Overview

URLexceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP 172.67.155.44 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-01 13:56:11 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (29)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
exceptionalphonesecurity.xyz (2) 364991 2021-12-15 11:52:10 UTC 2022-12-01 01:57:00 UTC 172.67.155.44
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.212.166.60
app1-smartsecurity-etl.herokuapp.com (4) 115431 2021-11-12 17:04:25 UTC 2022-12-01 01:58:59 UTC 54.208.186.182
ouhastay.net (2) 117137 2021-09-10 09:52:42 UTC 2022-12-01 01:57:00 UTC 139.45.197.239
r3.o.lencr.org (13) 344 No data No data 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-01 04:11:13 UTC 34.117.237.239
broker-systems.com (16) 0 2020-12-15 12:26:55 UTC 2022-11-30 14:08:05 UTC 104.21.79.157 Unknown ranking
flagicons.lipis.dev (1) 527996 No data No data 185.199.108.153
storage.googleapis.com (1) 420 2015-06-16 19:08:42 UTC 2022-12-01 04:26:06 UTC 216.58.211.16
vod-progressive.akamaized.net (1) 19176 No data No data 95.101.11.18
exceptionalphonesecurity.xyz (2) 364991 2021-12-15 11:52:10 UTC 2022-12-01 01:57:00 UTC 104.21.6.184
analytics.tiktok.com (4) 1182 No data No data 23.36.79.32
primaveratrack.com (1) 0 2022-05-16 10:03:19 UTC 2022-12-01 01:59:40 UTC 167.114.103.223 Unknown ranking
track.profitableredirect.com (1) 124496 No data No data 18.192.108.151
ocsp.pki.goog (4) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 216.58.211.3
player.vimeo.com (1) 1858 2013-09-26 03:16:08 UTC 2020-01-28 05:29:01 UTC 162.159.128.61
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-12-01 04:11:15 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-01 04:09:38 UTC 34.102.187.140
my.rtmark.net (5) 9054 2017-08-22 14:11:49 UTC 2022-12-01 04:09:36 UTC 139.45.195.8
ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
redrotou.net (1) 145989 2021-03-16 05:03:50 UTC 2022-12-01 10:50:39 UTC 139.45.197.251
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-12-01 04:14:51 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-01 04:19:36 UTC 142.250.74.74
overalltrack.com (3) 112756 2018-12-01 03:47:10 UTC 2022-12-01 01:58:59 UTC 68.183.98.124
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-12-01 04:54:11 UTC 142.250.74.110
unpkg.com (1) 11693 2016-01-07 23:26:01 UTC 2022-12-01 04:10:00 UTC 104.16.125.175

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-01 2 ouhastay.net Sinkholed
2022-12-01 2 ouhastay.net Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.155.44
Date UQ / IDS / BL URL IP
2022-12-09 04:47:04 +0000 0 - 0 - 2 exceptionalphonesecurity.xyz/smart-security-0 (...) 172.67.155.44
2022-12-07 07:50:05 +0000 0 - 0 - 2 exceptionalphonesecurity.xyz/smart-security-0 (...) 172.67.155.44
2022-12-01 13:56:11 +0000 0 - 0 - 2 exceptionalphonesecurity.xyz/smart-security-0 (...) 172.67.155.44
2022-12-01 01:56:08 +0000 0 - 0 - 3 exceptionalphonesecurity.xyz/smart-security-0 (...) 172.67.155.44
2022-11-29 07:57:06 +0000 0 - 0 - 2 exceptionalphonesecurity.xyz/smart-security-0 (...) 172.67.155.44


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-01 22:19:56 +0000 0 - 0 - 2 iot.fsheitipa.site/ 104.21.72.58
2023-02-01 22:19:36 +0000 0 - 0 - 2 wlo.link/@bt365 172.67.75.5
2023-02-01 22:18:31 +0000 0 - 0 - 1 monverticaconfir.xyz/ 172.67.195.50
2023-02-01 22:18:14 +0000 0 - 0 - 1 wemeettoday.com/tt/11?affiliate_id=15782&sub1 (...) 104.21.95.141
2023-02-01 22:15:41 +0000 0 - 0 - 0 www.remove.bg/ 104.26.3.68


Last 5 reports on domain: exceptionalphonesecurity.xyz
Date UQ / IDS / BL URL IP
2022-12-09 04:47:04 +0000 0 - 0 - 2 exceptionalphonesecurity.xyz/smart-security-0 (...) 172.67.155.44
2022-12-07 19:50:06 +0000 0 - 0 - 2 exceptionalphonesecurity.xyz/smart-security-0 (...) 104.21.6.184
2022-12-07 07:50:05 +0000 0 - 0 - 2 exceptionalphonesecurity.xyz/smart-security-0 (...) 172.67.155.44
2022-12-01 13:56:11 +0000 0 - 0 - 2 exceptionalphonesecurity.xyz/smart-security-0 (...) 172.67.155.44
2022-12-01 01:56:08 +0000 0 - 0 - 3 exceptionalphonesecurity.xyz/smart-security-0 (...) 172.67.155.44


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-02 12:00:55 +0000 0 - 0 - 2 tele123.store/cl/500/env/nl 79.98.29.10
2022-12-02 12:00:27 +0000 0 - 0 - 2 telefonica.site/bd/fortune/nl/ 79.98.24.35
2022-12-02 10:51:13 +0000 0 - 0 - 2 senecaphoneupdate.top/smart-security-0/index. (...) 172.67.133.55
2022-12-01 13:02:12 +0000 0 - 0 - 2 televivo.online/kz/env/nl 194.135.87.58
2022-12-01 13:01:03 +0000 0 - 0 - 2 televivo.online/kz/env/nl?key=eyJ0aW1lc3RhbXA (...) 194.135.87.58

JavaScript

Executed Scripts (52)

Executed Evals (1)
#1 JavaScript::Eval (size: 5) - SHA256: 35e6366764c85ff27d4eaa8798d75814c7c25d9aa684fc270eac4d8056341083
enSet

Executed Writes (14)
#1 JavaScript::Write (size: 8) - SHA256: 31fbef162594de01bab0cd525c51f74de7bcb15063029fa1a54b2cf5944c80d8
Continue
#2 JavaScript::Write (size: 299) - SHA256: 737280234f950859cd98c1669e222ac6d0d695a2015fa5f43add9e332f346e8c
< a class = "button exitpoint right cancel"
id = "cancel-button"
href = "market://details?id=com.smartsecurityxzt&referrer=publisher%3D{trafficsource.name}%26clickid%3D{clickid}%26utm_source%3Dvar1%26utm_medium%3Drestart_push_{offer.name}%26utm_campaign%3D{trafficsource.name}%26timestamp%3D1669902958251" >
#3 JavaScript::Write (size: 4) - SHA256: ecd5b806462c7dfdf078ac76c549060a06660422d00e55bd5823be6747361085
< /a>
#4 JavaScript::Write (size: 10) - SHA256: f96f4d46e788614ae69e039ae032229de03f08cfe7f84c7f405ba021e50d3eca
Update Now
#5 JavaScript::Write (size: 68) - SHA256: 3d616b12fbe8aa4b171323dc696cebb002be86551f35cc23fe0bc2756abc58e7
< a class = "button"
id = "center-button"
href = "smartsecurityxzt://open" >
#6 JavaScript::Write (size: 156) - SHA256: 949398833ecb71dace0d6a15f4166af32a8e0c16be1f945f93297956925b8f51
< img src = 'https://overalltrack.com/api/v3.0/clickapi/img?aid=1&clickId={clickid}'
style = 'position:absolute;width:1px;height:1px;left:0;bottom:0;opacity:0;' >
#7 JavaScript::Write (size: 310) - SHA256: 700f1572b0f9e23f9eff87001b4fe4d1c1341f6c9910244652a2ac699120e5d9
< a class = "close exitpoint"
style = "display: none"
id = "close-button"
href = "market://details?id=com.smartsecurityxzt&referrer=publisher%3D{trafficsource.name}%26clickid%3D{clickid}%26utm_source%3Dvar1%26utm_medium%3Drestart_push_{offer.name}%26utm_campaign%3D{trafficsource.name}%26timestamp%3D1669902958251" > < /a>
#8 JavaScript::Write (size: 89) - SHA256: 6c19434f8282294efc05f0fd70015529942972352a6b00984ac14d444f61db9b
Update now
for < strong > FREE < /strong> to clean and boost your Android Android immediately!
#9 JavaScript::Write (size: 53) - SHA256: 6ce64525848d677d6f619f970e996c47cc6a82bf85d40bb2acd64474d3a3046e
Click < strong > Allow < /strong> To Continue Using Chrome
#10 JavaScript::Write (size: 2) - SHA256: 1d97c9fec35ad3ba402a8bb3548546924ce958f8f4b8a65b0f39c9c6171bdf34
Ad
#11 JavaScript::Write (size: 50) - SHA256: be434f49ec21e26b619e4186cce641233e60036505ac9cf6de704ebeb72b0e6d
Cleaner Update
for Android Android is Recommended!
#12 JavaScript::Write (size: 112) - SHA256: 4448b50a0446877c729032fc7d2ac04b985f7838bfc700b779e132afa7c2803c
Your phone Android Android can work faster, we released a Cleaner update, and it is recommended
for every phone.
#13 JavaScript::Write (size: 6) - SHA256: 19766ed6ccb2f4a32778eed80d1928d2c87a18d7c275ccb163ec6709d3eb2e27
Cancel
#14 JavaScript::Write (size: 295) - SHA256: f536f402bf420dfc807708fde0ce786c5836885c295decdfa6a2cea8f4e80dcb
< a class = "button exitpoint install"
id = "install-button"
href = "market://details?id=com.smartsecurityxzt&referrer=publisher%3D{trafficsource.name}%26clickid%3D{clickid}%26utm_source%3Dvar1%26utm_medium%3Drestart_push_{offer.name}%26utm_campaign%3D{trafficsource.name}%26timestamp%3D1669902958251" >


HTTP Transactions (82)


Request Response
                                        
                                            GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1 
Host: exceptionalphonesecurity.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.67.155.44
HTTP/1.1 301 Moved Permanently
                                        
Date: Thu, 01 Dec 2022 13:55:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 01 Dec 2022 14:55:58 GMT
Location: https://exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0h78jvXSk9%2B61ZQbhew0v2%2F5eoo%2FGlDYvQkqcqWZXDAEgOcRtb4klqcIiUIxyE0fJVn7WY5sr3LyP%2BUjH4ZfaZf%2BwAopIfssDyHtBE7wjCw8YrmZ0VCAarcwiMD7017D1Tn%2FUxOMLAlTmRUi5fR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772c52d4ab27b523-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7993
Expires: Thu, 01 Dec 2022 16:09:12 GMT
Date: Thu, 01 Dec 2022 13:55:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2041
Cache-Control: 'max-age=158059'
Date: Thu, 01 Dec 2022 13:55:59 GMT
Last-Modified: Thu, 01 Dec 2022 13:21:58 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17731
Expires: Thu, 01 Dec 2022 18:51:30 GMT
Date: Thu, 01 Dec 2022 13:55:59 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 13:19:46 GMT
cache-control: public,max-age=3600
age: 2173
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: K4yiIM6IxjTv1S4+OSX7/J8HdTssPPX6Wp5MX2RJQFJn+PxSRj5WlBtqP1BawSlSiEg5tpf18ms=
x-amz-request-id: G53KMX00HNMHGN79
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 13:45:41 GMT
age: 618
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 01 Dec 2022 13:55:59 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 13:11:15 GMT
cache-control: public,max-age=3600
age: 2684
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2035
Cache-Control: max-age=157485
Date: Thu, 01 Dec 2022 13:55:59 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:40:44 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6093
Expires: Thu, 01 Dec 2022 15:37:32 GMT
Date: Thu, 01 Dec 2022 13:55:59 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1832
Md5:    46f646f4fd8e6296da5782c3444c89a3
Sha1:   16afe2ac0b37eb802ca4c6015426009ecc5c4815
Sha256: fdd767d09b91a97024351298e9b2ffdea3c9dedb14fb690bd86e5143011de205
                                        
                                            GET /p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Thu, 01 Dec 2022 13:55:59 GMT
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   697
Md5:    7e1da03b7d5254f7b1d93874c8f85ce4
Sha1:   c1ff6bec84dd9b2bf2bbcd11bb8791444f04b2d7
Sha256: ff9366f794284e39381efd6b8ae4b6273469134c741ca7c3d6a1e1248e1a98d4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7EC670A2859CCA0F96A68F29C25A32918BFECFC1D04D1F28F3E8C02AC5151672"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20906
Expires: Thu, 01 Dec 2022 19:44:25 GMT
Date: Thu, 01 Dec 2022 13:55:59 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7rl9WkTc6yPpKASJtg1fGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.212.166.60
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JVm4pOhAdja50vz0IkdRr7tD1Xg=

                                        
                                            GET /i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 2022120113555948C5FBB6E695E229ED63
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60fa52c5d1c57f3b77a3dac2d549caf6cf7374a165fb668af26fc2467beca9560bdb55060160e1ef28b9c56533a05a5fe337e12fa81828f71a8bb17bbeb2e16325a3ba4a67abf1b26bf2bac378097a8208
content-encoding: gzip
content-length: 1227
x-origin-response-time: 27,23.194.131.31
x-akamai-request-id: 6cc6934e.862d37d
expires: Thu, 01 Dec 2022 13:56:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 01 Dec 2022 13:56:00 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2IJc7U7YxykviRp8QtPXXi0RIet; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-194-131-31.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=27, inner; dur=3
x-parent-response-time: 132,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2100
Md5:    0774a832c9759a5755a2bdb8322cbcd6
Sha1:   4b329471523f9abed5a70e31de292599c6feb90a
Sha256: e9c0cce51a951c137b351ff0e250e471edcd5d4cbb8f8a52ea9ddb34fcf6db99
                                        
                                            GET /i18n/pixel/static/main.MWU5NWU5NWFkMA.js HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Cookie: _ttp=2IJc7U7YxykviRp8QtPXXi0RIet
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20221130022948D99C7149BCE8405E9DD3
x-tt-trace-host: 013fa45783d9425c8e70fed66bd0ead97cd822c0f44726489ca64a895d7b63979435600b35892fb5212aa1a0ab1719913d9492513d04d44c48d8bb6b98cbf9ad4599d71bebcaeb9c970aa6580d74ad1c44
content-encoding: gzip
date: Thu, 01 Dec 2022 13:56:00 GMT
content-length: 62056
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 862d446
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26136)
Size:   62056
Md5:    9bc71d4f573a8fd68bbd9c99da756be5
Sha1:   49dbdc2c41985d6bec5018e542269ee35f75cba2
Sha256: 081ad04f879426ef5998bc1c230032ff4f233fc89bb40865785fad1c4a7f6cc5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109277
Date: Thu, 01 Dec 2022 13:56:00 GMT
Etag: "6387b4f3-1d7"
Expires: Fri, 02 Dec 2022 20:17:17 GMT
Last-Modified: Wed, 30 Nov 2022 19:54:27 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zAosGfw78QQlqTId1gN5fUHXyWb8Ir83H9bEbfHjZMiFmgS3f6W9jA==
Age: 1370

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109290
Date: Thu, 01 Dec 2022 13:56:00 GMT
Etag: "6387b4f3-1d7"
Expires: Fri, 02 Dec 2022 20:17:30 GMT
Last-Modified: Wed, 30 Nov 2022 19:54:27 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4fU_3-GQFBpqZ80jNvt_zB3Ex3YCMJU8H6AI4GpZl1tLEpdIfyZrVQ==
Age: 1383

                                        
                                            GET /api/v3.0/clickapi/img?aid=1&clickId={clickid} HTTP/1.1 
Host: overalltrack.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         68.183.98.124
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Dec 2022 13:56:00 GMT
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Set-Cookie: currentClickid=%7B%221%22%3A%22%7Bclickid%7D%22%7D; Max-Age=31536000; Path=/; Expires=Fri, 01 Dec 2023 13:56:00 GMT; Secure; SameSite=None

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A8103DC3CC3E6D263CAF4A44B082F51A5A9B2A223410E137964814C5D991AEE8"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20904
Expires: Thu, 01 Dec 2022 19:44:24 GMT
Date: Thu, 01 Dec 2022 13:56:00 GMT
Connection: keep-alive

                                        
                                            GET /i18n/pixel/static/identify_87671.js HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Cookie: _ttp=2IJc7U7YxykviRp8QtPXXi0RIet
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20221025132316F80FA7E63D4578714882
x-tt-trace-host: 015720010e4cdc282df4fc80cf78bd2dddb7690c595eb6de72e640e5719fc1783fa3a117acf8783861c9b1a0e011382f534f2e840e795a57845c7147ea27ce830a72cd5dec7a946e64d3ac2f92a831f887
content-encoding: gzip
date: Thu, 01 Dec 2022 13:56:00 GMT
content-length: 30897
x-cache: TCP_MEM_HIT from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=14
x-akamai-request-id: 862d50c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   30897
Md5:    3904a2d72a2f511d5c880e9ee1ecf51c
Sha1:   3d31bba82f4e6465d39158df7bf21aaf737c3383
Sha256: 0b9166ee15325fef2b2014ff8ea844cf5766b7605f566c274048152e8b1cd8f1
                                        
                                            OPTIONS /device_by_model?model=x64 HTTP/1.1 
Host: app1-smartsecurity-etl.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://exceptionalphonesecurity.xyz/
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.208.186.182
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Server: gunicorn
Date: Thu, 01 Dec 2022 13:56:00 GMT
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur

                                        
                                            GET /device_by_model?model=x64 HTTP/1.1 
Host: app1-smartsecurity-etl.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.208.186.182
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Server: gunicorn
Date: Thu, 01 Dec 2022 13:56:00 GMT
Location: /device_by_model/?model=x64
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Content-Length: 0
Via: 1.1 vegur

                                        
                                            OPTIONS /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1 
Host: overalltrack.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://exceptionalphonesecurity.xyz/
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         68.183.98.124
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Dec 2022 13:56:00 GMT
Content-Length: 8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Allow: GET,HEAD


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   8
Md5:    f30c3a40e9a3e65c868c754a5de95919
Sha1:   65101ff283414b70636ff494d866190a66ed9978
Sha256: 875befe7cefc0715a17dc737f9514dda981f79a3c9f174badcae5bd1cc2425fe
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 936
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Cookie: _ttp=2IJc7U7YxykviRp8QtPXXi0RIet
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221201135600A1FE4B2F1A11E825651A
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebe802024c2f9cb24329469b2a0ee76db1f8dca16cc63ad329d9f2a2c729b0ed6a775f92a8d01e23304316bb2f88af84dbae02221ce20a84c91eea6fd27b32eb7d
x-origin-response-time: 83,23.218.220.136
x-akamai-request-id: 30d41bc0.862d514
expires: Thu, 01 Dec 2022 13:56:00 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 01 Dec 2022 13:56:00 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-218-220-136.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=101, origin; dur=83, inner; dur=81
x-parent-response-time: 181,23.36.79.28
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /device_by_model/?model=x64 HTTP/1.1 
Host: app1-smartsecurity-etl.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.208.186.182
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Server: gunicorn
Date: Thu, 01 Dec 2022 13:56:00 GMT
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur

                                        
                                            GET /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1 
Host: overalltrack.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         68.183.98.124
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 01 Dec 2022 13:56:00 GMT
Content-Length: 126
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   126
Md5:    c8f85db18fe8f89306f6c0819c67036d
Sha1:   7b5c44e4a9fd70e664aa4fe54fc0bd7bb3963a31
Sha256: a71ab24977d03d440189548647bee7fdbdf0d6dee44478d1f6b44f17699a75ee
                                        
                                            GET /img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fexceptionalphonesecurity.xyz%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 01 Dec 2022 13:56:00 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c73da3f2f7de48b295b03919a717fb0a; expires=Fri, 01 Dec 2023 13:56:00 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /device_by_model/?model=x64 HTTP/1.1 
Host: app1-smartsecurity-etl.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exceptionalphonesecurity.xyz
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.208.186.182
HTTP/1.1 404 Not Found
Content-Type: application/json
                                        
Connection: keep-alive
Server: gunicorn
Date: Thu, 01 Dec 2022 13:56:00 GMT
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Length: 86
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Via: 1.1 vegur


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size:   86
Md5:    024c203b02c3d88f5e07d125220aa18a
Sha1:   4450bc452d44c05834e068f5341745b2e81ebbe3
Sha256: a7360add54a81883d7f3e724d07de917a7fcd5cc190db96b7de642d34ceb2787
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8E41BA48D3C92BB662F30BF3F2F3B8902558E4D287401A6C8F7FADFAFD5ADDFD"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3010
Expires: Thu, 01 Dec 2022 14:46:10 GMT
Date: Thu, 01 Dec 2022 13:56:00 GMT
Connection: keep-alive

                                        
                                            GET /testb.php HTTP/1.1 
Host: primaveratrack.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         167.114.103.223
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 01 Dec 2022 13:56:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   126
Md5:    a5b3bfed693e840e5d91095409c6af0b
Sha1:   7fbe8433eda44893839708d5ce47d7a7041005fd
Sha256: a04e547854da7a70b03398e9329527420ef9f14486d35d5c3186ee46248f25a4
                                        
                                            GET /pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js HTTP/1.1 
Host: redrotou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 01 Dec 2022 13:56:00 GMT
last-modified: Thu, 01 Dec 2022 10:08:09 GMT
etag: W/"63887d09-997e"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   14527
Md5:    c84d1fa2aca93b8465a1e60feeb99c4e
Sha1:   29e52f20633535ece260fbe5bbb34f98f5585bfc
Sha256: 33a14fa524404d1121104bd80b611f71e888ef64664a3b7c854fadcdada0fdfc
                                        
                                            GET /redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1669902960934&hash=7H1Q9S_GEe5bCp_LwV1KU4A5-wpK0GmHUqHKKpEOzsw&rm=DJ HTTP/1.1 
Host: track.profitableredirect.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=4ErwKZdUGM5mQ3nrT-eoPwigb4CRUL1Pz4LzJnWqK3k; cc-v4=0K2PYW4CnrzpS9%2F7SvlLGo0jW5LdTe2t9ZRYU3uIM4HLAC6SjicQ6ScDOWkul85Q7qYJSsMr12CI145O3mGi1enVlzSixZOhjHmTpNiGaLiFd9W9wpAsloj%2FQrdYzGvdVzcgA2VPy92RlYVKyn%2FbNg%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         18.192.108.151
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
server: nginx
date: Thu, 01 Dec 2022 13:56:01 GMT
content-length: 424
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (424), with no line terminators
Size:   424
Md5:    03ab185b43632ca143ad0a05b5ad7c76
Sha1:   d650a7441bef0d8c04f8aaaa2de6be743d757460
Sha256: 72235612e73b145c28b49ac3d247f41c942f81be00a5de5d6ecfb985787e2a4d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B59A2C913A203AF90E4B82B1AA490697EED742B5BEE649520F81B37A348F36A7"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15992
Expires: Thu, 01 Dec 2022 18:22:33 GMT
Date: Thu, 01 Dec 2022 13:56:01 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5414
Cache-Control: max-age=154780
Date: Thu, 01 Dec 2022 13:56:01 GMT
Etag: "638856e7-117"
Expires: Sat, 03 Dec 2022 08:55:41 GMT
Last-Modified: Thu, 01 Dec 2022 07:25:27 GMT
Server: ECS (amb/6B77)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6091
Expires: Thu, 01 Dec 2022 15:37:32 GMT
Date: Thu, 01 Dec 2022 13:56:01 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ouhastay.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=27a00c735e5f48c280acf71b82e65128; oaidts=1669902961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Thu, 01 Dec 2022 13:56:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3030
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 13:56:01 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3030
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 13:56:01 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3030
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 13:56:01 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3030
Expires: Thu, 01 Dec 2022 14:46:31 GMT
Date: Thu, 01 Dec 2022 13:56:01 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 05:45:16 GMT
age: 29445
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4762
Md5:    d2dd5a4bcfd47db8f38544bf39ce3031
Sha1:   fa2217bae05b7beca2e12597eaad835298276b82
Sha256: 3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:57 GMT
age: 57784
etag: "53650399f9a986ba54addd668b4557109d12003b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9674
Md5:    5508d05a290b663fd89ead9b58f2efd8
Sha1:   53650399f9a986ba54addd668b4557109d12003b
Sha256: 65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:58:06 GMT
age: 68275
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8740
Md5:    26d6dffbf400da4803a2e76e2a8ef2f8
Sha1:   2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
Sha256: 04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9459
x-amzn-requestid: 9e243a73-18ff-4abf-9b9c-442719960125
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpppFXjoAMFehg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bca3-47620f39181264772d2fb52d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:13:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _v5hatZyEWVRB4Tebygbb-QfE02oaFxE8CRfQsUY7I_ektxE3YeIpw==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 17:08:01 GMT
age: 74880
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9459
Md5:    e1e6b6ba4f82221b41c3d9129008c76d
Sha1:   2f9532d698b4c28df23e18bbb66399ec776d5b9f
Sha256: 218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
                                        
                                            POST /img.gif?f=merge&userId=27a00c735e5f48c280acf71b82e65128 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 01 Dec 2022 13:56:01 GMT
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=27a00c735e5f48c280acf71b82e65128; expires=Fri, 01 Dec 2023 13:56:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 57841
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16038
Md5:    ffd12f9c423ffc627d9e3b3145944fe4
Sha1:   5cf9a7a784952e1bb0cbe499104f1774b1269d08
Sha256: a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:47:30 GMT
age: 58111
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12898
Md5:    820cf89fcab8380adff42982c9fb11ed
Sha1:   84241ddddbbfd7de30118307fb1a62800d0a4cb3
Sha256: 0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
                                        
                                            GET /assets/reg/v2/registration.js HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:05:48 GMT
cf-cache-status: HIT
age: 6597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtEmRqGuS%2B5Yu%2B8sdCbiR6xbxUIIPJfRsP29OBEmY7PMNcUX9i8RFwTsvYJWe6vi8%2BZddeCk6znfCcdXLff%2FIhd4X25HNpd4KxZvNdStvt1vjg4w%2FhXVfUKaLyqIioStpjIdGlU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52e8cfd6b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (22747)
Size:   5580
Md5:    104fc47dab5c100e5a3bd9957faa49d5
Sha1:   6f6214a84ae4c1068a32933d095cc3d094ddfd67
Sha256: 52ae22fe9a097988e2a3e0ff855f42b0a511f2c4fd1507261f82ca78a3a978f0
                                        
                                            GET /assets/img/2021/06/23/1627034872559-2caa23ff-eecf-4033-b355-8c1f5da0ec76.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:05:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsYGV2AI1IPJPSSnlwtOb0%2FqNcu3Dg8IFDM8qMxFhtxCsCgsr5AKbd0Z03dOaGi3ysjuatKdaZHYE0hT%2Blm4Wht3ENq6AMiBS7%2FRysZXzPmBiAdY6X6kaz8uGHqt%2BL0oqGTAxvQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52e8dfe6b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 108, 8-bit/color RGBA, non-interlaced\012- data
Size:   20511
Md5:    f3a8f3a4abfeacc637678cf53cd47b1c
Sha1:   9daf2a15dbfcb5a008fa597a3a010ce8e1f6bcc1
Sha256: a162e081c020d7aafc1c61036d2d86147785142039e414a020d2948f1d24893b
                                        
                                            GET /assets/reg/v2/registration-form.js HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:05:48 GMT
cf-cache-status: HIT
age: 6597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2kI%2F7wdbf7oNA6FjXMPpNfsbG4ENK2%2BLe9Otecah%2ByEpJUL4856EzQgX4CMLlrs7j4hfH%2BxrNG%2F%2BEDIm6etf06DgS4X1%2B6eHLm7eOF8seSrpb%2BCWQC5gEBnEkZPDhtN7ADJQbY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52e8cfd7b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (41190)
Size:   10717
Md5:    0cd34780f8dbb8c752989c432f153da4
Sha1:   284865fb0c13956f1fa8cf143c6ff575727eb997
Sha256: d41d4a7bf946a307accbb84250d2602f894ee44b5e23093a7c7dd19f0626cd40
                                        
                                            GET /assets/img/2021/07/03/1627983967543-9619d850-d57a-4851-807a-02068b4f5e17.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:05:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cG5NCj1d59dXatQE5nDbhtnVHl8FMpBSIUlP7V6ExhDtZ4GTRQwYZdwBHzdK99tkBlVmeupCva6Qtw6XrfFghP3PeNFehs7987U6xRuAWVwabOKtQ1vDMEb86NUCTWZ6RHdGXoY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52e8cfe2b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 200 x 82, 8-bit/color RGBA, non-interlaced\012- data
Size:   14044
Md5:    513486af85cff46ad0e9421ac2fd4639
Sha1:   d046aa526e5baed8e0928aefc293071f7a9990a0
Sha256: 1d71e76d1c05be1993428b9bc04c410d5d2b635250114acdc555b1b36f89f6f5
                                        
                                            GET /assets/img/2021/07/03/1627983981297-09ae9196-87ef-4a69-938e-8ca455880a42.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:05:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QY3z7GGdwgWTLb%2BdfrJsAQRPZSPYHU0DdAScYixWf3Elqpux6b%2FfUa9L3HPgmmEhsactF56nKO6EVxqvwdfrWjr5pOSU0LBCMwN7drUphSICGU%2BiyuOzNT8%2BBZ1%2BP2RjXBAUAgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52e8cfe4b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 66, 8-bit/color RGBA, non-interlaced\012- data
Size:   56224
Md5:    cc40f92b37e300be1cd9c11f3203c1a9
Sha1:   936662c22f030db7a4294327bf7177c39ee5e60f
Sha256: 2904f713f7a178d8f837326e0bded7a5a6296a53eae42f6be415e41ee2635f45
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 13:56:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static-staging.igms.io/audience-tracking/v5/tracking.js HTTP/1.1 
Host: storage.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.16
HTTP/2 404 Not Found
content-type: application/xml; charset=UTF-8
                                        
x-guploader-uploadid: ADPycdsGHC_Z0RsQERlLinKy-CfRTDrmzN1ZVpoDCDGullCLhNMER87k5j3_zTpIeBX8UblTJk-UrmrmPJ65LortBAJx_cpid1Gv
content-length: 191
date: Thu, 01 Dec 2022 13:56:02 GMT
expires: Thu, 01 Dec 2022 13:56:02 GMT
cache-control: private, max-age=0
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with no line terminators
Size:   191
Md5:    65133a399cfeefabf1a0f07b64aaaa8d
Sha1:   07518d02c8e2ec46ac10df4645c3fbd45e48eead
Sha256: 387d3d27583f3534243f62a34937aa3a9121df3d2a481315ee6cc65170dd76cf
                                        
                                            GET /css2?family=Cabin:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.74
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 13:56:02 GMT
date: Thu, 01 Dec 2022 13:56:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /assets/img/2021/07/03/1627979101733-6f5c97a5-241b-4c75-a8ad-48f67971041f.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:05:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbLvC5vzHsLB6xvRPuXpQ6AUk%2FahHvo0uv33tQjTtQIQZOFWFAhpL1dFeOW6WFTdgeZ64Q4%2B5eFGsFA2jlq%2Fl%2Fu8XW603U6o2SUK8zHCLWqJrYs%2FmIhTTLHqk3pkYZhta%2B6UQIw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52e8e800b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 117 x 93, 8-bit colormap, non-interlaced\012- data
Size:   1982
Md5:    0512b0bdd051454c74fb483c4e42a34c
Sha1:   9a5d0031b02806e140eb0d0723ce7c20c0d01da7
Sha256: 0f2516638e6723971826e591d6401cb505286809d00a00b8aef1131ad7720083
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 13:56:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 13:56:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 23:53:10 GMT
expires: Sat, 25 Nov 2023 23:53:10 GMT
cache-control: public, max-age=31536000
age: 482572
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Size:   26100
Md5:    312bcfa92b0b0a09c3f404b2c662a0b6
Sha1:   5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
Sha256: 979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 13:56:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "83203278DADEC9319A72CCB142C413696D8BD09A25F1B6C8D1EDEF20405E90F0"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6090
Expires: Thu, 01 Dec 2022 15:37:32 GMT
Date: Thu, 01 Dec 2022 13:56:02 GMT
Connection: keep-alive

                                        
                                            GET /flags/4x3/no.svg HTTP/1.1 
Host: flagicons.lipis.dev
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.199.108.153
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: GitHub.com
x-origin-cache: HIT
last-modified: Wed, 19 Oct 2022 08:52:22 GMT
access-control-allow-origin: *
etag: W/"634fbac6-13e"
expires: Thu, 01 Dec 2022 05:39:42 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: A836:0EBC:E0970C:E789DD:63883BC6
accept-ranges: bytes
date: Thu, 01 Dec 2022 13:56:02 GMT
via: 1.1 varnish
age: 277
x-served-by: cache-bma1683-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669902963.840290,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 14b1abea06b32e482f7978a57a87b6d20a90d4d5
content-length: 188
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   188
Md5:    f916e66fd4723d7b98979d330bdab4d4
Sha1:   b30df178bab8c3751c9e593dc19999823d98c6a7
Sha256: 9c4ce2506adbbb63dda2139fb698e6ec80134b41862e8206d431ba3607cd4148
                                        
                                            GET /p.js?f=sync&lr=1&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Thu, 01 Dec 2022 13:56:02 GMT
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   697
Md5:    109d9d0f284658da4525b3d1c0ead2ec
Sha1:   3fc4214c1bef95a85db5eaa84c262d6d85275b6e
Sha256: 73657615b5abe9d595c5dcb7faa33dd526743bc03168c7fd72de56d573c5cc7c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1645
Cache-Control: max-age=97361
Date: Thu, 01 Dec 2022 13:56:02 GMT
Etag: "63878556-117"
Expires: Fri, 02 Dec 2022 16:58:43 GMT
Last-Modified: Wed, 30 Nov 2022 16:31:18 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.110
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 01 Dec 2022 12:41:08 GMT
expires: Thu, 01 Dec 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 4495
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /external/465726082.hd.mp4?s=e5c3d3024ed8e02293307a9d67b5e6f9b16e59e8&profile_id=174 HTTP/1.1 
Host: player.vimeo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         162.159.128.61
HTTP/1.1 302 Found
                                        
Date: Thu, 01 Dec 2022 13:56:03 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Location: https://vod-progressive.akamaized.net/exp=1669917363~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=c062c77407dcb73cfebfe8cf05a8184ca045ea1cff2247e34fa00f7f0eb4c3b4/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Host: player-backend-695f8f48df-7xnzz
X-Player-Backend: g
X-Xss-Protection: 1; mode=block
Via: 1.1 google, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-bma1643-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1669902963.009605,VS0,VE136
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=BgBcNW6OnjGprhOlMDVTpjo3nkmiMUL1NbhveNDJJg8-1669902963-0-AWyWnLrsf9C0sPsDanTu59d9D2do/4XzRu+ktOz8FBneN3jzJYK7swNdZ0eA2RioJ6QwvDkEucVR6/boCX/gpnk=; path=/; expires=Thu, 01-Dec-22 14:26:03 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 772c52eebc78b50b-OSL

                                        
                                            GET /img.gif?f=sync&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a&ttl=&rurl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D622180714959606306%26country%3DNO%26campaignid%3D6340333%26cost%3D0.003225%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk1 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Thu, 01 Dec 2022 13:56:03 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b73a14009eee4154a0c0fb603db33394; expires=Fri, 01 Dec 2023 13:56:03 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /exp=1669917363~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=c062c77407dcb73cfebfe8cf05a8184ca045ea1cff2247e34fa00f7f0eb4c3b4/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4 HTTP/1.1 
Host: vod-progressive.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: https://broker-systems.com/
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.18
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
X-GUploader-UploadID: ADPycdvFALOJgFC8lHRE0XZtj_vOO8NMw94V883uDWMJyDi0Z5tzcMZ5sJ_cbHrMp_W3I5t9ZIwCFXUG4i7oN_MZINQBq6BT75Ie
x-goog-generation: 1661020573365224
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11965965
x-amz-meta-x-goog-reserved-source-generation: 1602068348320686
x-goog-hash: crc32c=hqujiA==, md5=DBrrzNDq44InOGp42cFLAQ==
x-goog-storage-class: COLDLINE
Accept-Ranges: bytes
Server: UploadServer
Aka-c-hit: cache-hit
Last-Modified: Sat, 20 Aug 2022 18:36:13 GMT
ETag: "0c1aebccd0eae38227386a78d9c14b01"
Cache-Control: private, max-age=30649129
Expires: Tue, 21 Nov 2023 07:34:52 GMT
Date: Thu, 01 Dec 2022 13:56:03 GMT
Content-Range: bytes 0-11965964/11965965
Content-Length: 11965965
Connection: keep-alive
AK-REFERENCE-ID: 0.e0b655f.1669902963.6534886
Akamai-Mon-Iucid-Del: 875210
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Timing-Allow-Origin: *
X-VIM-CACHEBC: EP:H11,E:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, AK-REFERENCE-ID
Akamai-Edge-IP: 95.101.11.18


--- Additional Info ---
Magic:  ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size:   11965965
Md5:    0c1aebccd0eae38227386a78d9c14b01
Sha1:   f05673ace82e6c754989e36334a939d66fadf3c8
Sha256: d945e04c74f6b88360ee453d3183015ed971b3dd55c89de0d36e11e117c0137d
                                        
                                            POST /g/collect?v=2&tid=G-Y5BMFENDVB&gtm=2oebs0&_p=1790627210&cid=941566148.1669902961&ul=en-us&sr=1280x1024&_s=1&sid=1669902961&sct=1&seg=0&dl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D622180714959606306%26country%3DNO%26campaignid%3D6340333%26cost%3D0.003225%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk1&dt=broker-systems.com&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://broker-systems.com
date: Thu, 01 Dec 2022 13:56:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /assets/img/2021/08/08/1631094157993-71e6734e-0583-460e-ad85-f2e9c96f6f65.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Cookie: _ga_Y5BMFENDVB=GS1.1.1669902961.1.0.1669902961.0.0.0; _ga=GA1.1.941566148.1669902961
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:15:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 5989
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4VkaNeQiSAVae9exvLeMOfDbHnXYVVzNgmULwyVdc0srYXRD%2B3YIye4A%2BozXAzgfBMVKRImtwibNGbs%2FU%2FnvkdwtrqUo9tVqtUocZ5TNh7GE%2BkjCZnvB%2BIlNa859M9lp%2BiFtso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52ee9880b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1 HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Thu, 01 Dec 2022 13:56:01 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rltn0fZ8C%2FZSILnjO%2BSTNJ7nG14YlkzpHiJ10SnDQKPo6AmQP%2BXiCNR8NANqv%2Bf4Umv6Q6%2F7or%2Bbi2d2Gb1%2FHhM%2FvGuffVEylbFNsVu%2BEnsdldiF2apM3UoVI39Vt7ODXPSlR7I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52e61c0eb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /services/offers/register?language=no&includesConsent=false&includesMinimumAge=true HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 13:56:02 GMT
cf-cache-status: DYNAMIC
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVNWbBMLiNTTHrIGwRnMI3zFaYHvxfB9yQ9tt3EZHUXHgXyKNUQ%2Fx%2FWUoPInqCrXsPAuDqKn1ZcVvlMndTGuEofxg6RYka%2FfFNAKhjKgtGl563%2B66EoScgvM6K2avbmLHfFa5vI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52ea79f0b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/06/26/1627297013883-7dbc897f-02ca-4586-9259-4c23ea49acb5.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:05:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjfJWcnz3S3%2FM77uxTv9oKwVRydo8kewrEHZRRAYCpiyO3MSQPOL%2BMk6NF9TejocDdw0wOLv9eCbmmi7d3MFy6gC0e9obFfwlhjGTig7zBCnElLDSJ0jNcrlUk01zAj3YbALFfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52e8dfe9b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1 
Host: exceptionalphonesecurity.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.21.6.184
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 01 Dec 2022 13:55:59 GMT
last-modified: Mon, 13 Jun 2022 09:09:10 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEduppPYshxDcDbdVeesNwkqu4xlm3x7G6VzNXb8tdyj3LN8k57odtnuB6LZAfmvhAGKvuwZqJPr5O64RuaiVoMowPX7qKngKxbB1%2FiHBR9HfNUIjHAV9tz2lpTI%2BDqBzIyez23Njo9aywwHr9TS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52d66b7fb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/06/23/1627034952535-217e2eaa-ce12-41ea-92b9-82e94483661c.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:05:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAKRPM8uMx4e%2BIe%2FkjXmYmjRoctvzVt0i7R%2Bav9bNDe%2Bj4cdbdW10w%2FBkaAd4YXEryDTdkk6TRwZtZ7UOVFrnwkq6wpElErD3PVQQ34r26exzlHrJtTLhPWf%2BmY8REcA0ZomrEA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52e8cfe3b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /vue@2.6.14/dist/vue.min.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.125.175
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"16fc7-2o16WfTmzFXqWKvsM++c67m6Z8E"
via: 1.1 fly.io
fly-request-id: 01F7JYERAAW5E3031G1EAGDR8T
cf-cache-status: HIT
age: 15307131
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772c52e938c7b527-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /afu.php?zoneid=3647676 HTTP/1.1 
Host: ouhastay.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/html; charset=utf8
                                        
server: nginx
date: Thu, 01 Dec 2022 13:56:01 GMT
x-trace-id: a2a047ad5678cad889d8b06ffb928aed
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://broker-systems.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=27a00c735e5f48c280acf71b82e65128; expires=Fri, 01 Dec 2023 13:56:01 GMT; path=/; secure; SameSite=None oaidts=1669902961; expires=Fri, 01 Dec 2023 13:56:01 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /assets/img/2022/02/04/1646413684488-18ea1365-fd52-4a50-b07f-2ba9046efb59.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:05:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABDCGlkBpIkvGeygqCpnCorK85V4vDz9qJUBn0G7XdxXe4tIJCV5MdvTlhXRTOrD8PF0XbMMugNp1znDny0gzEvZnhE526lP8fwvZ6E7g%2FeCI73%2BsukpafHcjXCTErUtVbhxmhc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52e8cfdeb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/07/03/1627994332152-c4584953-f3aa-4b49-b0fb-e9b64e9d2a97.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:05:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIFgKkU5gudYfX35JcD1Bdy7AwJHnfAO%2BpB24CuPFSJsIOxsCQ92URFTR77BxFznwDYed1IrzeYbL6Vzx57pVv7jVlxcrRhhNTuMTnKGKHBRyuFzw32YbLw0W7KCL4UE5WuqyPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52e8dffab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/06/26/1627289251805-4a55db67-c49c-4dc8-ad85-b582754777ff.jpg HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:05:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pc%2FE4h%2Fb4m8wMUgLnCvTkhUurbKAClEKRoOzXtxcjvYM5c0SvfD%2BLeT84oGVkglL1Nc78bvGZ6l1bYCu82j1w1CEPqazFgFeZpcTT%2FnkxqrdWjIKzGMifMkhspxMrAUyjUtd9vw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52ea0979b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/07/03/1627994280359-a8930d1d-c68c-48c1-9109-f4c3e8036b91.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:05:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOC%2BcS0afjqDMmZqOaEVBKso1CdfbJykuz45fr2oItZipm9Cr5atlf58zmnrMMBWZRGhWgDrvxDwP8FHyP%2F4zcLfBhGOR2Dv%2FQwSSdvj8lkvjFyBln%2BoCJvuUA2NcPZwodghwD8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52e8dfeab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/06/28/1627484559621-a2880a7f-56da-4ccf-98eb-f1448814c9da.jpg HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=622180714959606306&country=NO&campaignid=6340333&cost=0.003225&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 01 Dec 2022 13:56:02 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Thu, 01 Dec 2022 10:05:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FmIl3EDs5qsjNNLNMW4RzaV4livnBIUNy%2B3S%2F9Mx%2F7VubXGWoD0A6fycRIsNa%2F2KSTPJjM4hrN3nRQFcN%2FXGhq9TU99iPMjFE%2FrNwKmVWRM7LCS51GUpHxBJuuwYgAsvsmTxpA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772c52ea1989b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---