Report - a.vfgtg.com/bb7e836a-79d2-4d6a-adaf-2b9ae2547988?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&Target=Email&affsource=test_dat

Report Overview

Submitted URL
a.vfgtg.com/bb7e836a-79d2-4d6a-adaf-2b9ae2547988?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&Target=Email&affsource=test_dat_3&bo=2753,2754,2755,2756
IP
18.192.108.151
ASN
#16509 AMAZON-02
Submitted
2023-02-04 10:36:39
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
zzotrack.com	470411	2021-01-12T07:31:38Z	2023-03-13T06:42:54Z	581 B	887 B	18.184.38.55
media.xn--vtedrmmer-52a7s.com	unknown	2021-02-24T13:41:44Z	2023-03-12T23:07:33Z	4.8 kB	651 kB	54.230.111.43
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	753 B	458 B	216.239.32.36
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.4 kB	2.8 kB	216.58.211.3
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.8 kB	4.5 kB	143.204.42.88
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	62 kB	34.120.237.76
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	395 B	78 kB	142.250.74.40
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
s.sloffer1.com	unknown	2022-03-23T08:52:34Z	2023-03-13T05:42:13Z	2.3 kB	4.6 kB	52.1.220.62
tracking.t0r4.com	unknown	2022-05-18T22:26:48Z	2023-03-13T06:42:41Z	573 B	1.0 kB	172.67.190.127
www.xn--vtedrmmer-52a7s.com	unknown	2020-11-10T16:52:01Z	2023-03-12T23:07:32Z	3.5 kB	2.5 kB	143.204.55.33
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
a.vfgtc.com	unknown	2019-09-27T14:31:23Z	2023-03-13T05:42:00Z	1.7 kB	2.0 kB	18.192.108.151
www.ntr4x.com	unknown	2020-02-24T17:36:01Z	2023-03-12T23:07:32Z	574 B	2.2 kB	34.252.0.95
a.vfgtg.com	279695	2020-10-09T14:43:03Z	2023-03-13T06:18:06Z	523 B	945 B	18.192.108.151
a.vfgtf.com	unknown	2020-02-06T08:47:32Z	2023-03-13T06:26:49Z	837 B	1.0 kB	18.192.108.151
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.166.71.249

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-04 10:37:04	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	www.xn--vtedrmmer-52a7s.com/lp/lp2	119 B	2023-03-10	2023-06-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:52:11 Last Seen2023-06-26 20:36:00 Times Seen20 Hash b89ad792871f95eec4ecf1d78003a741 8c8b8b70e32a8ab4be57cf714955c4245f7496b0 d081cefdde20725fc6244726e7fbb808c9d4c8ba15fa35142b5c7f1442f17ded Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	242 B	2023-03-10	2023-06-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:52:11 Last Seen2023-06-26 20:36:00 Times Seen20 Hash 5907ecd44b1b7b34becc76db32ad778a d37f3639231322f7a1c4110266383b2469835ca1 113ef47ca0bb39409c7971531c25e7276183fe1bf1e2fa62727f8d74d7b72d58 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	153 B	2023-03-12	2023-06-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-06-26 20:36:00 Times Seen18 Hash a626e19587a0e8b7771a6e4e8b99a5c2 68e4b1996fe44a89bd0697055ab12c2717148d18 630decdccd2c4f9d7ea6962ef81da9024ceb80eb06647d1a26408a64e18e73f5 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	365 B	2023-03-12	2023-08-06
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-08-06 06:43:54 Times Seen17 Hash 43d2bd45e416c5d6f06bfbbd740e789c 0b302783e23f14680d765d059ceacd657ff6c6a4 1ae5465b40522dd929c79e57679588f5a864e88506b37dc9bc5561625283b93d Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	2.2 kB	2023-03-13	2023-03-13
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:40:00 Last Seen2023-03-13 16:40:00 Times Seen1 Hash 94e94c63404ac18fec9dae024e95d237 a71d876fd08909ef33252fbff6f8a0e1f455a3c6 82f5c8d662c72b5cc6d8489955daaf67823b100af9753d11456d815746c78636 Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 02:30:10 Times Seen37534018 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826	273 kB	2023-03-12	2023-06-26
Pretty URL media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826 IP 54.230.111.43 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-06-26 20:36:00 Times Seen16 Hash 2fceca9c9c3a844bebbd26dabfb3ab88 8d701f2ba8caa71d80c86d91cfec71feddb519fe 04d1d1916ce115057f37990dc90a883df8d6ad4a0164e4328e7e93b0b3779766 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	186 B	2023-03-08	2023-08-06
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-08-06 06:43:54 Times Seen23 Hash 7a5a3c253fb8c0109d401d2a12282f69 03af452f7952d33c9b33de0b60c5228faa845918 1fddad8a6e43ab09d0f93c476f2c471f38a3f7caac143c55c796bb067f3f8ec1 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	1.3 kB	2023-03-12	2023-03-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:00:35 Last Seen2023-03-26 04:31:23 Times Seen7 Hash 71481389f236eeb454e573eef7976ef6 1014e7253341acbcdedba690df735342cba2a901 2714dda1b8c550ad99b21374a3e1d1eaf0e233f5fae7e1a9817675ccb21905cb Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	27 B	2023-03-08	2023-08-06
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-08-06 06:43:54 Times Seen23 Hash 02caf34b7fca4b024541d3eda5298f6f 7b1a634b0c2cdda07816012f54d9b6e71ad52617 f5099ea6d725322450a99e12157cc73fbb1124412a13829f9cc77a8b51ea4c56 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	1.1 kB	2023-03-12	2023-03-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-03-26 04:31:23 Times Seen16 Hash 3cf802570312177563e6e605b3da30ff db089637f08db256643c16e5dc26ffe67a66e8c1 e9bf205f3934c182dc6b07c2177ea594674d1422ad271b8d497bb38d3fb77e45 Loading...

	media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826	852 kB	2023-03-12	2023-05-21
Pretty URL media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826 IP 54.230.111.43 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-05-21 17:23:12 Times Seen19 Hash 5ccd56010145fbf60deadcc15088a84a cf4c53164caa8db2a4cf04c0dab1f07769ca4ffa 3b7f647519c927e4b45563a990b749544903607daf1f703ebc39f6f66d190207 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	2.5 kB	2023-03-08	2023-09-23
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-09-23 13:25:43 Times Seen24 Hash 8a3075a7a7a13fda2fb4449130d1c28e 2213eb26e4febab7ff3ae870f691ed6441e506f0 8686cd0c3d5909495cf9881688031d69c1dccc307807dfad4730e7ee1f256c56 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	539 B	2023-03-12	2023-03-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:00:35 Last Seen2023-03-26 04:31:23 Times Seen7 Hash a08676f66b7df62b9ffe0285a1a2afc5 a4fc21492b5590f563198f59b5f6f0d534381067 7f2c4faf91066a580c456985543683253c0536c19e5cebe04cd183de9b5ccc24 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	123 B	2023-03-08	2023-08-06
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-08-06 06:43:54 Times Seen27 Hash af597a259741a5bcca3e0455a9f75043 f9ddc0c4be7a54147cab433df839bcd68faf099d ab9368d8ee07df0c6b127f9a7b7d2e7a80cfd590cb5d3c63adcdb0ee96c76562 Loading...

	media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826	1.5 kB	2023-03-12	2023-05-21
Pretty URL media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826 IP 54.230.111.43 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-05-21 17:23:12 Times Seen19 Hash bc543a1964dc1e607103b069492122d3 2d9eb85249f431c91e45f913559b629a7077a491 8eadedc31df40d3cb3bf8884be6019c7b162c771aacb527d1fa6d439c6ff7190 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/blank.html	211 B	2023-03-12	2023-05-21
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/blank.html IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-05-21 17:23:12 Times Seen17 Hash 68c2046c1838da555f9324367c6abaf7 a85fabf0943051d754f533497136eda298df85c1 02a1bfcb1da314cb3d780a031f401940761375fb8a2318980f1070cd84fc70f6 Loading...

	media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826	124 kB	2023-03-12	2023-05-21
Pretty URL media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826 IP 54.230.111.43 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-05-21 17:23:12 Times Seen19 Hash 7c30cc5b8d4d77bbf157492394e54334 002c4cff4f2bffb5e5242f9ed96ddc065f3197f9 3e563415edb9228a8aaf1d90757762ca9406b0d73c544bbb1f5ae2ea3d59a67f Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	897 B	2023-03-08	2023-09-23
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-09-23 13:25:43 Times Seen24 Hash a8c2afcd07eaab8c73baa0970701607c e3977b16e5bc014a13619c133695f5ca71325a48 347a88053808fd1b963a4f0d51bdb251fe5d8f39a3f4dd322e0077544fb28ffc Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	220 B	2023-03-12	2023-06-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-06-26 20:36:00 Times Seen18 Hash 20a943567cdc62cc1d2c90810094471d 706f4a3f2947e24a865790fca833c86f907bfe80 5793384b26fd765c81ae3a2ae92d9dd598f57b963d0f76531abb0585d8e10242 Loading...

	www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E	220 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:40:00 Last Seen2023-03-13 16:40:00 Times Seen1 Hash 827edffe05cfcdafb40da0d53ae5995d bb7b6a977a88e213cfcc87577009624280a14371 9542ca1de79af6166cdfd02f447eba8e09a0c9babf12c2b721840e0a5be31a69 Loading...

		Size	First Seen	Last Seen
	#1 Write - 9c6d421d65ea127b09a2d05a1d3232a1	133 B	2023-03-07	2024-03-08
Pretty Observations First Seen2023-03-07 01:03:02 Last Seen2024-03-08 19:28:03 Times Seen73 Hash 9c6d421d65ea127b09a2d05a1d3232a1 cec9cdbc38e5bd9a83e9db038342e650e22af326 41836613083ad8b4578d6fd56c1a0ceab44924d3739f40cc935d11daf2279fb5 Loading...

HTTP Transactions (57)

	URL	IP	Response	Size
	a.vfgtg.com/bb7e836a-79d2-4d6a-adaf-2b9ae2547988?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&Target=Email&affsource=test_dat_3&bo=2753,2754,2755,2756	18.192.108.151	302	0 B
URL HTTP/1.1 a.vfgtg.com/bb7e836a-79d2-4d6a-adaf-2b9ae2547988?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&Target=Email&affsource=test_dat_3&bo=2753,2754,2755,2756 IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /bb7e836a-79d2-4d6a-adaf-2b9ae2547988?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&Target=Email&affsource=test_dat_3&bo=2753,2754,2755,2756 HTTP/1.1 Host: a.vfgtg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 HTTP/1.1 302 Server: nginx Date: Sat, 04 Feb 2023 10:36:27 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: https://a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&target=&Site=&Bnr=ALGO&cid=ws57s82dmj35rqcmio0lcm0i&affsource=test_dat_3&source=55609_test_dat_3 Pragma: no-cache Set-Cookie: bb7e836a-79d2-4d6a-adaf-2b9ae2547988-v4=yVn0Z6zfeGGPlHXQ1aaVfK4UfWNMYWjeW0gvMiJmSK8; Max-Age=86400; Expires=Sun, 05-Feb-2023 10:36:27 GMT; Domain=a.vfgtg.com; Path=/; HttpOnly cc-v4=fdWB2OWjs8Bw9qi96SxRQF5%2F1x%2FiqB4a1Asbq9H5GRzNyb6gOISMCvyV8KY%2BlCnUIq79%2BbL7uqt2KkT71Tlow6KX9C%2BZuIda1HEFvz736Wd%2FJIRIBYWMT9RP8QB6B5OtYq%2BdzWKm%2BmVmXJH31mR1gw%3D%3D; Max-Age=31536000; Expires=Sun, 04-Feb-2024 10:36:27 GMT; Domain=a.vfgtg.com; Path=/; HttpOnly

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 81713f952b51a865ad9764cde68e3fdb 278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF" Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13697 Expires: Sat, 04 Feb 2023 14:24:45 GMT Date: Sat, 04 Feb 2023 10:36:28 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash ec47f9eed203ae063b9c210009de54a9 19ff156471b9cffbc2432c5b65543bdd18e36271 3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48" Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14200 Expires: Sat, 04 Feb 2023 14:33:08 GMT Date: Sat, 04 Feb 2023 10:36:28 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash ff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 04 Feb 2023 09:43:37 GMT content-type: application/json age: 3171 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash fb7b6b46e708ad73eaaa3c21e74569ae 950663c025acad81556af5aa3022ecc9d55097fe 763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64" Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12568 Expires: Sat, 04 Feb 2023 14:05:56 GMT Date: Sat, 04 Feb 2023 10:36:28 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: +ZXZ8UkSozkefTGNqxdB3etScbKZmKcBBCUrjOL79oVKQCaMIOQ8oRkQepZ0rykD3El38rXQfiA= x-amz-request-id: 6P1HVP5MBTBTCT41 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 04 Feb 2023 09:52:47 GMT age: 2621 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&target=&Site=&Bnr=ALGO&cid=ws57s82dmj35rqcmio0lcm0i&affsource=test_dat_3&source=55609_test_dat_3	18.192.108.151	302 Found	0 B
URL HTTP/2 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&target=&Site=&Bnr=ALGO&cid=ws57s82dmj35rqcmio0lcm0i&affsource=test_dat_3&source=55609_test_dat_3 IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&target=&Site=&Bnr=ALGO&cid=ws57s82dmj35rqcmio0lcm0i&affsource=test_dat_3&source=55609_test_dat_3 HTTP/1.1 Host: a.vfgtc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Sat, 04 Feb 2023 10:36:28 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=test_dat_3&aff_sub2=55609&aff_sub3=wuip6bub2pe2vqcmig3n9r04&aff_click_id=10288a745288d8801aa72dff3a1184&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_test_dat_3 pragma: no-cache set-cookie: cb5cb9a8-26a4-42ae-946b-aae4b3e52909-v4=fshnMJ_Pr9sDF2ioDFwNdcKhb5KgUOZ1nFhsPEDVuoI; Max-Age=86400; Expires=Sun, 05-Feb-2023 10:36:28 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=DUaAEup8E%2FxdsuYmCKV1%2FMZY4nWpnCGLu%2FAbmM1UZ3DzWeSB0KE1%2B6vmFGh%2F%2FTn97B6waDfmsCjEUC9htMGyTDThwwV%2Bnv5mz5%2F4ExvppxM%2F6CK9dWV9ylWrXTgY2p6O4q07mHcsw%2BH2p5qsEg0UYQ%3D%3D; Max-Age=31536000; Expires=Sun, 04-Feb-2024 10:36:28 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sat, 04 Feb 2023 10:36:28 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 41bb8ccd648809a344d0ca2fad720965 688046763e4a551675154df85302b591c6de3895 dffbd6064d5a7772a3c09d4ebcbbc52fe62d02ca5889bad2dab4302d23a63e72 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DFFBD6064D5A7772A3C09D4EBCBBC52FE62D02CA5889BAD2DAB4302D23A63E72" Last-Modified: Fri, 03 Feb 2023 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14003 Expires: Sat, 04 Feb 2023 14:29:51 GMT Date: Sat, 04 Feb 2023 10:36:28 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 04 Feb 2023 10:07:19 GMT age: 1749 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=test_dat_3&aff_sub2=55609&aff_sub3=wuip6bub2pe2vqcmig3n9r04&aff_click_id=10288a745288d8801aa72dff3a1184&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_test_dat_3	52.1.220.62	303 See Other	1.0 kB
URL HTTP/2 s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=test_dat_3&aff_sub2=55609&aff_sub3=wuip6bub2pe2vqcmig3n9r04&aff_click_id=10288a745288d8801aa72dff3a1184&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_test_dat_3 IP 52.1.220.62:0 ASN #14618 AMAZON-AES File type HTML document, ASCII text, with very long lines (1000), with no line terminators Size 1.0 kB (1000 bytes) Hash 852c640525e51f768f80faa227cdfb0f 7058d0aeec476e4ff11bfbcdeb09b12c30c8313e 76f4889d67444bfa21e5dc4e150aaa0a92c14dc2812470eecd8c6904572fc950 HTTP Headers GET /75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=test_dat_3&aff_sub2=55609&aff_sub3=wuip6bub2pe2vqcmig3n9r04&aff_click_id=10288a745288d8801aa72dff3a1184&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_test_dat_3 HTTP/1.1 Host: s.sloffer1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 303 See Other server: nginx/1.19.0 date: Sat, 04 Feb 2023 10:36:28 GMT content-type: text/html; charset=utf-8 content-length: 1000 location: https://a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_dat_3%3B55609_test_dat_3&affiliateID=44542&source=10203881a758b5b964ae687d115643&subID2=75077&s2=10203881a758b5b964ae687d115643&s3=test_dat_3%3B55609_test_dat_3&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=test_dat_3&affsource=test_dat_3&aff_click_id=10203881a758b5b964ae687d115643&affsource=55609_test_dat_3&bo=2753%2C2754%2C2755%2C2756 set-cookie: aff_ran_url_3785=26412; Path=/; Expires=Sun, 05 Feb 2023 10:36:28 GMT; Secure enc_aff_session_3785=ENC03074cefd998f6ec2fc6927ed6484f52080fd3bb7bae6efe598063aa601f05565d0d4fef724b9850cedfc0717e728c69b4d368c8cb590fac1b49be775b40fa946407f94df881bc92aed6c4f25ae3415d5aba5a5ac7c492924a71d766fd3c53f22245e7bdaa5ea19c8535458839624927cb9c5a3e250150ba6d1876be5a34857b839a1f8c73f9bfa6a695fc553525305d47e70157f26cb1dfd6630611d8affe74ebec6ab9fa610bdadcbfb44591a98e2e185e23e95e9527358f4ae8ee6773c4f78901d2141f; Path=/; Expires=Mon, 03 Feb 2025 10:36:28 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Mon, 29 Dec 2025 21:16:28 GMT; Secure tracking_id: 10203881a758b5b964ae687d115643 vary: Accept strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_dat_3%3B55609_test_dat_3&affiliateID=44542&source=10203881a758b5b964ae687d115643&subID2=75077&s2=10203881a758b5b964ae687d115643&s3=test_dat_3%3B55609_test_dat_3&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=test_dat_3&affsource=test_dat_3&aff_click_id=10203881a758b5b964ae687d115643&affsource=55609_test_dat_3&bo=2753%2C2754%2C2755%2C2756	18.192.108.151	302 Found	0 B
URL HTTP/2 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_dat_3%3B55609_test_dat_3&affiliateID=44542&source=10203881a758b5b964ae687d115643&subID2=75077&s2=10203881a758b5b964ae687d115643&s3=test_dat_3%3B55609_test_dat_3&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=test_dat_3&affsource=test_dat_3&aff_click_id=10203881a758b5b964ae687d115643&affsource=55609_test_dat_3&bo=2753%2C2754%2C2755%2C2756 IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_dat_3%3B55609_test_dat_3&affiliateID=44542&source=10203881a758b5b964ae687d115643&subID2=75077&s2=10203881a758b5b964ae687d115643&s3=test_dat_3%3B55609_test_dat_3&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=test_dat_3&affsource=test_dat_3&aff_click_id=10203881a758b5b964ae687d115643&affsource=55609_test_dat_3&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 Host: a.vfgtf.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Sat, 04 Feb 2023 10:36:28 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_dat_3%3B55609_test_dat_3&affiliateID=170910&source=10203881a758b5b964ae687d115643&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=w3l0buvj5qt44qcmipe2dp6c&affsource=test_dat_3&source=75077_test_dat_3 pragma: no-cache set-cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=6Aufmbj9o6kmDqmN5ne0T8v7Wd9ggxnhVXy1kg3s2jk; Max-Age=86400; Expires=Sun, 05-Feb-2023 10:36:28 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=LkqA8y0NJgX079AhBPneCAzueQkiQ7wTyuKdELrWA7fXuewIaOnl%2BrKoEX0FqfxAinm5qcm8UsYhK0ifOMiPWujlMaCQUAMMcOKIAIIIA4vaSMxtyonYX9NvMSDCD6EqYdpkR%2BjTevpuvJed%2FMwKSQ%3D%3D; Max-Age=31536000; Expires=Sun, 04-Feb-2024 10:36:28 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_dat_3%3B55609_test_dat_3&affiliateID=170910&source=10203881a758b5b964ae687d115643&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=w3l0buvj5qt44qcmipe2dp6c&affsource=test_dat_3&source=75077_test_dat_3	18.192.108.151	302 Found	0 B
URL HTTP/2 a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_dat_3%3B55609_test_dat_3&affiliateID=170910&source=10203881a758b5b964ae687d115643&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=w3l0buvj5qt44qcmipe2dp6c&affsource=test_dat_3&source=75077_test_dat_3 IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_dat_3%3B55609_test_dat_3&affiliateID=170910&source=10203881a758b5b964ae687d115643&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=w3l0buvj5qt44qcmipe2dp6c&affsource=test_dat_3&source=75077_test_dat_3 HTTP/1.1 Host: a.vfgtc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: cb5cb9a8-26a4-42ae-946b-aae4b3e52909-v4=fshnMJ_Pr9sDF2ioDFwNdcKhb5KgUOZ1nFhsPEDVuoI; cc-v4=DUaAEup8E%2FxdsuYmCKV1%2FMZY4nWpnCGLu%2FAbmM1UZ3DzWeSB0KE1%2B6vmFGh%2F%2FTn97B6waDfmsCjEUC9htMGyTDThwwV%2Bnv5mz5%2F4ExvppxM%2F6CK9dWV9ylWrXTgY2p6O4q07mHcsw%2BH2p5qsEg0UYQ%3D%3D Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers HTTP/2 302 Found server: nginx date: Sat, 04 Feb 2023 10:36:28 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=test_dat_3%3B55609_test_dat_3&aff_sub2=75077&aff_sub3=wor7bi23ia1iqqcmim3hk0di&aff_click_id=10203881a758b5b964ae687d115643&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_test_dat_3&aff_sub4=ALGO_bucket&source=75077_test_dat_3 pragma: no-cache set-cookie: 2d2fb929-79a5-4a1c-840d-3f370da182b6-v4=Hjf1ROeYEZuakH1RmSYRof6KQQ9riygOopMkQPI68KY; Max-Age=86400; Expires=Sun, 05-Feb-2023 10:36:28 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=CcK5BSrZb%2BZb6YuzAARjCNLyIdzeErllTPu7kXxicaMi5kZRCCJAU6n75oRhd%2F8o8gf7PMovW8SNY0gYa9vllLOVhFwPAcu2AMVYfihi5eo9mcdC1baemGiAKSkNhDAkJxXaaUlH%2FCGyuz58KxykYw%3D%3D; Max-Age=31536000; Expires=Sun, 04-Feb-2024 10:36:28 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dedf9c519ac38c4bece9c5bc895787d7 4911175c3f8a435978c5301c33c7a99a5e00a1d5 bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698" Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2378 Expires: Sat, 04 Feb 2023 11:16:06 GMT Date: Sat, 04 Feb 2023 10:36:28 GMT Connection: keep-alive`

	s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=test_dat_3%3B55609_test_dat_3&aff_sub2=75077&aff_sub3=wor7bi23ia1iqqcmim3hk0di&aff_click_id=10203881a758b5b964ae687d115643&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_test_dat_3&aff_sub4=ALGO_bucket&source=75077_test_dat_3	52.1.220.62	303 See Other	392 B
URL HTTP/2 s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=test_dat_3%3B55609_test_dat_3&aff_sub2=75077&aff_sub3=wor7bi23ia1iqqcmim3hk0di&aff_click_id=10203881a758b5b964ae687d115643&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_test_dat_3&aff_sub4=ALGO_bucket&source=75077_test_dat_3 IP 52.1.220.62:0 ASN #14618 AMAZON-AES File type HTML document, ASCII text, with very long lines (392), with no line terminators Size 392 B (392 bytes) Hash 3f607043672930eefc7d40daca2269aa 92a1fd11e14a798f6fd73fb88914557a5a820218 49d82668c5d9694e4e1decb560a252188cb386f17f74fca5e60afc215f401824 HTTP Headers GET /170910/8373/0/?aff_sub4=_bucket&aff_sub=test_dat_3%3B55609_test_dat_3&aff_sub2=75077&aff_sub3=wor7bi23ia1iqqcmim3hk0di&aff_click_id=10203881a758b5b964ae687d115643&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_test_dat_3&aff_sub4=ALGO_bucket&source=75077_test_dat_3 HTTP/1.1 Host: s.sloffer1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: aff_ran_url_3785=26412; enc_aff_session_3785=ENC03074cefd998f6ec2fc6927ed6484f52080fd3bb7bae6efe598063aa601f05565d0d4fef724b9850cedfc0717e728c69b4d368c8cb590fac1b49be775b40fa946407f94df881bc92aed6c4f25ae3415d5aba5a5ac7c492924a71d766fd3c53f22245e7bdaa5ea19c8535458839624927cb9c5a3e250150ba6d1876be5a34857b839a1f8c73f9bfa6a695fc553525305d47e70157f26cb1dfd6630611d8affe74ebec6ab9fa610bdadcbfb44591a98e2e185e23e95e9527358f4ae8ee6773c4f78901d2141f; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers HTTP/2 303 See Other server: nginx/1.19.0 date: Sat, 04 Feb 2023 10:36:28 GMT content-type: text/html; charset=utf-8 content-length: 392 location: https://tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_test_dat_3&sub3=102eeacde2771259349c49cc6270e3&bo=2753%2C2754%2C2755%2C2756 set-cookie: enc_aff_session_8373=ENC03d80d4ea959cf7bac6a8b600044333edb89106c174fa75d7b2b492307ac99da83a229b58b0805b87c908312eea484186909a6f0390c523a2698ef109a6ef56fc164a14d984a64bb6194ec9dcd823ce71b98b8c7e2221cc1a74d76deb38f1b6a43ecbea86abf86eee09d4fd7fc30da2c48a52261470e33a30dedd2db5cf5d0177930d8ad971a42ea6b2d4e0b80f1caa87a1bcf5c89c218d59e207ac0903f2faccc7c6c3a4184a3c394b8c0830817a293c34debeb992504b10dbe60f302875660382286d371c23164725b4e35b6330ed22e8c5cc3b29aef0ce2c0bf6bd45c7f66f31596a792; Path=/; Expires=Mon, 03 Feb 2025 10:36:28 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Mon, 29 Dec 2025 21:16:28 GMT; Secure tracking_id: 102eeacde2771259349c49cc6270e3 vary: Accept strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	ocsp.pki.goog/s/gts1p5/3HtowcmIRnI	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/3HtowcmIRnI IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 5d0bd74690290eebbeac3085c8e35690 cb152d5fde8ffa905a18654664568f92c13528b2 b7f8a581b9a32abcbe30091ef5d6aa2b99e333b57fdc60e24b2b3e1b06a8e362 HTTP Headers `POST /s/gts1p5/3HtowcmIRnI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Feb 2023 10:36:28 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_test_dat_3&sub3=102eeacde2771259349c49cc6270e3&bo=2753%2C2754%2C2755%2C2756	172.67.190.127	302 Found	0 B
URL HTTP/2 tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_test_dat_3&sub3=102eeacde2771259349c49cc6270e3&bo=2753%2C2754%2C2755%2C2756 IP 172.67.190.127:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /click?pid=781&offer_id=1085&sub1=170910&sub2=75077_test_dat_3&sub3=102eeacde2771259349c49cc6270e3&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 Host: tracking.t0r4.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found date: Sat, 04 Feb 2023 10:36:29 GMT content-length: 0 location: https://zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_test_dat_3&campaign=&sum=&clickid=63de352d0bbfd10001795061 x-adjust-use-original-forwarded-for: 1 set-cookie: afclick=63de352d0bbfd10001795061; expires=Sun, 04 Feb 2024 10:36:29 GMT; secure; SameSite=None afoffers={"1085":1675506989}; expires=Sun, 04 Feb 2024 10:36:29 GMT; secure; SameSite=None access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=036f5v0MrNZpjJUIX0ZyBHGM4I2K82KvAeDG3ifzvJDOv73XhZXOgx8iaTwYlCKOw%2FmWQo%2BOg8DcY1obaQtZWFXyOjZcm0xWzZu%2F3EHJy7%2BpsXKiIk9KhitWWWbfnLI7KXzsaA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7942c3f919c21c12-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/s/gts1p5/3HtowcmIRnI	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/3HtowcmIRnI IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 5d0bd74690290eebbeac3085c8e35690 cb152d5fde8ffa905a18654664568f92c13528b2 b7f8a581b9a32abcbe30091ef5d6aa2b99e333b57fdc60e24b2b3e1b06a8e362 HTTP Headers `POST /s/gts1p5/3HtowcmIRnI HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Feb 2023 10:36:29 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	push.services.mozilla.com/	35.166.71.249	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.166.71.249:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: zL/p9KjLP7o9Fis5fPRjew== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: T1Gp0onQAYiG5K4WeSSrcw8KFaE=`

	zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_test_dat_3&campaign=&sum=&clickid=63de352d0bbfd10001795061	18.184.38.55	302 Found	0 B
URL HTTP/2 zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_test_dat_3&campaign=&sum=&clickid=63de352d0bbfd10001795061 IP 18.184.38.55:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_test_dat_3&campaign=&sum=&clickid=63de352d0bbfd10001795061 HTTP/1.1 Host: zzotrack.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Sat, 04 Feb 2023 10:36:29 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=wor7bi23ia1iqqcmi5hevmoq&aff_sub3=170910 pragma: no-cache set-cookie: 381f1b1b-7ced-4eef-857b-418b4c176094-v4=H_C7O7B6CGTjhLOtEtusb5yFjQZyO6KywNYJQ-jsMus; Max-Age=86400; Expires=Sun, 05-Feb-2023 10:36:29 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=Ab6ZOQVDOBhwuxorF1Uej7cbruLoe219ds6yutn2gMzV9CVKCdYYcNgEguNrNgYMXPnRJVTipPdGztmgEtJR05vWwxwCjiod6bk41UpaaSYTmOSWMj30mxtN5nDCGAKpRXAS038SFcCBYIRCKvWdpA%3D%3D; Max-Age=31536000; Expires=Sun, 04-Feb-2024 10:36:29 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	143.204.42.88	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 143.204.42.88:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 9174ae5379c65605bc7bc94d2c34b2ba 75e764ef86b953ffc07ae24d1b7a8ede75e31558 221616f0bbafa97a0385ae68f07b7a79d8e1f3988f6ba9e2b3364c44a470ecda HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: 'max-age=158059' Date: Sat, 04 Feb 2023 10:36:29 GMT Etag: "63db4eaa-1d7" Server: ECS (dcb/7F16) X-Cache: Miss from cloudfront Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: tN9PkO7X7Get7gvzGwFQMDBfI81W7xAxv65RJsufeW74VGEBftWnoA==`

	www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=wor7bi23ia1iqqcmi5hevmoq&aff_sub3=170910	34.252.0.95	302 Found	403 B
URL HTTP/1.1 www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=wor7bi23ia1iqqcmi5hevmoq&aff_sub3=170910 IP 34.252.0.95:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text Size 403 B (403 bytes) Hash b5b6c120f2ce8d761aebc7b0b05cd390 97e4f22441ab1ec94df3a2f82e1c63e58c2cc1f5 fbf4eccd4e049a65667b838f7650cb2225d3fd2c13e9ffd566eb28b2b5552a03 HTTP Headers GET /aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=wor7bi23ia1iqqcmi5hevmoq&aff_sub3=170910 HTTP/1.1 Host: www.ntr4x.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/1.1 302 Found Server: nginx Date: Sat, 04 Feb 2023 10:36:29 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 403 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Sat, 26 Jul 1997 05:00:00 GMT Location: https://www.våtedrømmer.com/campaign?utm_campaign=6535&utm_term=102ab625010f117b274f77aed1d169&utm_source=170910&utm_content=wor7bi23ia1iqqcmi5hevmoq&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781 P3p: CP="NOI CUR OUR NOR INT" Pragma: no-cache Set-Cookie: enc_aff_session_1672=ENC0318b4c037dec711e088189467b392142d77a0870dc022195a519fed121d3a4eb4048f48af51a3c9d49da137700a8ad8a53892c9c1d8c36638548e1db3e52a618fb10d7bd6f5964e0af481833e5c0b4f58dc0dc424a075bc3737db323cb42cd5ffa4fe41ff16e974fc3732bb62aab714172171843fb3c84a25af9d8fc44dbe7f59de398bb471f64ece7633925870da15b9dd661d4709a3d623efb13aa71808680d7324dcf010e9e5d5a3bc104500bf4120835a5dfc8eebf8b1f295caf7b81ff620152e5786; expires=Sun, 05 Feb 2023 10:36:29 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Mon, 29 Dec 2025 21:16:29 GMT; path=/; SameSite=None; Secure Tracking_id: 102ab625010f117b274f77aed1d169 X-Robots-Tag: noindex, nofollow Access-Control-Allow-Origin: * X-Request-Id: 1943750279de19d4e5eb18db5df53ee2 Access-Control-Allow-Headers: Tune-SDK-Version

	ocsp.sca1b.amazontrust.com/	143.204.42.88	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 143.204.42.88:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash ae8546a5d31983ff3127bd5ad6dc1e14 07c697b8af3bdafa3043c0490c52685a9f426f9a b07b02b736c0bf608dc1a7106d816ca88b642aef62f9b280834e549f9232c639 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: 'max-age=158059' Date: Sat, 04 Feb 2023 10:36:29 GMT Server: ECS (dcb/7EEC) X-Cache: Miss from cloudfront Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: P8IGBSjibHpNTFk-tJeIbtMrkQUXNs9C0RWgjO7U7puYXmBzrNEFbA==`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302" Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15423 Expires: Sat, 04 Feb 2023 14:53:33 GMT Date: Sat, 04 Feb 2023 10:36:30 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302" Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15423 Expires: Sat, 04 Feb 2023 14:53:33 GMT Date: Sat, 04 Feb 2023 10:36:30 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302" Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15423 Expires: Sat, 04 Feb 2023 14:53:33 GMT Date: Sat, 04 Feb 2023 10:36:30 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302" Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15423 Expires: Sat, 04 Feb 2023 14:53:33 GMT Date: Sat, 04 Feb 2023 10:36:30 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11565 bytes) Hash e366b32074025aaf60bbae8bdb08d330 a52c2883bad98fa20333aa639a5dd3a5bf544c8e 9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11565 x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fboIrFGboAMFyyQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0 x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w== via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 21:48:04 GMT age: 46106 etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg	34.120.237.76	200 OK	6.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.7 kB (6718 bytes) Hash 45c6a062f8637e689819f505b019dc0e 61665688f1039c4fad848853a68e28d057718ad1 c9b14113eba535a2e1a6cbbf121a818ad0204fc6dd7b2ea9b592830ab927d6d1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6718 x-amzn-requestid: 662f889b-4c25-4dec-85d4-ea9dfa8b8974 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fyD7DE5boAMF_cA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dd8046-33ca99fc7b6eac8d5486d6c1;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: WvNs1hPPXHBJs5rTIBqH3DbqLLX6si9jHF46KrsuT9BFB2N2V3zeUA== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 22:06:20 GMT age: 45010 etag: "61665688f1039c4fad848853a68e28d057718ad1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg	34.120.237.76	200 OK	8.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.5 kB (8527 bytes) Hash 6661b7263315f5eb3cd2465f671e1fcd b7b5831c6b3ccc41d7a980b6088adc10ff8785f1 eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8527 x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fyEC3FyboAMFe0A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 22:10:33 GMT etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1" content-type: image/jpeg age: 44757 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg	34.120.237.76	200 OK	7.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.2 kB (7249 bytes) Hash d7afd5ce8fb9ec7b62e528bf97705e49 afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3 b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7249 x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fyD9GH5goAMF_ag= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 22:10:21 GMT age: 44769 etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg	34.120.237.76	200 OK	3.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.9 kB (3868 bytes) Hash 77e225775154732b55c206faa6fce355 126bdaa18d9a1650b5e3a4e883d89188e8bbf136 af7fb0e6cfe7082af183bd2ba5ef43ab3ef3f9e6df2761ed4534bd48aa078798 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3868 x-amzn-requestid: f130379c-2ea2-43d6-a1b0-e3afd4811bc3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fyEwLFYgIAMFzwg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dd819a-3d0199ab38a410ff7a78a675;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 21:50:18 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: QrCYar2bxFJ_7bBH-5oJ4qdaS58NXDwNJxLI7ILxrBkzvzGV95PSFw== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 22:30:36 GMT etag: "126bdaa18d9a1650b5e3a4e883d89188e8bbf136" content-type: image/jpeg age: 43554 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10253 bytes) Hash 392b61306c346508d3ac4a2f28218f9c d2de32b52e0d3f4fc6acaf687b3521294b01dc03 018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10253 x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fyD7GGv5IAMFu8A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 22:10:32 GMT age: 44758 etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	www.xn--vtedrmmer-52a7s.com/campaign?utm_campaign=6535&utm_term=102ab625010f117b274f77aed1d169&utm_source=170910&utm_content=wor7bi23ia1iqqcmi5hevmoq&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781	143.204.55.33	302 Found	0 B
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/campaign?utm_campaign=6535&utm_term=102ab625010f117b274f77aed1d169&utm_source=170910&utm_content=wor7bi23ia1iqqcmi5hevmoq&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781 IP 143.204.55.33:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /campaign?utm_campaign=6535&utm_term=102ab625010f117b274f77aed1d169&utm_source=170910&utm_content=wor7bi23ia1iqqcmi5hevmoq&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781 HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found content-type: text/html; charset=UTF-8 content-length: 0 cache-control: no-store, no-cache, must-revalidate, no-cache="set-cookie" date: Sat, 04 Feb 2023 10:36:30 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT location: /landingpage pragma: no-cache server: nginx/1.22.0 set-cookie: PHPSESSID=90evahrmh4eucb9m6acne1uhl3; path=/ AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32521334F883789A80A62052FDE19C0E53F7732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF;PATH=/ x-cache: Miss from cloudfront via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: GfCztbEquNv_GTI36SzXCi9xbAm76aXbpQhhNwRJ9yZxw4uvrVsrpg== X-Firefox-Spdy: h2

	www.xn--vtedrmmer-52a7s.com/landingpage	143.204.55.33	302 Found	0 B
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/landingpage IP 143.204.55.33:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /landingpage HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: PHPSESSID=90evahrmh4eucb9m6acne1uhl3; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32521334F883789A80A62052FDE19C0E53F7732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers `HTTP/2 302 Found content-type: text/html; charset=UTF-8 content-length: 0 cache-control: no-store, no-cache, must-revalidate date: Sat, 04 Feb 2023 10:36:30 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT location: /lp/lp2 pragma: no-cache server: nginx/1.22.0 x-cache: Miss from cloudfront via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: rqRhRN7rmLKk0Swwfr-Rf5d0J4vILXjzcxr_Bz_1IlF2d-Zd_BbeZQ== X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 7d482750bf7fdfcaa38c0efd583ef4dc a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d 5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Feb 2023 10:36:30 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E	142.250.74.40	200 OK	77 kB
URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E IP 142.250.74.40:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (19467) Size 77 kB (77089 bytes) Hash a8336e2614015e212587f9b5d6869bb1 06035afcc6c191992ccf888c84d2df19e01d4b97 3337497523ed1b67d6ae1fb230d418096c06046e2abde5c46e8fd4e1626de2c4 HTTP Headers `GET /gtag/js?id=G-NVWF78EY0E HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sat, 04 Feb 2023 10:36:31 GMT expires: Sat, 04 Feb 2023 10:36:31 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 77089 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 7d482750bf7fdfcaa38c0efd583ef4dc a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d 5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Feb 2023 10:36:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.sca1b.amazontrust.com/	143.204.42.88	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 143.204.42.88:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash e81e0b633d5908a1fda1df241fe67fe0 f87952502bf1dae5fb7376ecce31d051f7f39c07 ed3f26de7e26468fb7f8ff23b6aed7c8c71b94898fb068b233fc0eedfa283a61 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=91433 Date: Sat, 04 Feb 2023 10:36:31 GMT Etag: "63dcf758-1d7" Expires: Sun, 05 Feb 2023 12:00:24 GMT Last-Modified: Fri, 03 Feb 2023 12:00:24 GMT Server: nginx X-Cache: Miss from cloudfront Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: CpZxhTl9ESP5YifCYTuoYSJJNdo-5DnpImxFnkahmdVEMmPoUbT_cQ==`

	media.xn--vtedrmmer-52a7s.com/project/489/logo_dark.png?config=7826	54.230.111.43	200 OK	10 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project/489/logo_dark.png?config=7826 IP 54.230.111.43:0 ASN #16509 AMAZON-02 File type PNG image data, 320 x 71, 8-bit/color RGBA, non-interlaced\012- data Size 10 kB (10042 bytes) Hash dea19df8bf5758e2af9921e166e1420d 4f4610c28f3bad69e8b72d7f6379dcf61f50bd39 2cac0168f0a0c24154662208ee88cfe4213a26fe64c18211fcfcea31f6338b78 HTTP Headers `GET /project/489/logo_dark.png?config=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/png content-length: 10042 date: Wed, 01 Feb 2023 08:21:59 GMT last-modified: Fri, 13 Nov 2020 10:55:08 GMT etag: "dea19df8bf5758e2af9921e166e1420d" cache-control: max-age=3153600 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: MZLe7MsrNpEXexdPOCR0XqejDquaNak2UPuwozuiJAP2QyF3cic12Q== age: 267273 vary: Origin X-Firefox-Spdy: h2`

	ocsp.sca1b.amazontrust.com/	143.204.42.88	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 143.204.42.88:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash e81e0b633d5908a1fda1df241fe67fe0 f87952502bf1dae5fb7376ecce31d051f7f39c07 ed3f26de7e26468fb7f8ff23b6aed7c8c71b94898fb068b233fc0eedfa283a61 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: 'max-age=158059' Date: Sat, 04 Feb 2023 10:36:31 GMT Server: ECS (dcb/7FA7) X-Cache: Miss from cloudfront Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: pupTPiZURhpybHBoCtFdM6eD9_TkMdaIxX8qMMfwGh24d2VvhHGb0A==`

	media.xn--vtedrmmer-52a7s.com/css/landingpage/matchm/style.css?version=7826	54.230.111.43	200 OK	84 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/css/landingpage/matchm/style.css?version=7826 IP 54.230.111.43:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (50442) Size 84 kB (83844 bytes) Hash 88fc9f004fb667d33f56de0d9e011e49 fbcbbf3c4437b699b26a27ee7059db7fec6cb8bb 2e091e8c984974a9ec9deee6081500857519d245f60d16faa4b15504e6701cb8 HTTP Headers `GET /css/landingpage/matchm/style.css?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` HTTP/2 200 OK content-type: text/css content-length: 83844 date: Wed, 01 Feb 2023 08:21:59 GMT last-modified: Mon, 21 Nov 2022 10:58:28 GMT etag: "88fc9f004fb667d33f56de0d9e011e49" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: KVUk5eCi8w3Or8WCEMPwrnSZ58AlMEmbmHKPIN3LlUn1wrQrsBsDYg== age: 267273 vary: Origin X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	143.204.42.88	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 143.204.42.88:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash e81e0b633d5908a1fda1df241fe67fe0 f87952502bf1dae5fb7376ecce31d051f7f39c07 ed3f26de7e26468fb7f8ff23b6aed7c8c71b94898fb068b233fc0eedfa283a61 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: 'max-age=158059' Date: Sat, 04 Feb 2023 10:36:31 GMT Server: ECS (dcb/7F81) X-Cache: Miss from cloudfront Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: oe1SbtXnaDJhomNWUab7KFD2i3TQwxpEJvtHSzB_Ze63DMtJTA7p3w==`

	media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826	54.230.111.43	200 OK	84 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826 IP 54.230.111.43:0 ASN #16509 AMAZON-02 File type Unicode text, UTF-8 text, with very long lines (65426) Size 84 kB (83821 bytes) Hash ce3ccb44a305193a7ab00bfdb69b4e23 c33ded560d8928ee37892bcab8398fac77e2ed07 7f2f658ecf4bd097d730ab77a8513fb1b8b6ca6032b919d6abb0e3be6be210c9 HTTP Headers `GET /js/landingpage/script.js?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` HTTP/2 200 OK content-type: text/javascript content-length: 83821 date: Wed, 01 Feb 2023 08:21:59 GMT last-modified: Mon, 15 Aug 2022 09:38:18 GMT etag: "ce3ccb44a305193a7ab00bfdb69b4e23" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: tTikiLfXhZWf3txGZmi02isQwXfbMqQqsAK97JYZsSmdXAIMzcPktg== age: 267273 vary: Origin X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/images/landingpage/lp2/LP2_adult.jpg?version=7826	54.230.111.43	200 OK	48 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/images/landingpage/lp2/LP2_adult.jpg?version=7826 IP 54.230.111.43:0 ASN #16509 AMAZON-02 File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 790x594, components 3\012- data Size 48 kB (48325 bytes) Hash a44c25dedd43edb73532247e0fb53dff 9c2d5134a8dbe684174cc7963966c0269f893c2a a21353bd80fba56b015461cd9dc88ac2edc3e41552412fe7943477f487536032 HTTP Headers `GET /images/landingpage/lp2/LP2_adult.jpg?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/jpeg content-length: 48325 date: Wed, 01 Feb 2023 14:06:08 GMT last-modified: Wed, 29 Apr 2020 08:37:02 GMT etag: "a44c25dedd43edb73532247e0fb53dff" cache-control: max-age=3153600 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 2OUIxZYuM47Iw7DkJRq4UXfDY3oYfwarLT3bE2ExzOYAIZLOqugzUA== age: 246624 vary: Origin X-Firefox-Spdy: h2`

	media.xn--vtedrmmer-52a7s.com/images/niche/adult/reg_gender_male.jpg?version=7826	54.230.111.43	200 OK	23 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/images/niche/adult/reg_gender_male.jpg?version=7826 IP 54.230.111.43:0 ASN #16509 AMAZON-02 File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 380x405, components 3\012- data Size 23 kB (22808 bytes) Hash 9fdb43ee4f4ff25db06ba41ef6496561 ff361b7424649b76708203f53d7fc47517fd7139 d6f41e5d0991e565d290e45bea26d979a0a96f2c18ab2e61695c5db33a5d51a4 HTTP Headers `GET /images/niche/adult/reg_gender_male.jpg?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/jpeg content-length: 22808 last-modified: Fri, 17 Apr 2020 10:14:38 GMT accept-ranges: bytes server: AmazonS3 date: Sat, 04 Feb 2023 02:23:14 GMT etag: "9fdb43ee4f4ff25db06ba41ef6496561" x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: WHyQi-vH-qxQFAs21sGqrlKK4fms2Y0-4covolEvzVU55l96lIYXyA== age: 29598 vary: Origin X-Firefox-Spdy: h2`

	media.xn--vtedrmmer-52a7s.com/images/niche/adult/reg_gender_female.jpg?version=7826	54.230.111.43	200 OK	21 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/images/niche/adult/reg_gender_female.jpg?version=7826 IP 54.230.111.43:0 ASN #16509 AMAZON-02 File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 380x405, components 3\012- data Size 21 kB (20723 bytes) Hash 17f81e45188df50b9edb9d05a0839f53 9ba3613b7a7d33c899b0c4f3c6570520996dd6e5 04659fbd63d9bddb6400d664d70223e15f463b529a09c8183b35c45b184fb04f HTTP Headers `GET /images/niche/adult/reg_gender_female.jpg?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/jpeg content-length: 20723 last-modified: Fri, 17 Apr 2020 10:14:38 GMT accept-ranges: bytes server: AmazonS3 date: Sat, 04 Feb 2023 02:23:14 GMT etag: "17f81e45188df50b9edb9d05a0839f53" x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: m9zr-CVUnlPFHl7yAxLM7FW01hirX1wuEvbdPnez5yyfdZ3Yc6bYVw== age: 29598 vary: Origin X-Firefox-Spdy: h2`

	media.xn--vtedrmmer-52a7s.com/project/489/favicon.ico?config=7826	54.230.111.43	200 OK	4.3 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project/489/favicon.ico?config=7826 IP 54.230.111.43:0 ASN #16509 AMAZON-02 File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size 4.3 kB (4286 bytes) Hash 56283d52626ba639ee4fc7c0a6c84324 b150126aede65c06da7573ac4488ff0043da0431 9b5bd7e7398519bf0f9dd7e52e05194f2f2d64fc549265400484d98e4b6f4281 HTTP Headers `GET /project/489/favicon.ico?config=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/x-icon content-length: 4286 date: Wed, 01 Feb 2023 08:23:50 GMT last-modified: Fri, 13 Nov 2020 10:55:42 GMT etag: "56283d52626ba639ee4fc7c0a6c84324" cache-control: max-age=3153600 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: S2ksKOHBMzaWAuCyPnmwgqAFJxLUR7JSSRr4ZTabwz-yHanEA433Kg== age: 267162 vary: Origin X-Firefox-Spdy: h2`

	media.xn--vtedrmmer-52a7s.com/css/project/matchm/style.css?version=7826	54.230.111.43	200 OK	98 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/css/project/matchm/style.css?version=7826 IP 54.230.111.43:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (53333) Size 98 kB (97544 bytes) Hash 064699c25e405c0e166d7662c3561761 27fb9b6c67c5a1c09276a71047ab2fbab7ce69d7 1eaa6a6a7e75e343e5fe9f779b7f6502b3b72e5f799bcb01c26f5c5c19a1b52a HTTP Headers `GET /css/project/matchm/style.css?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK content-type: text/css content-length: 97544 date: Wed, 01 Feb 2023 08:23:48 GMT last-modified: Mon, 21 Nov 2022 10:58:32 GMT etag: "064699c25e405c0e166d7662c3561761" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: nz6n7EIfdyo29SlJlhgs6XJiXY8I8uLw9308iALnj0QKQyctBEnm6Q== age: 267164 vary: Origin X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826	54.230.111.43	200 OK	757 B
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826 IP 54.230.111.43:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (1532), with no line terminators Size 757 B (757 bytes) Hash 69b7363b2a1c3b6ca1d79b403e0c6c1c d369fce98ab7c8750527c5c2f64130dda8729dbf e6e40f36330091e93b7e5a1661e132f5624d5622ddd56c8941f4027101c36067 HTTP Headers `GET /js/manifest/script.js?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK content-type: text/javascript content-length: 757 date: Wed, 01 Feb 2023 08:23:48 GMT last-modified: Thu, 08 Oct 2020 13:26:42 GMT etag: "69b7363b2a1c3b6ca1d79b403e0c6c1c" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: fRNyOU1cIa3khJAf9yAU99mOhnTHCPwjTwQjJ6oHPyWid59g2A2vkQ== age: 267164 vary: Origin X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826	54.230.111.43	200 OK	236 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826 IP 54.230.111.43:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65433) Size 236 kB (236255 bytes) Hash f5ef8833e788ec24ffaac4864a1a9fb6 c4fbc75d56f0269014baf42d5de92ce35f9371f9 9947197e08fb77b400bb6e3294799a442828cb004532c9b7d9872bda9ab16cea HTTP Headers `GET /js/vendor/script.js?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK content-type: text/javascript content-length: 236255 date: Wed, 01 Feb 2023 08:23:48 GMT last-modified: Mon, 15 Aug 2022 09:38:09 GMT etag: "f5ef8833e788ec24ffaac4864a1a9fb6" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: EMrNHtOZCCrgAewpcCODyEBoj_voGv6aBSDgf267-SfNA2-FMYZfYA== age: 267164 vary: Origin X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826	54.230.111.43	200 OK	37 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826 IP 54.230.111.43:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65435) Size 37 kB (36974 bytes) Hash f1e681a0bb4eb99a76e4fc67ca697e89 c0be4bbc6827461c7b7b4cbf059b160e914fd65a 67e1168eb449f8e436786e6234a78121c4cd500e8b7e445bff775d731a16eeb9 HTTP Headers `GET /js/main/script.js?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK content-type: text/javascript content-length: 36974 date: Wed, 01 Feb 2023 08:23:48 GMT last-modified: Mon, 15 Aug 2022 09:38:12 GMT etag: "f1e681a0bb4eb99a76e4fc67ca697e89" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: O3hGM7M1uZzNjLYaf04aN6J6d3JsgYHLBVKNlFabRy4kVE9cxHz7hA== age: 267164 vary: Origin X-Firefox-Spdy: h2

	region1.google-analytics.com/g/collect?v=2&tid=G-NVWF78EY0E&gtm=45je3210&_p=1157775779&cid=961491449.1675507027&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675507026&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp2&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1	216.239.32.36	204 No Content	0 B
URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-NVWF78EY0E&gtm=45je3210&_p=1157775779&cid=961491449.1675507027&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675507026&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp2&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP 216.239.32.36:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-NVWF78EY0E&gtm=45je3210&_p=1157775779&cid=961491449.1675507027&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675507026&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp2&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.xn--vtedrmmer-52a7s.com Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://www.xn--vtedrmmer-52a7s.com date: Sat, 04 Feb 2023 10:36:32 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg	34.120.237.76	200 OK	5.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.9 kB (5917 bytes) Hash 75b9c67fbf2d207afec78eb14b95d7ec c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8 42ddfef2fc1e0200a1ff3d615fd6da42fd8bdea4551344580c13af07092d401f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx content-length: 5917 x-amzn-requestid: 095185b4-b608-4ac8-9041-6e5fcf9033d9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fyEW_EA4IAMFxVw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dd80f9-1d780a2a58fcc30613bdfdab;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:37 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: -4TwLeMENj7WdI_QQWKgwxTj9MldN5z7qmo7_OX_eXIVba9zjDEoaA== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 22:17:42 GMT age: 44335 etag: "c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	www.xn--vtedrmmer-52a7s.com/lp/lp2	143.204.55.33	200 OK	0 B
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 143.204.55.33:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /lp/lp2 HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: PHPSESSID=90evahrmh4eucb9m6acne1uhl3; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32521334F883789A80A62052FDE19C0E53F7732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers `HTTP/2 200 OK content-type: text/html; charset=UTF-8 cache-control: no-store, no-cache, must-revalidate date: Sat, 04 Feb 2023 10:36:30 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT pragma: no-cache server: nginx/1.22.0 x-cache: Miss from cloudfront via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: vZoQZMQnGgmW18Et3q5wglfJGtC9e_46o7W2MGcD9JmgP9z1OuWOHA== X-Firefox-Spdy: h2`

	www.xn--vtedrmmer-52a7s.com/lp/blank.html	143.204.55.33	404 Not Found	0 B
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/blank.html IP 143.204.55.33:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /lp/blank.html HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/lp/lp2 Cookie: PHPSESSID=90evahrmh4eucb9m6acne1uhl3; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32521334F883789A80A62052FDE19C0E53F7732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 404 Not Found content-type: text/html; charset=UTF-8 cache-control: no-store, no-cache, must-revalidate date: Sat, 04 Feb 2023 10:36:31 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT pragma: no-cache server: nginx/1.22.0 x-cache: Error from cloudfront via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: cCXgsqHub_oH4B1w3Z4BhD9ZE-_yTFcayqnvEUBQQmVZyrw9ir4SfQ== X-Firefox-Spdy: h2`

	www.xn--vtedrmmer-52a7s.com/lp/blank.html?HistoryLoad	143.204.55.33	404 Not Found	0 B
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/blank.html?HistoryLoad IP 143.204.55.33:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /lp/blank.html?HistoryLoad HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/lp/lp2 Cookie: PHPSESSID=90evahrmh4eucb9m6acne1uhl3; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32521334F883789A80A62052FDE19C0E53F7732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF; cookies_marketing=1; cookies_analytic=1; _ga_NVWF78EY0E=GS1.1.1675507026.1.1.1675507026.0.0.0; _ga=GA1.1.961491449.1675507027 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 404 Not Found content-type: text/html; charset=UTF-8 cache-control: no-store, no-cache, must-revalidate date: Sat, 04 Feb 2023 10:36:32 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT pragma: no-cache server: nginx/1.22.0 x-cache: Error from cloudfront via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: v3LLFVXe62f_dbG8kb2AubBDw2TfdWJoNaenKgyGKa1-Nz_Y978VLw== X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL