| go.gkrtmc.com/aff_c?offer_id=8522&aff_id=62384&url_id=0&aff_sub5=push&source=Propeller&click_id=14fmnqmsnt | 172.255.248.105 | 302 Found | 242 B |
URL HTTP/1.1go.gkrtmc.com/aff_c?offer_id=8522&aff_id=62384&url_id=0&aff_sub5=push&source=Propeller&click_id=14fmnqmsnt IP172.255.248.105:0
File typeHTML document, ASCII text, with no line terminators Hashbee56c3e6982b2a98047353edc995791 acc3efa61405ff07273127f4441dd03f2c970291 b66c83ef6cb8cd5847a1177362358eedc3babd59a5c1345f20b934e345469f0e
GET /aff_c?offer_id=8522&aff_id=62384&url_id=0&aff_sub5=push&source=Propeller&click_id=14fmnqmsnt HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 13 Dec 2022 00:07:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 242
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Thu, 12 Jan 2023 00:07:00 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
Location: aff_c?offer_id=4178&aff_id=62384&aff_sub5=push&source=Propeller&click_id=14fmnqmsnt
Vary: Accept
Cache-Control: no-store, no-cache
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash3c0c53379f331e934f61070074d41035 420f6e542cbf741838566f22e475a80e2f600d21 4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7197
Expires: Tue, 13 Dec 2022 02:06:57 GMT
Date: Tue, 13 Dec 2022 00:07:00 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb642ec5702fb818c5d1c67168cc68fdb 015146489a8e7fcb4ba0ba74cfe757a072705f93 4846d047a23903856bd113d02639ce7e08a1e40030151d302295b2d12df98ffc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4846D047A23903856BD113D02639CE7E08A1E40030151D302295B2D12DF98FFC"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9369
Expires: Tue, 13 Dec 2022 02:43:09 GMT
Date: Tue, 13 Dec 2022 00:07:00 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashb44c4b5daa307a355e7bab1c83c1ca82 dbd14cd873f1dd4502f277b3f51cb7bc8da0c080 fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 23:08:39 GMT
content-type: application/json
age: 3501
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd29881eeb0456eff8cf415ad2ce64ba0 e3cfdd5f56ff88066257ec8f4726f53e3a733bd3 2cd90072f113163f976ddb8bc7017884efd3f764e7e8961b04e3ba5ec0a17d85
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CD90072F113163F976DDB8BC7017884EFD3F764E7E8961B04E3BA5EC0A17D85"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12921
Expires: Tue, 13 Dec 2022 03:42:21 GMT
Date: Tue, 13 Dec 2022 00:07:00 GMT
Connection: keep-alive
|
|
| go.gkrtmc.com/aff_c?offer_id=4178&aff_id=62384&aff_sub5=push&source=Propeller&click_id=14fmnqmsnt | 172.255.248.105 | 302 Found | 480 B |
URL HTTP/1.1go.gkrtmc.com/aff_c?offer_id=4178&aff_id=62384&aff_sub5=push&source=Propeller&click_id=14fmnqmsnt IP172.255.248.105:0
File typeHTML document, ASCII text, with very long lines (480), with no line terminators Hashc5d12cdccbff8c68f31d0f3b330eda35 b1e2909a11750ce6c9b66ecae83c939c311ec9c0 a8e67ba3d33a707f823c2b791f9ecee8ddd9c5c78d5639676c4beb712eae0302
GET /aff_c?offer_id=4178&aff_id=62384&aff_sub5=push&source=Propeller&click_id=14fmnqmsnt HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: language=en
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 13 Dec 2022 00:07:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 480
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Thu, 12 Jan 2023 00:07:00 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
4178=37_62384_4178_a599f9bd6b0783b87d6d092fbf537fa8; Domain=go.gkrtmc.com; Path=/; Expires=Thu, 12 Jan 2023 00:07:00 GMT
op_4178=0; Domain=go.gkrtmc.com; Path=/; Expires=Thu, 12 Jan 2023 00:07:00 GMT
user_id=40fa5cf6-4ce4-431c-b590-d193bec11d2e_48a3b6f1b961913b8106cbb5970afc34; Domain=go.gkrtmc.com; Path=/; Expires=Sun, 12 Dec 2027 00:07:00 GMT; Secure; SameSite=None
Location: /rd.html?go=https%3A%2F%2Frkkmj.prodlglousdate.net%3Futm_source%3Dc44213fa2bf7a303%26s1%3D20904%26s2%3D1656360%26s3%3D62384%26s5%3DPropeller%26click_id%3D37_62384_4178_a599f9bd6b0783b87d6d092fbf537fa8%26j1%3D1%26j8%3D1
Vary: Accept
Cache-Control: no-store, no-cache
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wiDytNPzbaqOPgrmVTsg3v5+CGxJ+A3PquofNWz8JtF46pRAcOcxsT1CQSWAyou2xM7XPVu8V3E=
x-amz-request-id: VRP5VBR8A21S7Z96
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 23:49:48 GMT
age: 1032
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.prodlglousdate.net%3Futm_source%3Dc44213fa2bf7a303%26s1%3D20904%26s2%3D1656360%26s3%3D62384%26s5%3DPropeller%26click_id%3D37_62384_4178_a599f9bd6b0783b87d6d092fbf537fa8%26j1%3D1%26j8%3D1 | 172.255.248.105 | 200 OK | 255 B |
URL HTTP/1.1go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.prodlglousdate.net%3Futm_source%3Dc44213fa2bf7a303%26s1%3D20904%26s2%3D1656360%26s3%3D62384%26s5%3DPropeller%26click_id%3D37_62384_4178_a599f9bd6b0783b87d6d092fbf537fa8%26j1%3D1%26j8%3D1 IP172.255.248.105:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash997bfcab4e7a51023ff8da026ed4374a 35d15ad133e52c1b9dea0b3696a8719521387a9e 070d804ff334e0de872b9ac4c28c1bc578a043771099d2e9556782974ed560a3
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /rd.html?go=https%3A%2F%2Frkkmj.prodlglousdate.net%3Futm_source%3Dc44213fa2bf7a303%26s1%3D20904%26s2%3D1656360%26s3%3D62384%26s5%3DPropeller%26click_id%3D37_62384_4178_a599f9bd6b0783b87d6d092fbf537fa8%26j1%3D1%26j8%3D1 HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: language=en; 4178=37_62384_4178_a599f9bd6b0783b87d6d092fbf537fa8; op_4178=0
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 00:07:00 GMT
Content-Type: text/html
Last-Modified: Fri, 13 Aug 2021 14:56:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61168831-149"
Cache-Control: no-store, no-cache
Content-Encoding: gzip
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 00:07:00 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| go.gkrtmc.com/favicon.ico | 172.255.248.105 | 404 Not Found | 123 B |
URL HTTP/1.1go.gkrtmc.com/favicon.ico IP172.255.248.105:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashc728bf241d9141b8d3100ae5140e09c5 07f0da1bdfadd0354b090781f1e3264ac22b6c39 34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a
GET /favicon.ico HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.prodlglousdate.net%3Futm_source%3Dc44213fa2bf7a303%26s1%3D20904%26s2%3D1656360%26s3%3D62384%26s5%3DPropeller%26click_id%3D37_62384_4178_a599f9bd6b0783b87d6d092fbf537fa8%26j1%3D1%26j8%3D1
Cookie: language=en; 4178=37_62384_4178_a599f9bd6b0783b87d6d092fbf537fa8; op_4178=0
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 13 Dec 2022 00:07:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash696702cdcbb9758f6b9dcbe264cb60b6 e01275c3f0d006946385297d6186dd8f0e5d1ddb c0309f2adca61a46be96e1f3965da52b7ba63bbdd3de8fc9fb0014df94903ed6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0309F2ADCA61A46BE96E1F3965DA52B7BA63BBDD3DE8FC9FB0014DF94903ED6"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8047
Expires: Tue, 13 Dec 2022 02:21:08 GMT
Date: Tue, 13 Dec 2022 00:07:01 GMT
Connection: keep-alive
|
|
| cdn-dimi.akamaized.net/landings/275825/1663071511/css/css.css?1663071512 | 95.101.11.40 | 200 OK | 1.9 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/275825/1663071511/css/css.css?1663071512 IP95.101.11.40:0 ASN#20940 Akamai International B.V.
Hash841738b21a90167bbc356118f64ed6bb 9ffbc85c54420eabf4bcc8a78141764d6e4a9a85 cd53c4f456e9d1005b8922d66fa7399a7ff66f0db23d72276e21dbc306da7213
GET /landings/275825/1663071511/css/css.css?1663071512 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.prodlglousdate.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: FcnT/cGX5odl7zla39ZjlarIV55PLzNjm3pGlGo8BF1fd1xVt5t2CwyPftqJ0spjY5TMqlMVFn8=
x-amz-request-id: 5Y61H9E558MKAYNC
Last-Modified: Tue, 13 Sep 2022 12:50:39 GMT
ETag: "d3c17ea89ffca6c5bc2dcb0effe43fbe"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Dec 2022 00:07:01 GMT
Content-Length: 1895
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/275825/1663071511/js/translate.js?1663071512 | 95.101.11.40 | 200 OK | 17 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/275825/1663071511/js/translate.js?1663071512 IP95.101.11.40:0 ASN#20940 Akamai International B.V.
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash1a0068cb0735c55c54b466c972c6e4cc 610f4151f82c886efdedea6aa09ad8f6dafef33e ef9c21f71a5a14c04e7d5ab7526c134ba6e8310e9c2eb2e388da364e1361a473
GET /landings/275825/1663071511/js/translate.js?1663071512 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.prodlglousdate.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: NdQORpGfR2Wq/NCXjVGMc+Jykz+1efCwssrPLKkkxItbo7rpJfwNVIzAUk9pm+t5Pj2Si0RQ1Pg=
x-amz-request-id: 5Y68P147EQZHS2SY
Last-Modified: Tue, 13 Sep 2022 12:50:39 GMT
ETag: "637b970eb3da7972f6d558bbda47e43b"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Dec 2022 00:07:01 GMT
Content-Length: 16633
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/275825/1663071511/js/jquery-2.2.4.min.js?1663071512 | 95.101.11.40 | 200 OK | 30 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/275825/1663071511/js/jquery-2.2.4.min.js?1663071512 IP95.101.11.40:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (32065) Hash2fa28552f1ee4e1382ee43930b53afb8 803670da6a35378bf4eb73acc8e72fe4feb5ca30 ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
GET /landings/275825/1663071511/js/jquery-2.2.4.min.js?1663071512 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.prodlglousdate.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: q82zUv2RlR7tc/wAEBr9BcYqeohezXBDEv3lSBldEZMP29kcVYihsDoiVRVjrhfudwmI0rqJp0E=
x-amz-request-id: MJ7E6PFQAMHBGASY
Last-Modified: Tue, 13 Sep 2022 12:50:39 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Dec 2022 00:07:01 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 23:33:17 GMT
age: 2024
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash0f3dad0d025c4b6b8abd5d698f00cfbd 3a82ecac8709c7acd620316502a0e774ac3b1170 8d98454c05e1bfb1e534913e69fe76f4b0cb619c02626bcdc163f7be48b1621f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:07:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Montserrat|Open+Sans:300,400,700,800&display=swap&subset=cyrillic,greek,vietnamese | 142.250.74.74 | 200 OK | 1.3 kB |
URL HTTP/2fonts.googleapis.com/css?family=Montserrat|Open+Sans:300,400,700,800&display=swap&subset=cyrillic,greek,vietnamese IP142.250.74.74:0
Hashf06a67ad905c26fd444f740114b2dc07 ae18829e8adb40ef420cc1c5b51d8700e782c0bc 0219378a6d309fd95217c84166ba74ad311abe1b9852bacbe05cd304d81bebfd
GET /css?family=Montserrat|Open+Sans:300,400,700,800&display=swap&subset=cyrillic,greek,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Dec 2022 00:07:01 GMT
date: Tue, 13 Dec 2022 00:07:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashee19f96e42a0eca99d00c8d91f977c35 3bf8dbf8b8ce6ea7adadf7bb92cae2f9502fbee9 6d8adcb1494bfe2ca73cd6b77eb57b2d08e07b05eb892fea98a1fde0bfb2ea12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5665
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:07:01 GMT
Last-Modified: Mon, 12 Dec 2022 22:32:36 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
|
|
| cdn-dimi.akamaized.net/landings/275825/1663071511/images/bg-2.jpg | 95.101.11.40 | 200 OK | 377 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/275825/1663071511/images/bg-2.jpg IP95.101.11.40:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data Size377 kB (376720 bytes) Hash56319eec93215977daf18ae31ff8dd4b 3bd8976cf5ed63dbe680e4c73b8a1b2b0ceaf66c c8c5432efb99a349476b17827016aaf30834320195bbef6d35102a028063d75b
GET /landings/275825/1663071511/images/bg-2.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/275825/1663071511/css/css.css?1663071512
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
x-amz-id-2: 2DgtR5Gur83KOzWv8hJFfRivF9/fjjCEFiR2wQnRsa7q+O3EAWHsYtaO0wIrFlpQn8jlGKzugAE=
x-amz-request-id: 4AB3PECR6NPR01X6
Last-Modified: Tue, 13 Sep 2022 12:50:39 GMT
ETag: "56319eec93215977daf18ae31ff8dd4b"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 376720
Date: Tue, 13 Dec 2022 00:07:01 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hasha33409f980e81b54f660035dd9c14cfb 8399645bbd14b6a968328c6552b837e3368948a3 9cf6b1845f29636c04e711a6bf1e7937773c6c4522e2ba66dd6c43bfef34b33b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:07:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtm.js?id=GTM-PPJGZHL | 142.250.74.168 | 200 OK | 40 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-PPJGZHL IP142.250.74.168:0
File typeASCII text, with very long lines (3014) Hashcc4a9ba4356eccbe5007b3ac612ffbb7 09593d56defa7a11ac1f29f6bdc35e3b4c428ee0 da52f95d778214822b5d31612ac06742c02c3fdc6cff09b4dcd26b5b3ea53f13
GET /gtm.js?id=GTM-PPJGZHL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.prodlglousdate.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Dec 2022 00:07:01 GMT
expires: Tue, 13 Dec 2022 00:07:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| cdn-dimi.akamaized.net/images/favicon.ico | 95.101.11.40 | 200 OK | 4.1 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/images/favicon.ico IP95.101.11.40:0 ASN#20940 Akamai International B.V.
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data Hash4cdf3256cd7b8ec3917adb79d6bf457e bc615337e9223183a126c8fb649774866fb53e69 fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0
GET /images/favicon.ico HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.prodlglousdate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 2GM1RH+Oo7JIRLs/OPfJSrmls1pwWkrIufazLdJT5aWuDbgNABEKJmW/8rLlCMaF9QlDE8aTJ9E=
x-amz-request-id: Y5JJFAEXP3X803ZN
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 4103
Date: Tue, 13 Dec 2022 00:07:01 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hasha33409f980e81b54f660035dd9c14cfb 8399645bbd14b6a968328c6552b837e3368948a3 9cf6b1845f29636c04e711a6bf1e7937773c6c4522e2ba66dd6c43bfef34b33b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:07:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash2e5ee531cc0386adab9fe3d62f530231 16ec934be53e9ce97d40aedf906430551ad1b58a 0259d529060dc76765ae2bfb9bb5f513662c41e1b6608ec3a950d8b4b04ec056
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:07:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js | 142.250.74.35 | 200 OK | 10 kB |
URL HTTP/2www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js IP142.250.74.35:0
File typeASCII text, with very long lines (35547) Hashfa9987a23f5a9d865766e952511baa30 f2e620b99ee61a01671ba6a9e22ca75d58a1b52d 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.prodlglousdate.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 10:16:35 GMT
expires: Thu, 07 Dec 2023 10:16:35 GMT
cache-control: public, max-age=31536000
age: 481827
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash6d462d3e6bc6168ee30040355f8b96ee 7578100cefe27a95fc25fa11481d78353185a9f0 7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:07:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/firebasejs/5.0.2/firebase-app.js | 142.250.74.35 | 200 OK | 8.6 kB |
URL HTTP/2www.gstatic.com/firebasejs/5.0.2/firebase-app.js IP142.250.74.35:0
File typeASCII text, with very long lines (25088) Hash73069e532b7039778d3a7128c997c61a c523bbf1ac7f4e612c8ade75434c42fbca885adc b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.prodlglousdate.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 21:48:07 GMT
expires: Fri, 08 Dec 2023 21:48:07 GMT
cache-control: public, max-age=31536000
age: 353935
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash6d462d3e6bc6168ee30040355f8b96ee 7578100cefe27a95fc25fa11481d78353185a9f0 7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:07:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 52.13.69.101 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.13.69.101:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aN1SVu2aSx+ez7rcXKAUoA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FXu/IhepcBWjKwYp1GyhzWizp5c=
|
|
| tsyndicate.com/api/v1/retargeting/set/a29e4033-f1e9-4244-ad9b-e100f20a3cc4 | 168.119.1.208 | 200 OK | 35 B |
URL HTTP/2tsyndicate.com/api/v1/retargeting/set/a29e4033-f1e9-4244-ad9b-e100f20a3cc4 IP168.119.1.208:0 ASN#24940 Hetzner Online GmbH
File typeGIF image data, version 89a, 1 x 1\012- data Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/retargeting/set/a29e4033-f1e9-4244-ad9b-e100f20a3cc4 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.prodlglousdate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 00:07:02 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 57bf3e36c4e7e6c3
set-cookie: ts_rt_a29e4033-f1e9-4244-ad9b-e100f20a3cc4=AAMC; expires=Wed, 13 Dec 2023 00:07:02 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 313 B |
IP93.184.220.29:0
Hash83a3af527edf5d38ae7905c79545bd7d 42e27edea8f4ef05781dc855aa49d3ec68a7afb1 ec92b27a988437588b682722bdc109e7f9848780aeb14f9191dddd533a80d99a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6364
Cache-Control: max-age=144594
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 00:07:02 GMT
Etag: "63973b1c-139"
Expires: Wed, 14 Dec 2022 16:16:56 GMT
Last-Modified: Mon, 12 Dec 2022 14:30:52 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
|
|
| ctrack.trafficjunky.net/ctrack?action=list&type=add&id=1&context=im&cookiename=start&age=545600&maxcookiecount=10 | 66.254.114.89 | 200 OK | 35 B |
URL HTTP/1.1ctrack.trafficjunky.net/ctrack?action=list&type=add&id=1&context=im&cookiename=start&age=545600&maxcookiecount=10 IP66.254.114.89:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28d6814f309ea289f847c69cf91194c6 0f4e929dd5bb2564f7ab9c76338e04e292a42ace 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /ctrack?action=list&type=add&id=1&context=im&cookiename=start&age=545600&maxcookiecount=10 HTTP/1.1
Host: ctrack.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.prodlglousdate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty
date: Tue, 13 Dec 2022 00:07:02 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=631cd2ee2b4f4cf89a98c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Thu, 12 Jan 2023 00:07:02 GMT; Secure; SameSite=None
tj_UUID_v2=631cd2ee-2b4f-4cf8-9a98-c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Thu, 12 Jan 2023 00:07:02 GMT; Secure; SameSite=None
57aadc60fe7671fefe86bb04bced801a=1; Path=/; Domain=trafficjunky.net; Expires=Tue, 26 Dec 2023 21:27:02 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 6397C226-42FE725901BB0B93-8D2459
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7a3e13e78f90788c56a93f7ffd9be884 bb6e2205661434f2eb8964f59b8f0d950c11ba0d 48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2972
Expires: Tue, 13 Dec 2022 00:56:35 GMT
Date: Tue, 13 Dec 2022 00:07:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7a3e13e78f90788c56a93f7ffd9be884 bb6e2205661434f2eb8964f59b8f0d950c11ba0d 48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2972
Expires: Tue, 13 Dec 2022 00:56:35 GMT
Date: Tue, 13 Dec 2022 00:07:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7a3e13e78f90788c56a93f7ffd9be884 bb6e2205661434f2eb8964f59b8f0d950c11ba0d 48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2972
Expires: Tue, 13 Dec 2022 00:56:35 GMT
Date: Tue, 13 Dec 2022 00:07:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7a3e13e78f90788c56a93f7ffd9be884 bb6e2205661434f2eb8964f59b8f0d950c11ba0d 48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2972
Expires: Tue, 13 Dec 2022 00:56:35 GMT
Date: Tue, 13 Dec 2022 00:07:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash7a3e13e78f90788c56a93f7ffd9be884 bb6e2205661434f2eb8964f59b8f0d950c11ba0d 48f33f6b844a6e9f9087e6ce54394c6af9ded4d02b4d9ba18a9fb711eb180b2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F33F6B844A6E9F9087E6CE54394C6AF9DED4D02B4D9BA18A9FB711EB180B2C"
Last-Modified: Mon, 12 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2972
Expires: Tue, 13 Dec 2022 00:56:35 GMT
Date: Tue, 13 Dec 2022 00:07:03 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash703d359edb819eaefc6ccae224bbde15 4b8d7b5ff7cf1333bd0019b2d72cf2aadef6caf8 0452d24052bef979fd13f1a0fefb4c7803ff91c5afa3c871f85b73eb08f15489
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12144
x-amzn-requestid: 0d00ec22-808c-4f60-98b1-87eef4aad829
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6n0yFORIAMFskA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394201e-58f1a5c87fc341bf56fa9d68;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 05:58:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sW4dQXExyH6JvbdtSgIPJUiifHh-VfbfcG5hKMaJ4tZA3pO-fobF6w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 20:36:31 GMT
age: 12632
etag: "4b8d7b5ff7cf1333bd0019b2d72cf2aadef6caf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F047d40ca-223b-4b30-90f0-c848da685495.jpeg | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F047d40ca-223b-4b30-90f0-c848da685495.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashab5a208bfde395cefdbf547982544b25 cfdcccc56da544414936b95c888585f6a56833ad 9897cf24a8332e797d33b0493ab8f488d991151d7be621cd5753aa5e3b2c9451
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F047d40ca-223b-4b30-90f0-c848da685495.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5922
x-amzn-requestid: 98bd853c-cbe5-4672-9915-6e54978730bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c0LzNEO7oAMF-dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63918ce1-23b0f17a2e5e95f7707adcaf;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 07:06:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FQUQ6k_qhhvYaRzw4tyiNx_ysRnZliRYi516Stz96WdPmVn-sJxOBg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 08:15:50 GMT
age: 57073
etag: "cfdcccc56da544414936b95c888585f6a56833ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9051770b3587c195bea670f8820e8cfe abf58087f0e345202da088238daea85d177b431b f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: viqtSt0N4FbMvP-u-vlA4Y8SfzIafFu_4XhqXSKrbItp7gkJDp5PKA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 22:37:58 GMT
age: 5345
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg | 34.120.237.76 | 200 OK | 4.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd8b0477fb90d103e2155bbf7ab47d877 ab668e755bd742b165fa3ba46a4c486c616a7ff6 40e2282cf64da6034f73a2ff0c0d060550caa364244d5bdf282d2f54719d48ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4703
x-amzn-requestid: 975cb427-5feb-4c36-bcfe-bed0cc9bd3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czpW4Hh4IAMFeRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639155c5-63d6d97371f11d6012edae68;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 03:11:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BouIqIrg_vfxBH0weDXiqoEBcSV8_d4qDVB3Er5PeIrZz249iHdqGQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 06:13:00 GMT
age: 64443
etag: "ab668e755bd742b165fa3ba46a4c486c616a7ff6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d2521f8-aba3-4e43-a61f-566b33d81a58.jpeg | 34.120.237.76 | 200 OK | 7.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d2521f8-aba3-4e43-a61f-566b33d81a58.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash61696fbb8743437b191c7141bc43228f 9f3da5618cd81d8b94b89a38860b5ea0e677b181 e299f7842035dfae92b63c388613da806030c9e70f6344dd0c8e9176baa2a671
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d2521f8-aba3-4e43-a61f-566b33d81a58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7235
x-amzn-requestid: e718a827-339f-47c3-ba93-870818e8be5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c83b3HgvoAMFiwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639505e5-6d9ec8a939af617b7ce5f3ed;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:19:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5YmFEB4u4FakAcTVYzxgtp7S4SpMQirzSC4njjh97hFX6v8iPkUCVg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 08:15:34 GMT
etag: "9f3da5618cd81d8b94b89a38860b5ea0e677b181"
content-type: image/jpeg
age: 57089
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff80752aa-0cbf-4c22-9021-7abe914dde6f.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff80752aa-0cbf-4c22-9021-7abe914dde6f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1abb84e01b1e6e8d13317083770e9e25 8e034ed23b8d40406fd43f74f0af5f7278d1465e 5238283f759fdf48354b5372bf87c9cc1d5db2dd319db54ac0e09f1e6ac32cbc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff80752aa-0cbf-4c22-9021-7abe914dde6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12449
x-amzn-requestid: 992fe7fc-089b-4cc8-bb4f-0636b96d5f9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8I9UFlAoAMFhPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394bb88-0cf5980b3772bc313c547db9;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 17:02:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hvm1Gg_elrokIugA9BZAQUayP_3EjQc9jPpB3zE4qeRpVdA-yiXJ_Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 21:58:25 GMT
age: 7718
etag: "8e034ed23b8d40406fd43f74f0af5f7278d1465e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| rkkmj.prodlglousdate.net/js/pushjs/1.0.0/subscriber.js | 52.19.101.114 | 200 OK | 0 B |
URL HTTP/2rkkmj.prodlglousdate.net/js/pushjs/1.0.0/subscriber.js IP52.19.101.114:0
GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: rkkmj.prodlglousdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.prodlglousdate.net/?s1=20904&s2=1656360&s3=62384&s5=backuser&click_id=37_62384_4178_a599f9bd6b0783b87d6d092fbf537fa8&iexpp=1&j1=1&utm_source=c44213fa2bf7a303&j8=1
Cookie: unique_id=6397c22500081e73; unique_id2=6397c2250009a8e5; 6397c2250009a8e5_c=1; ref_token=20904; impression=; 6397c2250009a8e5_sl=[275825]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 00:07:01 GMT
content-type: application/javascript
expires: Tue, 20 Dec 2022 00:07:01 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| rkkmj.prodlglousdate.net/js/service-worker.js | 52.19.101.114 | 200 OK | 0 B |
URL HTTP/2rkkmj.prodlglousdate.net/js/service-worker.js IP52.19.101.114:0
GET /js/service-worker.js HTTP/1.1
Host: rkkmj.prodlglousdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: unique_id=6397c22500081e73; unique_id2=6397c2250009a8e5; 6397c2250009a8e5_c=1; ref_token=20904; impression=; 6397c2250009a8e5_sl=[275825]
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 00:07:01 GMT
content-type: application/javascript
expires: Tue, 20 Dec 2022 00:07:01 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| rkkmj.prodlglousdate.net/?utm_source=c44213fa2bf7a303&s1=20904&s2=1656360&s3=62384&s5=Propeller&click_id=37_62384_4178_a599f9bd6b0783b87d6d092fbf537fa8&j1=1&j8=1 | 52.19.101.114 | 200 OK | 0 B |
URL HTTP/2rkkmj.prodlglousdate.net/?utm_source=c44213fa2bf7a303&s1=20904&s2=1656360&s3=62384&s5=Propeller&click_id=37_62384_4178_a599f9bd6b0783b87d6d092fbf537fa8&j1=1&j8=1 IP52.19.101.114:0
GET /?utm_source=c44213fa2bf7a303&s1=20904&s2=1656360&s3=62384&s5=Propeller&click_id=37_62384_4178_a599f9bd6b0783b87d6d092fbf537fa8&j1=1&j8=1 HTTP/1.1
Host: rkkmj.prodlglousdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://go.gkrtmc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 00:07:01 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=6397c22500081e73; Path=/; Expires=Sat, 11 Feb 2023 00:07:01 GMT; Secure; SameSite=None
unique_id2=6397c2250009a8e5; Path=/; Expires=Mon, 13 Mar 2023 00:07:01 GMT; Secure; SameSite=None
6397c2250009a8e5_c=1; Path=/; Expires=Mon, 13 Mar 2023 00:07:01 GMT; Secure; SameSite=None
ref_token=20904; Path=/; Expires=Thu, 12 Jan 2023 00:07:01 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Tue, 13 Dec 2022 00:07:01 GMT; Secure; SameSite=None
6397c2250009a8e5_sl=[275825]; Path=/; Expires=Tue, 27 Dec 2022 00:07:01 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| rkkmj.prodlglousdate.net/js/pushjs/1.0.0/utils.js | 52.19.101.114 | 200 OK | 0 B |
URL HTTP/2rkkmj.prodlglousdate.net/js/pushjs/1.0.0/utils.js IP52.19.101.114:0
GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: rkkmj.prodlglousdate.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.prodlglousdate.net/?s1=20904&s2=1656360&s3=62384&s5=backuser&click_id=37_62384_4178_a599f9bd6b0783b87d6d092fbf537fa8&iexpp=1&j1=1&utm_source=c44213fa2bf7a303&j8=1
Cookie: unique_id=6397c22500081e73; unique_id2=6397c2250009a8e5; 6397c2250009a8e5_c=1; ref_token=20904; impression=; 6397c2250009a8e5_sl=[275825]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 00:07:01 GMT
content-type: application/javascript
expires: Tue, 20 Dec 2022 00:07:01 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
|
|