ed4c66fa3cee37e4b1c67d5a18516d3c07619/fingerprints
34.236.64.108204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/062ed4c66fa3cee37e4b1c67d5a18516d3c07619/fingerprints
IP 34.236.64.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/062ed4c66fa3cee37e4b1c67d5a18516d3c07619/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 348
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 22 Sep 2022 02:08:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/062ed4c66fa3cee37e4b1c67d5a18516d3c07619/events
34.236.64.108204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/062ed4c66fa3cee37e4b1c67d5a18516d3c07619/events
IP 34.236.64.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/062ed4c66fa3cee37e4b1c67d5a18516d3c07619/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 630
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 22 Sep 2022 02:08:18 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
pnapi.invoca.net/1748/na.jsonp?network_id=1748&js_version=4.27.0&tag_id=1748%2F0021512948&request_data_shared_params=%7B%22invoca_id%22%3A%22i-76525e2f-2264-4830-eac7-e737031ab6d0%22%2C%22utm_medium%22%3A%22affiliate%22%2C%22utm_source%22%3A%22directagents%22%2C%22brand%22%3Anull%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_%22%2C%22gclid%22%3Anull%2C%22invoca_campaign_name%22%3Anull%2C%22msclkid%22%3Anull%2C%22poid%22%3Anull%2C%22source%22%3Anull%2C%22us%22%3Anull%2C%22utm_campaign%22%3A%2242447_%22%2C%22utm_content%22%3Anull%2C%22vertical%22%3Anull%7D&client_messages=%7B%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr2&
54.84.178.23200 OK 98 B URL HTTP/1.1 pnapi.invoca.net/1748/na.jsonp?network_id=1748&js_version=4.27.0&tag_id=1748%2F0021512948&request_data_shared_params=%7B%22invoca_id%22%3A%22i-76525e2f-2264-4830-eac7-e737031ab6d0%22%2C%22utm_medium%22%3A%22affiliate%22%2C%22utm_source%22%3A%22directagents%22%2C%22brand%22%3Anull%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_%22%2C%22gclid%22%3Anull%2C%22invoca_campaign_name%22%3Anull%2C%22msclkid%22%3Anull%2C%22poid%22%3Anull%2C%22source%22%3Anull%2C%22us%22%3Anull%2C%22utm_campaign%22%3A%2242447_%22%2C%22utm_content%22%3Anull%2C%22vertical%22%3Anull%7D&client_messages=%7B%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr2&
IP 54.84.178.23:0
File type ASCII text, with no line terminators
Hash 30fed72be7c1ab685a126f16828bf413
ce35a3ba4fcabbfa151901d90abc9075aa4880b3
e20e23642ffa70a933d8278277713421985ac62fd254a104b41dc99b52c5ec68
GET /1748/na.jsonp?network_id=1748&js_version=4.27.0&tag_id=1748%2F0021512948&request_data_shared_params=%7B%22invoca_id%22%3A%22i-76525e2f-2264-4830-eac7-e737031ab6d0%22%2C%22utm_medium%22%3A%22affiliate%22%2C%22utm_source%22%3A%22directagents%22%2C%22brand%22%3Anull%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_%22%2C%22gclid%22%3Anull%2C%22invoca_campaign_name%22%3Anull%2C%22msclkid%22%3Anull%2C%22poid%22%3Anull%2C%22source%22%3Anull%2C%22us%22%3Anull%2C%22utm_campaign%22%3A%2242447_%22%2C%22utm_content%22%3Anull%2C%22vertical%22%3Anull%7D&client_messages=%7B%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F4%2F%3Fadname%3D42447%26s1%3D%26r%3D377925950%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D42447_%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr2& HTTP/1.1
Host: pnapi.invoca.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Thu, 22 Sep 2022 02:08:18 GMT
processing_time: 12.83241ms
Server: Goliath
Content-Length: 98
Connection: keep-alive
api.trustedform.com/certs/062ed4c66fa3cee37e4b1c67d5a18516d3c07619/events
34.236.64.108204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/062ed4c66fa3cee37e4b1c67d5a18516d3c07619/events
IP 34.236.64.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/062ed4c66fa3cee37e4b1c67d5a18516d3c07619/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 370
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 22 Sep 2022 02:08:19 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
solutions.invocacdn.com/js/networks/1748/0021512948/tag-live.js
54.230.111.110200 OK 0 B URL HTTP/2 solutions.invocacdn.com/js/networks/1748/0021512948/tag-live.js
IP 54.230.111.110:0
GET /js/networks/1748/0021512948/tag-live.js HTTP/1.1
Host: solutions.invocacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
x-amz-replication-status: COMPLETED
last-modified: Sat, 12 Feb 2022 22:30:33 GMT
x-amz-version-id: p99VIipZeZC_g6qzWmMi8XrKjkpPNP1h
server: AmazonS3
content-encoding: br
date: Thu, 22 Sep 2022 02:08:16 GMT
cache-control: max-age=300
etag: W/"f6953b33f603194c97e15fbba53dc699"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uXqjKdtSDvSaaWSYRA6mOL80nCVwPoeJ-ZeectMJs_9VXBBJ54Z0Ow==
X-Firefox-Spdy: h2
cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16638124947080.8872456303037575
54.230.111.91200 OK 0 B URL HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16638124947080.8872456303037575
IP 54.230.111.91:0
GET /bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16638124947080.8872456303037575 HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ahsquotes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 22 Sep 2022 02:08:16 GMT
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
x-amz-version-id: 9tpprjSXF1V1i663qaS1L8y.yb5CQ2dA
etag: W/"97d91c9803cec4e7981c0f415c2c1923"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ODd5_gt2oMES5kLGl9rmYYvh-g_8yh-nhL6WYtHXmFSwwxHi2Rvf5A==
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.27.js
54.230.111.91200 OK 0 B URL HTTP/2 cdn.trustedform.com/trustedform-1.8.27.js
IP 54.230.111.91:0
GET /trustedform-1.8.27.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
x-amz-version-id: 6olc5v40B1RpRJGb5GYISB93fSUp4tqK
server: AmazonS3
content-encoding: gzip
date: Thu, 22 Sep 2022 02:08:16 GMT
etag: W/"2f557edcc84fd346c897a4d565e57ac0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lIttoDCmmUEu8doadWTDQhwcB0OYQlj7yXi7zLfDrZPlIpyGOhBJQg==
age: 28
X-Firefox-Spdy: h2
solutions.invocacdn.com/js/invoca-latest.min.js
54.230.111.110200 OK 0 B URL HTTP/2 solutions.invocacdn.com/js/invoca-latest.min.js
IP 54.230.111.110:0
GET /js/invoca-latest.min.js HTTP/1.1
Host: solutions.invocacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Tue, 29 Mar 2022 21:07:42 GMT
x-amz-version-id: kkx8cmGgooMGeimwW4In93s6hIJC6Azb
server: AmazonS3
content-encoding: gzip
date: Thu, 22 Sep 2022 01:17:54 GMT
cache-control: max-age=3600
etag: W/"1f44d59b4ca2d82abb2911699e1698a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cPbJObj84Utlzztzx9eEfzkoOQ4FxRauhcEObekU-rNv-5C3IVAo2A==
age: 3088
X-Firefox-Spdy: h2