Overview

URL view.sparkbest.co/campaigns/gt838gog560a8/track-url/jj247cs68z727/d7c8bed4b758eadfadbef3d6f6c2e4e89419a4d6
IP65.21.197.40
ASNHetzner Online GmbH
Location Finland
Report completed2022-09-21 18:57:46 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-21 2 click.secretfindertoday.com/zippy Phishing
2022-09-21 2 click.secretfindertoday.com/1st Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (29)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-21 15:45:34 UTC 93.184.220.29
mnemonic passive DNS kit.fontawesome.com (1) 1868 2019-03-29 02:12:52 UTC 2022-09-21 04:47:39 UTC 104.18.22.52
mnemonic passive DNS click.socialuplifted.com (2) 0 2022-07-13 01:51:20 UTC 2022-09-21 15:10:56 UTC 144.208.71.125 Unknown ranking
mnemonic passive DNS www.perpetualincome365.online (5) 780006 2020-03-26 01:11:42 UTC 2022-09-21 17:09:06 UTC 69.16.238.22
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-09-21 04:18:19 UTC 69.16.175.10
mnemonic passive DNS fpma.s3.us-west-1.amazonaws.com (1) 0 2022-06-08 09:48:26 UTC 2022-09-21 17:09:07 UTC 3.5.161.105 Unknown ranking
mnemonic passive DNS ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-09-21 04:19:35 UTC 192.124.249.24
mnemonic passive DNS hop.clickbank.net (1) 71951 2012-06-25 22:50:52 UTC 2022-09-21 11:06:14 UTC 44.240.181.170
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-21 04:23:28 UTC 104.18.21.226
mnemonic passive DNS stats.vidalytics.com (4) 153185 2017-02-08 02:49:35 UTC 2022-09-21 15:36:50 UTC 107.178.211.97
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-21 04:20:37 UTC 34.117.237.239
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-21 04:18:17 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS d.adroll.com (1) 1530 2015-03-06 22:06:59 UTC 2022-09-21 13:32:09 UTC 63.33.188.239
mnemonic passive DNS analytics-ingress-global.bitmovin.com (6) 47119 2017-08-18 05:30:44 UTC 2022-09-21 12:39:08 UTC 35.190.27.197
mnemonic passive DNS view.sparkbest.co (1) 0 2022-08-29 23:05:08 UTC 2022-09-21 00:47:02 UTC 65.21.197.40 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-21 14:38:57 UTC 34.120.237.76
mnemonic passive DNS ocsp.sca1b.amazontrust.com (5) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.100
mnemonic passive DNS fast.vidalytics.com (4) 218005 2017-02-08 02:49:35 UTC 2022-09-21 16:02:25 UTC 151.139.128.11
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-21 04:18:22 UTC 23.36.77.32
mnemonic passive DNS ocsp.comodoca.com (2) 1696 2012-05-21 07:01:17 UTC 2022-09-21 08:05:18 UTC 172.64.155.188
mnemonic passive DNS s.adroll.com (2) 2553 2012-06-27 18:27:26 UTC 2022-09-21 08:34:00 UTC 143.204.55.75
mnemonic passive DNS click.secretfindertoday.com (2) 0 2022-07-08 23:06:34 UTC 2022-09-14 18:40:55 UTC 144.208.71.125 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-09-21 04:20:12 UTC 142.250.74.3
mnemonic passive DNS jsx.s3.us-west-2.amazonaws.com (1) 0 2022-06-08 09:48:25 UTC 2022-09-21 17:09:06 UTC 52.218.181.169 Unknown ranking
mnemonic passive DNS s3-us-west-2.amazonaws.com (1) 0 2017-01-30 05:21:28 UTC 2022-09-21 13:49:41 UTC 52.92.208.144 Unknown ranking
mnemonic passive DNS licensing.bitmovin.com (1) 19299 2017-01-30 06:23:56 UTC 2022-09-21 16:02:28 UTC 35.227.229.24
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-21 16:01:18 UTC 143.204.55.35
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-21 04:18:32 UTC 143.204.55.49
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-21 04:20:37 UTC 35.162.35.244


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 65.21.197.40

Date UQ / IDS / BL URL IP
2022-09-26 12:59:15 +0000
0 - 0 - 4 view.sparkbest.co/campaigns/cw473a7z4bdf5/tra (...) 65.21.197.40
2022-09-22 19:19:15 +0000
0 - 0 - 1 view.sparkbest.co/campaigns/cw473a7z4bdf5/tra (...) 65.21.197.40
2022-09-21 19:56:42 +0000
0 - 0 - 2 view.sparkbest.co/campaigns/gt838gog560a8/tra (...) 65.21.197.40
2022-09-21 18:57:46 +0000
0 - 0 - 2 view.sparkbest.co/campaigns/gt838gog560a8/tra (...) 65.21.197.40
2022-09-21 18:57:11 +0000
0 - 0 - 2 safe.secretfindertoday.com/campaigns/zl437rf8 (...) 65.21.197.40

Last 5 reports on ASN: Hetzner Online GmbH

Date UQ / IDS / BL URL IP
2022-11-27 15:09:53 +0000
0 - 0 - 1 levohistam.com/ 138.201.20.208
2022-11-27 15:06:13 +0000
0 - 0 - 22 d.trustedstream.life/play-music-video/ 116.202.184.109
2022-11-27 14:45:27 +0000
0 - 0 - 2 fdtinvestment.com/ 95.217.97.178
2022-11-27 14:45:10 +0000
0 - 0 - 1 95.217.31.208/773699134575.zip 95.217.31.208
2022-11-27 14:42:35 +0000
0 - 0 - 1 95.217.31.208/680327278186.zip 95.217.31.208

Last 5 reports on domain: sparkbest.co

Date UQ / IDS / BL URL IP
2022-10-27 20:37:25 +0000
0 - 0 - 1 view.sparkbest.co/campaigns/aw181qoezx0b4/tra (...) 65.108.14.84
2022-10-11 19:45:17 +0000
0 - 0 - 15 view.sparkbest.co/campaigns/ew289ypcbq21e/tra (...) 65.108.14.84
2022-10-10 21:01:07 +0000
0 - 0 - 15 view.sparkbest.co/campaigns/el687006zs353/tra (...) 65.108.14.84
2022-10-09 19:34:16 +0000
0 - 0 - 15 view.sparkbest.co/campaigns/zl437rf8ymc6f/tra (...) 65.108.14.84
2022-10-09 06:26:53 +0000
0 - 0 - 1 view.sparkbest.co/campaigns/gz628qvm6l6c0/tra (...) 65.108.14.84

Last 4 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-15 09:29:18 +0000
0 - 0 - 1 view.mailswift.co/campaigns/cm286qs4h1087/tra (...) 65.21.197.40
2022-09-14 07:49:00 +0000
0 - 0 - 1 view.mailswift.co/campaigns/qy0872294j2bf/tra (...) 65.21.197.40
2022-09-07 03:28:16 +0000
0 - 0 - 1 view.mailswift.co/campaigns/ja431b6kfa246/tra (...) 65.21.197.40
2022-09-14 18:41:05 +0000
0 - 0 - 3 view.sparkbest.co/campaigns/gt838gog560a8/tra (...) 65.21.197.40


JavaScript

Executed Scripts (78)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (71)


Request Response
                                        
                                            GET /campaigns/gt838gog560a8/track-url/jj247cs68z727/d7c8bed4b758eadfadbef3d6f6c2e4e89419a4d6 HTTP/1.1 
Host: view.sparkbest.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         65.21.197.40
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 21 Sep 2022 18:57:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Last-Modified: Wed, 21 Sep 2022 18:57:35 GMT
Location: https://click.secretfindertoday.com/zippy

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 18:13:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -VB_VOlaBN1RJUTluqy9SBJF3NbZ2DPstjbE0Yji6nhAfBuN8scXaA==
Age: 2636


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3731
Expires: Wed, 21 Sep 2022 19:59:46 GMT
Date: Wed, 21 Sep 2022 18:57:35 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LiVVqoCfQj_PcjG6RGB4vp61YnSojlSjVVopqNJMNxl54mwKkGhBBA==
age: 51742
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 21 Sep 2022 18:57:35 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 18:03:22 GMT
Expires: Wed, 21 Sep 2022 18:51:36 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iGZaGz9z2C-8K04VVCBmbpJFyMeGDyiFCOxZ0UOHRAq2RYxFwhSmuA==
Age: 3253


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 602
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 18:57:35 GMT
Last-Modified: Wed, 21 Sep 2022 18:47:33 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qfnwFEuUUsnse8rOQQTr1A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.162.35.244
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7cM5TCmBURMrG5SHi6HxQvjrROg=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 18:57:36 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 21 Sep 2022 13:54:35 GMT
Expires: Wed, 28 Sep 2022 13:54:34 GMT
Etag: "adecac351589454738ca2eb7c1a466af0d0113e9"
Cache-Control: max-age=586017,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e507065d881c06-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7388
Expires: Wed, 21 Sep 2022 21:00:45 GMT
Date: Wed, 21 Sep 2022 18:57:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7388
Expires: Wed, 21 Sep 2022 21:00:45 GMT
Date: Wed, 21 Sep 2022 18:57:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7388
Expires: Wed, 21 Sep 2022 21:00:45 GMT
Date: Wed, 21 Sep 2022 18:57:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7388
Expires: Wed, 21 Sep 2022 21:00:45 GMT
Date: Wed, 21 Sep 2022 18:57:37 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e3MMA-NVstIsR7M9_JGH05i1e8pK17RsjyERrSMlC3uoHsWw_7ABtA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 19:18:32 GMT
age: 85145
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10244
Md5:    14e6ddceb639a5f4875aecb796f95c79
Sha1:   b1cd04a66852694284eeef16a1cde38896e33c03
Sha256: 4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nSWUmBqJPIBYNoLtyrfAN7CK4367b6TEku9eki8BGJVdTWW3dSyckw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 06:45:55 GMT
age: 43902
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12654
Md5:    f7b780d39877eea116277625aaa01f1b
Sha1:   d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
Sha256: ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12048
x-amzn-requestid: 59e98571-f927-44b3-b088-29ec1e4cc3bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYxD-FnIIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202ee6-14e47d9a3ae47d0f607033a8;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:19:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 55e0txtcytlUpcNWSLrHWN3FC1t4dMHGTrHGhNV7YFIhOz6c45UcCQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 12:43:54 GMT
age: 22423
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12048
Md5:    c2db94039cb675cb250519fe57b2b3c9
Sha1:   37222a70df5d9a69073b4b32ebc3a5da60006001
Sha256: 444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
age: 74560
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9201
Md5:    a692964324dbb9c460a1b855808d02e6
Sha1:   1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
Sha256: 3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:07:08 GMT
age: 75029
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11832
Md5:    2ed7323b395e757f7766ea0045efdaca
Sha1:   8b91bc3069a3217bc719c27959d578b353b5d9dc
Sha256: 8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NzOpixfxr2pFiDhF5WUGmjD8r2CTn1grSkCEyWvthxRq0djbDKjknA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:15:05 GMT
age: 74552
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10038
Md5:    dab1f2cd68979d2004ba4449d759a341
Sha1:   54ed14436a75ba2aeb8459bad2ce70229aff4203
Sha256: e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
                                        
                                            GET /zippy HTTP/1.1 
Host: click.secretfindertoday.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         144.208.71.125
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.21.6
date: Wed, 21 Sep 2022 18:57:37 GMT
content-length: 0
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_12=zippy; expires=Fri, 21-Oct-2022 18:57:37 GMT; Max-Age=2592000; path=/ prli_visitor=632b5ea17639a; expires=Thu, 21-Sep-2023 18:57:37 GMT; Max-Age=31536000; path=/
location: https://click.secretfindertoday.com/1st
x-proxy-cache: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /1st HTTP/1.1 
Host: click.secretfindertoday.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: prli_click_12=zippy; prli_visitor=632b5ea17639a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         144.208.71.125
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.21.6
date: Wed, 21 Sep 2022 18:57:37 GMT
content-length: 0
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_6=1st; expires=Fri, 21-Oct-2022 18:57:37 GMT; Max-Age=2592000; path=/
location: https://click.socialuplifted.com/go/best
x-proxy-cache: MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 18:57:38 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 20:22:05 GMT
Expires: Tue, 27 Sep 2022 20:22:04 GMT
Etag: "549b7e6afd57065c6c6aed42975099d6dea02643"
Cache-Control: max-age=574309,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 35
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e50717ddf31c06-OSL

                                        
                                            GET /go/best HTTP/1.1 
Host: click.socialuplifted.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: prli_visitor=632b4530e8a81; prli_click_40=go%2FIncome365
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         144.208.71.125
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.21.6
date: Wed, 21 Sep 2022 18:57:38 GMT
content-length: 0
x-robots-tag: noindex, nofollow, sponsored
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.4 http://prettylink.com
x-redirect-by: WordPress
set-cookie: prli_click_50=go%2Fbest; expires=Fri, 21-Oct-2022 18:57:38 GMT; Max-Age=2592000; path=/
location: https://click.socialuplifted.com/go/Income365
x-proxy-cache: MISS
X-Firefox-Spdy: h2

                                        
                                            GET /go/Income365 HTTP/1.1 
Host: click.socialuplifted.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: prli_click_50=go%2Fbest; prli_visitor=632b4530e8a81; prli_click_40=go%2FIncome365
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         144.208.71.125
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.21.6
date: Wed, 21 Sep 2022 18:57:39 GMT
content-length: 0
x-robots-tag: noindex, nofollow, sponsored
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.4 http://prettylink.com
x-redirect-by: WordPress
location: https://hop.clickbank.net/?affiliate=73787&vendor=perpincome&cbpage=recession
x-proxy-cache: MISS
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 18:57:40 GMT
Last-Modified: Wed, 21 Sep 2022 18:36:15 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FPKKeMVyOy24wYjQnh5Yt6en3c3EHRAVQdKnQYtrw_g7gvfhhEKwuw==
Age: 1285

                                        
                                            GET /?affiliate=73787&vendor=perpincome&cbpage=recession HTTP/1.1 
Host: hop.clickbank.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: q=01.307FB3D8F0F4B1231C3A000EFDF174E8FDFE54CBA0A853BC3A94B1B96B40D0D0195E79F553F6EAD80E24860938204CF1F5A1C2EF; p=3xNDhBfpkfqVGUtWNMDYfmVVpK9wV5VWAcEPehAl3D5rn7aNMUMglxncEbl1wU6OJqO7FSjYBDaZH97o8NUDbvhxLkutxUusRV2iCFisoel-UACC3XMRSDx_30btN43Z9r4UFaZSLGp2umHbDQ9ggJ8eNRNoO3S8mFixBA9N17aiXT7Gej2FmI30ImuBMT2iqObS8OVDrEzylRlMPT7K2OY6wdg%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         44.240.181.170
HTTP/2 307 Temporary Redirect
                                        
date: Wed, 21 Sep 2022 18:57:40 GMT
content-length: 0
location: https://www.perpetualincome365.online/vsl2/3.1/pi-365-lander-vsl-1.php?hop=73787
set-cookie: p=dn1vpwlUgf8E6Jf80N0CzCuj9xI2csq-OMeUMRaUBkCwZJ7la9n42AyUUVY7iwwLiAGYOlpp2XWTheGzYBVJ2px8owf2OI1h8dohaldB_JpsUIMjQG12sTwdw6SzsvZViV04leIubgMV6IzjtKo4uSE7AmX0DlDNCnM2Lihf1GcpY_uHURSs-myOIL1nodfxocLBrzq_I9Zf9fQbyz5OCNmBeIg%3D; Path=/; Domain=.clickbank.net; Max-Age=15552000; Expires=Mon, 20 Mar 2023 18:57:40 GMT
server-timing: traceparent;desc="00-e64707321b266cdf8e4483c2314a30ca-55917121a92d0f83-01"
access-control-expose-headers: Server-Timing
X-Firefox-Spdy: h2

                                        
                                            GET /vsl2/3.1/pi-365-lander-vsl-1.php?hop=73787 HTTP/1.1 
Host: www.perpetualincome365.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _gcl_au=1.1.136622688.1663780147; bitmovin_analytics_uuid=9a8f4981-45d8-465b-8390-dc5eeb739dc7; _fbp=fb.1.1663780149407.2139307522; alo_uid=559b4f58-2f63-47d5-b15e-1e4876cf45a4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         69.16.238.22
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
cache-control: max-age=600
expires: Wed, 21 Sep 2022 19:07:40 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-length: 7189
date: Wed, 21 Sep 2022 18:57:40 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1004), with CRLF line terminators
Size:   7189
Md5:    2725516cdce6eacf57edee430197d705
Sha1:   0ec8d3a9b31f03bb495bc9d94da772c6a7f4ce76
Sha256: e468d491d193d13229429fd24a06db36b30d45e53541dbd927cf9c90528735a8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2462
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 18:57:41 GMT
Last-Modified: Wed, 21 Sep 2022 18:16:39 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 18:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 18:57:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 18:57:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "E412FEB8820288A1FFFC268C69AE856B19681F91"
Expires: Thu, 22 Sep 2022 06:00:00 GMT
Last-Modified: Wed, 21 Sep 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 724
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e50727c84b1bfa-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    067644b3ca85866c61e3b43503da6b82
Sha1:   d730fb71bd8804ad85cc56f3c2087fc9888675f1
Sha256: 83ecf3520000e30a16ad04fb8a02a3b759a85f0264f16b9127d47442dea6ffee
                                        
                                            GET /jquery-3.5.1.slim.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 21 Sep 2022 18:57:41 GMT
content-encoding: gzip
content-length: 24606
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-11abc"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663786661.dop229.sk1.t,1663786661.cds242.sk1.hn,1663786661.cds202.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65245)
Size:   24606
Md5:    63f8c134408852106835db2f928cf0e0
Sha1:   7ca0035d2a05154f1f93e19793b2298973cc8733
Sha256: 2555d061e6c2337cc0b62e309c8d0464e8f88d6a44dab74246c37cd0154d73a5
                                        
                                            GET /shawn/images/arrow-orange.png HTTP/1.1 
Host: www.perpetualincome365.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.perpetualincome365.online/vsl2/3.1/pi-365-lander-vsl-1.php?hop=73787
Cookie: _gcl_au=1.1.136622688.1663780147; bitmovin_analytics_uuid=9a8f4981-45d8-465b-8390-dc5eeb739dc7; _fbp=fb.1.1663780149407.2139307522; alo_uid=559b4f58-2f63-47d5-b15e-1e4876cf45a4; _geuid=311a7e5c-658b-4a9e-a9cb-bd8a7cea9e6e; _geps=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         69.16.238.22
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Thu, 03 Dec 2020 02:42:31 GMT
accept-ranges: bytes
content-length: 21450
cache-control: max-age=2592000
expires: Fri, 21 Oct 2022 18:57:41 GMT
x-frame-options: SAMEORIGIN
date: Wed, 21 Sep 2022 18:57:41 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1468x313, components 3\012- data
Size:   21450
Md5:    c8c43237d19f6a530927a5c248a979f2
Sha1:   961b0a4742aa1e1db31dfe78b6a2929896bdefed
Sha256: fb1b79f642ec85353ce75fc25d8006e75bcb889875d10402c0e8357a85c563da
                                        
                                            GET /shawn/images/logoBlack.png HTTP/1.1 
Host: www.perpetualincome365.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.perpetualincome365.online/vsl2/3.1/pi-365-lander-vsl-1.php?hop=73787
Cookie: _gcl_au=1.1.136622688.1663780147; bitmovin_analytics_uuid=9a8f4981-45d8-465b-8390-dc5eeb739dc7; _fbp=fb.1.1663780149407.2139307522; alo_uid=559b4f58-2f63-47d5-b15e-1e4876cf45a4; _geuid=311a7e5c-658b-4a9e-a9cb-bd8a7cea9e6e; _geps=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         69.16.238.22
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Thu, 03 Dec 2020 02:52:32 GMT
accept-ranges: bytes
content-length: 115334
cache-control: max-age=2592000
expires: Fri, 21 Oct 2022 18:57:41 GMT
x-frame-options: SAMEORIGIN
date: Wed, 21 Sep 2022 18:57:41 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1253 x 268, 8-bit/color RGB, non-interlaced\012- data
Size:   115334
Md5:    a05f99a523342ba8979ee45bf7e98041
Sha1:   a5e9b0e1ef5c31f2958508cc67ebddd129451bc4
Sha256: 9e2c073d21c10f1db1554c0f2b0a501e522d2a05b4665ed7b6989e91c5f89994
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 18:57:41 GMT
Last-Modified: Wed, 21 Sep 2022 17:34:12 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wHfBI-3Enb42TiNflQIQaKVZeSaCFl73CMr1FOzhonV5UpbHatHa7g==
Age: 5009

                                        
                                            GET /mana.js HTTP/1.1 
Host: jsx.s3.us-west-2.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.218.181.169
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: ao4cyQIwazGwkdyBHiJ/FX7yIHoiNQiY9YjtC3R0BHNAjXpAdUxsj45z5vHH4CnBK2iCBEvXxAI=
x-amz-request-id: P0H1W1AMFRJBMVMW
Date: Wed, 21 Sep 2022 18:57:42 GMT
Last-Modified: Sat, 27 Aug 2022 17:49:54 GMT
ETag: "18dff919b605dbb7c60d917dd5fa80ad"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 27414


--- Additional Info ---
Magic:  ASCII text, with very long lines (27414), with no line terminators
Size:   27414
Md5:    18dff919b605dbb7c60d917dd5fa80ad
Sha1:   e0951167730fe8ac00461bc13c8d3301f926e3e3
Sha256: 3631a281766fafd605d5203892b2205183e5908aa9f26f7ce2f06b30debc2c30
                                        
                                            GET /jsstore/a/G5QHXYJ/ge.js HTTP/1.1 
Host: s3-us-west-2.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.92.208.144
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: gpd/ICtTLKYUA4k4Cbr2oCbYVorQ/5m0sBjyNdeC5oMdfiBxeg1k/Dy2U2aAvJxr+JMqNS10Oi4=
x-amz-request-id: P0H70WWFBYVCWQES
Date: Wed, 21 Sep 2022 18:57:42 GMT
Last-Modified: Mon, 16 May 2022 05:43:40 GMT
ETag: "9718c66928862f1837641fbb83beed55"
Cache-Control: max-age=2592000
Expires: Wed, 15 Jun 2022 05:43:39 GMT
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 28603


--- Additional Info ---
Magic:  ASCII text, with very long lines (28603), with no line terminators
Size:   28603
Md5:    9718c66928862f1837641fbb83beed55
Sha1:   610fe5c56d3508acf7773886269cb5ae8fc89aeb
Sha256: 2478d4342bcbbb3d77f8e8692c3c77ac83bdb6f8ab20670d0d9c4a55a767037c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 18:57:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   13365
Md5:    dd019aed844ec3a75959cfcf84d0e29b
Sha1:   24f405a82278c3a4e8572e686d510c3b3cd9623c
Sha256: 76cd41f51195d974b150a372f10cccc412c71a6113fb42a7f63190a99fc115b7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 18:57:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:13:12 GMT
expires: Tue, 19 Sep 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 164670
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Size:   46524
Md5:    c1fd378f54921c75e4ae1821e7b8fff6
Sha1:   2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
Sha256: 405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
                                        
                                            GET /shawn/images/main-bg.jpg HTTP/1.1 
Host: www.perpetualincome365.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.perpetualincome365.online/vsl2/3.1/pi-365-lander-vsl-1.php?hop=73787
Cookie: _gcl_au=1.1.136622688.1663780147; bitmovin_analytics_uuid=9a8f4981-45d8-465b-8390-dc5eeb739dc7; _fbp=fb.1.1663780149407.2139307522; alo_uid=559b4f58-2f63-47d5-b15e-1e4876cf45a4; _geuid=311a7e5c-658b-4a9e-a9cb-bd8a7cea9e6e; _geps=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         69.16.238.22
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Thu, 03 Dec 2020 02:42:26 GMT
accept-ranges: bytes
content-length: 14785
cache-control: max-age=2592000
expires: Fri, 21 Oct 2022 18:57:42 GMT
x-frame-options: SAMEORIGIN
date: Wed, 21 Sep 2022 18:57:42 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1012x675, components 3\012- data
Size:   14785
Md5:    2666bcf1290d37bd68aeaac636743c6a
Sha1:   4a60b99d50e70b81eb78e16379f49b0ac5abfb5e
Sha256: 645de372c465c1281c7b484070ba3e8a1de08539955b2c35c845521a584445cc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 18:57:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /j/4RT76HY4CVCEVPHEANWH4P/roundtrip.js HTTP/1.1 
Host: s.adroll.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.75
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 06:13:14 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: jqNomNLYPwomeZ1wB2H13m0LnUN0Z4Pf
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 21 Sep 2022 18:31:03 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"4f2c69dbf8fab6ac37e41428c638338c"
Vary: Accept-Encoding
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
Age: 2754
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JJQZV0-mdrn_diCbTulsyuKuwIeFRrsWdMvxJSWztMYC_pAYSl1ktQ==


--- Additional Info ---
Magic:  ASCII text, with very long lines (5636)
Size:   19598
Md5:    87382816ec29d98b02369d82e5cf5a8e
Sha1:   40405e43ff35460563091626116056e180de980c
Sha256: 32635491a5468b46cd5e64b40f0bf948d94f6c4cdced1b946c7e9ffc7d88dd24
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4114
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 18:57:42 GMT
Last-Modified: Wed, 21 Sep 2022 17:49:08 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 18:57:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 18:57:42 GMT
Last-Modified: Wed, 21 Sep 2022 17:13:32 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gPuHieiYDymFr7XG07fETkHHPekrVFYtvxB-dhkGZYm8Y3s_QSUm4w==
Age: 6250

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.perpetualincome365.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.perpetualincome365.online/vsl2/3.1/pi-365-lander-vsl-1.php?hop=73787
Cookie: _gcl_au=1.1.136622688.1663780147; bitmovin_analytics_uuid=9a8f4981-45d8-465b-8390-dc5eeb739dc7; _fbp=fb.1.1663780149407.2139307522; alo_uid=559b4f58-2f63-47d5-b15e-1e4876cf45a4; _geuid=311a7e5c-658b-4a9e-a9cb-bd8a7cea9e6e; _geps=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         69.16.238.22
HTTP/2 200 OK
content-type: image/x-icon
                                        
last-modified: Sun, 31 May 2020 12:03:59 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Fri, 21 Oct 2022 18:57:42 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: SAMEORIGIN
content-length: 1957
date: Wed, 21 Sep 2022 18:57:42 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   1957
Md5:    ad1d40d0b4c4cca8c5eabedf375988d8
Sha1:   e35de842c30c8509c4303d6f298f86b009ca9949
Sha256: ad277d136bb38abf79333a44a70ab49e058da06f9d7afec7137481bac6799404
                                        
                                            GET /embeds/J7dz9Rwj/nGX4eFflbk2feN2x/loader.min.js HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 21 Sep 2022 18:57:42 GMT
expires: Fri, 21 Oct 2022 18:57:42 GMT
content-encoding: gzip
content-length: 9740
x-guploader-uploadid: ADPycdsog8SJPgJdSb8EzXjkfQr4U9jJSdkSQpAapirP15VxazkpXzwQbY4R2tH3ca6cgDr7m42_UetuADVDg5DA4h78ale2Ilvt
cache-control: public, max-age=300, s-maxage=2592000
etag: "4531414b85a3c054437c2c3d1d2d5f5d"
x-goog-generation: 1660848898498477
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 9740
x-goog-hash: crc32c=UGf3Sg==, md5=RTFBS4WjwFRDfCw9HS1fXQ==
x-goog-storage-class: MULTI_REGIONAL
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified: Thu, 18 Aug 2022 18:54:58 GMT
x-cdn-info: loader
x-cdn: 4
x-hw: 1663786662.cds018.sk1.hn,1663786662.cds245.sk1.sc,1663786662.cds245.sk1.p
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40367), with no line terminators
Size:   9740
Md5:    4531414b85a3c054437c2c3d1d2d5f5d
Sha1:   224749701b80d2cc47a0c48d77b20f24f8500935
Sha256: fe0ce1e65c04eec591ca94f13b56fdd8d975c1a356e62461cec1c0091999bdf4
                                        
                                            GET /embeds/J7dz9Rwj/nGX4eFflbk2feN2x/player-dash-mse.min.js HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 21 Sep 2022 18:57:42 GMT
content-encoding: gzip
content-length: 493994
last-modified: Thu, 18 Aug 2022 18:54:59 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycduI2G70eole_-DWhXaOrsXsaF1pQGXNHsxAg_6yxCQM00OCJ7N9XgxxZz74xkOc_vH3sVRzCag823STJz0iTwsy2w
cache-control: public, max-age=300, s-maxage=2592000
etag: "081b1ae23de316d446d146f270fb4008"
x-goog-generation: 1660848899193822
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 493994
x-goog-hash: crc32c=1Xwjmg==, md5=CBsa4j3jFtRG0UbycPtACA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1663786662.cds065.sk1.hn,1663786662.cds229.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65399)
Size:   493994
Md5:    081b1ae23de316d446d146f270fb4008
Sha1:   78e917e20e5f01ec20219b77cace7d438707cb94
Sha256: 3fc222ece209aebb79544e13c69a78baf4e9be286ffbc6b08b260f98987e8e32
                                        
                                            GET /j/exp/4RT76HY4CVCEVPHEANWH4P/index.js HTTP/1.1 
Host: s.adroll.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.75
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
                                        
Content-Length: 0
Connection: keep-alive
Date: Wed, 21 Sep 2022 17:41:59 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
Age: 4543
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lG8OFbwg0oAwBxv7bjIk6bgu0ntlEfMycq4m_vtxfH2ciIgC40-h7Q==

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 21 Sep 2022 18:57:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /fp.js HTTP/1.1 
Host: fpma.s3.us-west-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://jsx.s3.us-west-2.amazonaws.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         3.5.161.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: R+4/PN/ZWyOgI8zYPAcvdAlgq7L8xMxawO5JOPYOP8ZD+eiI2ONCtTMBW+NWxWumnrd3pN8gYZApcfs6sTEA2g==
x-amz-request-id: 8TNS2K4D1JGCJH00
Date: Wed, 21 Sep 2022 18:57:43 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Mon, 09 May 2022 06:21:49 GMT
ETag: "51f4d5b7b103dadbd67d1d1b7f8a44a7"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 31628


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (31287), with CRLF line terminators
Size:   31628
Md5:    51f4d5b7b103dadbd67d1d1b7f8a44a7
Sha1:   92cf9b52e768b0b40f64498da1b872c0d8ba7a2c
Sha256: 3c92367442e9e00a223316b0411868fb6fa3e83b21736d79e9d57f0c6b56005b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 18:57:42 GMT
Last-Modified: Wed, 21 Sep 2022 17:38:49 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h6UcQfmQT5TjeMZ6yov7q0twpQFFciOlgbWbzsFCIqhWe_yUec2rAw==
Age: 4734

                                        
                                            GET /consent/check/4RT76HY4CVCEVPHEANWH4P?arrfrr=https%3A%2F%2Fwww.perpetualincome365.online%2Fvsl2%2F3.1%2Fpi-365-lander-vsl-1.php%3Fhop%3D73787&_s=90a04b3210c4907ce9996e2179b526ce&_b=2 HTTP/1.1 
Host: d.adroll.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         63.33.188.239
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 21 Sep 2022 18:57:42 GMT
content-length: 447
server: nginx/1.20.0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (447), with no line terminators
Size:   447
Md5:    cfa2be5a3b23f0105dab13f4f6d195b9
Sha1:   a881c8993918dd9a566fe0da644ff1b604e0dc20
Sha256: 82343fb2bb584bd647b7771de4ab18aef7a6684c21583871eb21bdb577704f5b
                                        
                                            GET /video/J7dz9Rwj/El8i3S1o2ePckyld/img/thumbnail/2-625fac908add6.png HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: image/png
                                        
date: Wed, 21 Sep 2022 18:57:43 GMT
content-length: 322978
last-modified: Wed, 20 Apr 2022 06:47:44 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycds9Og4rpMZCHNZSF3WtEDmljnonupmqQndJ6vq_DFid5hJzXjEoluqf6aWAk36bMpkHaYEFf9T2_MmHvJnBZcJc4RltocNz
x-goog-generation: 1650437264779768
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 322978
x-goog-hash: crc32c=R4PCKw==, md5=oLSM61tfoJysdOC1kC5RyA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=31104000
etag: "a0b48ceb5b5fa09cac74e0b5902e51c8"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1663786663.cds018.sk1.hn,1663786663.cds260.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1280 x 720, 8-bit/color RGB, non-interlaced\012- data
Size:   322978
Md5:    a0b48ceb5b5fa09cac74e0b5902e51c8
Sha1:   2bb661f248051f6f599a44ec495a514757313834
Sha256: b059e0809704ffa7609a45e6afd64c8ef2f85cba55053dc6f826a6742a0f9488
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 21 Sep 2022 18:57:43 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 20 Sep 2022 21:16:20 GMT
Expires: Wed, 21 Sep 2022 21:16:20 GMT
ETag: "40f815b91dcd2e3cd3006ab18c02425a5f494e50"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    576bd1c75d079ca60769620cb46e4290
Sha1:   40f815b91dcd2e3cd3006ab18c02425a5f494e50
Sha256: 77d50f01b3c833cfa193a43a08d76b7518d77cb6e969b3a21c28ef4af81c196b
                                        
                                            GET /video/J7dz9Rwj/El8i3S1o2ePckyld/63202/54031/stream.mpd HTTP/1.1 
Host: fast.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.139.128.11
HTTP/2 200 OK
content-type: application/dash+xml
                                        
date: Wed, 21 Sep 2022 18:57:43 GMT
content-length: 2621
last-modified: Mon, 18 Apr 2022 10:17:15 GMT
accept-ranges: bytes
x-guploader-uploadid: ADPycdsEH8d4dnXh2IKty7DDOXZgVWqmCnEPbHP7JaMJRYMXxhBJIw0oGGIeKc0Z_gqvnHyXppGkjuE0R5lKuAwavp3fFg
cache-control: public, max-age=31104000
etag: "78c106151e417acbd85f0e10bd393cf3"
x-goog-generation: 1650277034969267
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2621
x-goog-hash: crc32c=ELKSDw==, md5=eMEGFR5BesvYXw4QvTk88w==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-hw: 1663786663.cds065.sk1.hn,1663786663.cds247.sk1.c
x-cdn: 4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text
Size:   2621
Md5:    78c106151e417acbd85f0e10bd393cf3
Sha1:   d1ee321dfdf306d2d8cca1cb086fe1358d6afe85
Sha256: bc3e4b2df1ac3c27643f07a199e1e6aa946c1fb43246ea6d363e7915e7b8e19f
                                        
                                            POST /licensing HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 116
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.190.27.197
HTTP/2 200 OK
content-type: application/json
                                        
server: v1.53.1
date: Wed, 21 Sep 2022 18:57:42 GMT
content-length: 117
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   117
Md5:    f90d2c53623621471228392bf3047e2a
Sha1:   b9f0bb5e8fd5fd97cb47a25edb9b6950ad51627e
Sha256: 5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
                                        
                                            POST /licensing HTTP/1.1 
Host: licensing.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 160
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.227.229.24
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
date: Wed, 21 Sep 2022 18:57:43 GMT
content-length: 165
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   165
Md5:    bad32d07dc1ad9e3d334785067afbf34
Sha1:   653f8f612c6646daae0122b3b27e2c11486f86a4
Sha256: 41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Wed, 21 Sep 2022 18:57:43 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 20 Sep 2022 21:16:20 GMT
Expires: Wed, 21 Sep 2022 21:16:20 GMT
ETag: "40f815b91dcd2e3cd3006ab18c02425a5f494e50"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   87750
Md5:    500d132ccbbebeff19c778518aedcee5
Sha1:   644926a323cf3aed9545036a636e3224daa48bc9
Sha256: b5e0a61eecef8646289de48514cac5e84c84532b1fb24dfd3119edd8567229e7
                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1278
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.1
date: Wed, 21 Sep 2022 18:57:43 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1823
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.1
date: Wed, 21 Sep 2022 18:57:42 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1812
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.1
date: Wed, 21 Sep 2022 18:57:42 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics/error HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 532
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.1
date: Wed, 21 Sep 2022 18:57:42 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /analytics/error HTTP/1.1 
Host: analytics-ingress-global.bitmovin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 521
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         35.190.27.197
HTTP/2 204 No Content
content-type: application/json
                                        
server: v1.53.1
date: Wed, 21 Sep 2022 18:57:42 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

                                        
                                            POST /scribe HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 386
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         107.178.211.97
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-methods: POST,OPTIONS
date: Wed, 21 Sep 2022 18:57:43 GMT
content-length: 16
x-envoy-upstream-service-time: 0
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   16
Md5:    a1cbd35d4488ac8cc6f959d4c633dc37
Sha1:   11844023759429ec785ae1c18e6a9c69803ee2bd
Sha256: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
                                        
                                            POST /scribe HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 519
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.178.211.97
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-methods: POST,OPTIONS
date: Wed, 21 Sep 2022 18:57:43 GMT
content-length: 16
x-envoy-upstream-service-time: 0
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   16
Md5:    a1cbd35d4488ac8cc6f959d4c633dc37
Sha1:   11844023759429ec785ae1c18e6a9c69803ee2bd
Sha256: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
                                        
                                            POST /scribe HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 519
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.178.211.97
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-methods: POST,OPTIONS
date: Wed, 21 Sep 2022 18:57:43 GMT
content-length: 16
x-envoy-upstream-service-time: 0
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   16
Md5:    a1cbd35d4488ac8cc6f959d4c633dc37
Sha1:   11844023759429ec785ae1c18e6a9c69803ee2bd
Sha256: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 18:57:43 GMT
Last-Modified: Wed, 21 Sep 2022 18:30:03 GMT
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4IJEULuui0qAgO64c_-l8g-rGWMWsjqheUIUdj_KWSesytfQ6oIRrg==
Age: 1660

                                        
                                            POST /scribe HTTP/1.1 
Host: stats.vidalytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 502
Origin: https://www.perpetualincome365.online
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         107.178.211.97
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-methods: POST,OPTIONS
date: Wed, 21 Sep 2022 18:57:44 GMT
content-length: 16
x-envoy-upstream-service-time: 0
access-control-allow-origin: *
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   16
Md5:    a1cbd35d4488ac8cc6f959d4c633dc37
Sha1:   11844023759429ec785ae1c18e6a9c69803ee2bd
Sha256: 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
                                        
                                            GET /8973ffb884.js HTTP/1.1 
Host: kit.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.perpetualincome365.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.22.52
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Wed, 21 Sep 2022 18:57:41 GMT
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Ftb2_IS1y5HYTPk8RjnB
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 74e50727b9f7b50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---