a.vfgtg.com/bb7e836a-79d2-4d6a-adaf-2b9ae2547988?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&Target=Email&affsource=test_dat_3&bo=2753,2754,2755,2756
18.192.108.151302 0 B URL HTTP/1.1 a.vfgtg.com/bb7e836a-79d2-4d6a-adaf-2b9ae2547988?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&Target=Email&affsource=test_dat_3&bo=2753,2754,2755,2756
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bb7e836a-79d2-4d6a-adaf-2b9ae2547988?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&Target=Email&affsource=test_dat_3&bo=2753,2754,2755,2756 HTTP/1.1
Host: a.vfgtg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Sat, 04 Feb 2023 10:36:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&target=&Site=&Bnr=ALGO&cid=ws57s82dmj35rqcmio0lcm0i&affsource=test_dat_3&source=55609_test_dat_3
Pragma: no-cache
Set-Cookie: bb7e836a-79d2-4d6a-adaf-2b9ae2547988-v4=yVn0Z6zfeGGPlHXQ1aaVfK4UfWNMYWjeW0gvMiJmSK8; Max-Age=86400; Expires=Sun, 05-Feb-2023 10:36:27 GMT; Domain=a.vfgtg.com; Path=/; HttpOnly
cc-v4=fdWB2OWjs8Bw9qi96SxRQF5%2F1x%2FiqB4a1Asbq9H5GRzNyb6gOISMCvyV8KY%2BlCnUIq79%2BbL7uqt2KkT71Tlow6KX9C%2BZuIda1HEFvz736Wd%2FJIRIBYWMT9RP8QB6B5OtYq%2BdzWKm%2BmVmXJH31mR1gw%3D%3D; Max-Age=31536000; Expires=Sun, 04-Feb-2024 10:36:27 GMT; Domain=a.vfgtg.com; Path=/; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13697
Expires: Sat, 04 Feb 2023 14:24:45 GMT
Date: Sat, 04 Feb 2023 10:36:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14200
Expires: Sat, 04 Feb 2023 14:33:08 GMT
Date: Sat, 04 Feb 2023 10:36:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 09:43:37 GMT
content-type: application/json
age: 3171
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12568
Expires: Sat, 04 Feb 2023 14:05:56 GMT
Date: Sat, 04 Feb 2023 10:36:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +ZXZ8UkSozkefTGNqxdB3etScbKZmKcBBCUrjOL79oVKQCaMIOQ8oRkQepZ0rykD3El38rXQfiA=
x-amz-request-id: 6P1HVP5MBTBTCT41
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 09:52:47 GMT
age: 2621
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&target=&Site=&Bnr=ALGO&cid=ws57s82dmj35rqcmio0lcm0i&affsource=test_dat_3&source=55609_test_dat_3
18.192.108.151302 Found 0 B URL HTTP/2 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&target=&Site=&Bnr=ALGO&cid=ws57s82dmj35rqcmio0lcm0i&affsource=test_dat_3&source=55609_test_dat_3
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=test_dat_3&affiliateID=75077&source=10288a745288d8801aa72dff3a1184&subID2=55609&target=&Site=&Bnr=ALGO&cid=ws57s82dmj35rqcmio0lcm0i&affsource=test_dat_3&source=55609_test_dat_3 HTTP/1.1
Host: a.vfgtc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 10:36:28 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=test_dat_3&aff_sub2=55609&aff_sub3=wuip6bub2pe2vqcmig3n9r04&aff_click_id=10288a745288d8801aa72dff3a1184&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_test_dat_3
pragma: no-cache
set-cookie: cb5cb9a8-26a4-42ae-946b-aae4b3e52909-v4=fshnMJ_Pr9sDF2ioDFwNdcKhb5KgUOZ1nFhsPEDVuoI; Max-Age=86400; Expires=Sun, 05-Feb-2023 10:36:28 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=DUaAEup8E%2FxdsuYmCKV1%2FMZY4nWpnCGLu%2FAbmM1UZ3DzWeSB0KE1%2B6vmFGh%2F%2FTn97B6waDfmsCjEUC9htMGyTDThwwV%2Bnv5mz5%2F4ExvppxM%2F6CK9dWV9ylWrXTgY2p6O4q07mHcsw%2BH2p5qsEg0UYQ%3D%3D; Max-Age=31536000; Expires=Sun, 04-Feb-2024 10:36:28 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 10:36:28 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 41bb8ccd648809a344d0ca2fad720965
688046763e4a551675154df85302b591c6de3895
dffbd6064d5a7772a3c09d4ebcbbc52fe62d02ca5889bad2dab4302d23a63e72
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFFBD6064D5A7772A3C09D4EBCBBC52FE62D02CA5889BAD2DAB4302D23A63E72"
Last-Modified: Fri, 03 Feb 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14003
Expires: Sat, 04 Feb 2023 14:29:51 GMT
Date: Sat, 04 Feb 2023 10:36:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 10:07:19 GMT
age: 1749
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=test_dat_3&aff_sub2=55609&aff_sub3=wuip6bub2pe2vqcmig3n9r04&aff_click_id=10288a745288d8801aa72dff3a1184&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_test_dat_3
52.1.220.62303 See Other 1.0 kB URL HTTP/2 s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=test_dat_3&aff_sub2=55609&aff_sub3=wuip6bub2pe2vqcmig3n9r04&aff_click_id=10288a745288d8801aa72dff3a1184&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_test_dat_3
IP 52.1.220.62:0
File type HTML document, ASCII text, with very long lines (1000), with no line terminators
Hash 852c640525e51f768f80faa227cdfb0f
7058d0aeec476e4ff11bfbcdeb09b12c30c8313e
76f4889d67444bfa21e5dc4e150aaa0a92c14dc2812470eecd8c6904572fc950
GET /75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=test_dat_3&aff_sub2=55609&aff_sub3=wuip6bub2pe2vqcmig3n9r04&aff_click_id=10288a745288d8801aa72dff3a1184&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_test_dat_3 HTTP/1.1
Host: s.sloffer1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 303 See Other
server: nginx/1.19.0
date: Sat, 04 Feb 2023 10:36:28 GMT
content-type: text/html; charset=utf-8
content-length: 1000
location: https://a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_dat_3%3B55609_test_dat_3&affiliateID=44542&source=10203881a758b5b964ae687d115643&subID2=75077&s2=10203881a758b5b964ae687d115643&s3=test_dat_3%3B55609_test_dat_3&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=test_dat_3&affsource=test_dat_3&aff_click_id=10203881a758b5b964ae687d115643&affsource=55609_test_dat_3&bo=2753%2C2754%2C2755%2C2756
set-cookie: aff_ran_url_3785=26412; Path=/; Expires=Sun, 05 Feb 2023 10:36:28 GMT; Secure
enc_aff_session_3785=ENC03074cefd998f6ec2fc6927ed6484f52080fd3bb7bae6efe598063aa601f05565d0d4fef724b9850cedfc0717e728c69b4d368c8cb590fac1b49be775b40fa946407f94df881bc92aed6c4f25ae3415d5aba5a5ac7c492924a71d766fd3c53f22245e7bdaa5ea19c8535458839624927cb9c5a3e250150ba6d1876be5a34857b839a1f8c73f9bfa6a695fc553525305d47e70157f26cb1dfd6630611d8affe74ebec6ab9fa610bdadcbfb44591a98e2e185e23e95e9527358f4ae8ee6773c4f78901d2141f; Path=/; Expires=Mon, 03 Feb 2025 10:36:28 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Mon, 29 Dec 2025 21:16:28 GMT; Secure
tracking_id: 10203881a758b5b964ae687d115643
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_dat_3%3B55609_test_dat_3&affiliateID=44542&source=10203881a758b5b964ae687d115643&subID2=75077&s2=10203881a758b5b964ae687d115643&s3=test_dat_3%3B55609_test_dat_3&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=test_dat_3&affsource=test_dat_3&aff_click_id=10203881a758b5b964ae687d115643&affsource=55609_test_dat_3&bo=2753%2C2754%2C2755%2C2756
18.192.108.151302 Found 0 B URL HTTP/2 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_dat_3%3B55609_test_dat_3&affiliateID=44542&source=10203881a758b5b964ae687d115643&subID2=75077&s2=10203881a758b5b964ae687d115643&s3=test_dat_3%3B55609_test_dat_3&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=test_dat_3&affsource=test_dat_3&aff_click_id=10203881a758b5b964ae687d115643&affsource=55609_test_dat_3&bo=2753%2C2754%2C2755%2C2756
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_dat_3%3B55609_test_dat_3&affiliateID=44542&source=10203881a758b5b964ae687d115643&subID2=75077&s2=10203881a758b5b964ae687d115643&s3=test_dat_3%3B55609_test_dat_3&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=test_dat_3&affsource=test_dat_3&aff_click_id=10203881a758b5b964ae687d115643&affsource=55609_test_dat_3&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: a.vfgtf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 10:36:28 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_dat_3%3B55609_test_dat_3&affiliateID=170910&source=10203881a758b5b964ae687d115643&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=w3l0buvj5qt44qcmipe2dp6c&affsource=test_dat_3&source=75077_test_dat_3
pragma: no-cache
set-cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=6Aufmbj9o6kmDqmN5ne0T8v7Wd9ggxnhVXy1kg3s2jk; Max-Age=86400; Expires=Sun, 05-Feb-2023 10:36:28 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=LkqA8y0NJgX079AhBPneCAzueQkiQ7wTyuKdELrWA7fXuewIaOnl%2BrKoEX0FqfxAinm5qcm8UsYhK0ifOMiPWujlMaCQUAMMcOKIAIIIA4vaSMxtyonYX9NvMSDCD6EqYdpkR%2BjTevpuvJed%2FMwKSQ%3D%3D; Max-Age=31536000; Expires=Sun, 04-Feb-2024 10:36:28 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_dat_3%3B55609_test_dat_3&affiliateID=170910&source=10203881a758b5b964ae687d115643&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=w3l0buvj5qt44qcmipe2dp6c&affsource=test_dat_3&source=75077_test_dat_3
18.192.108.151302 Found 0 B URL HTTP/2 a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_dat_3%3B55609_test_dat_3&affiliateID=170910&source=10203881a758b5b964ae687d115643&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=w3l0buvj5qt44qcmipe2dp6c&affsource=test_dat_3&source=75077_test_dat_3
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_dat_3%3B55609_test_dat_3&affiliateID=170910&source=10203881a758b5b964ae687d115643&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=w3l0buvj5qt44qcmipe2dp6c&affsource=test_dat_3&source=75077_test_dat_3 HTTP/1.1
Host: a.vfgtc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: cb5cb9a8-26a4-42ae-946b-aae4b3e52909-v4=fshnMJ_Pr9sDF2ioDFwNdcKhb5KgUOZ1nFhsPEDVuoI; cc-v4=DUaAEup8E%2FxdsuYmCKV1%2FMZY4nWpnCGLu%2FAbmM1UZ3DzWeSB0KE1%2B6vmFGh%2F%2FTn97B6waDfmsCjEUC9htMGyTDThwwV%2Bnv5mz5%2F4ExvppxM%2F6CK9dWV9ylWrXTgY2p6O4q07mHcsw%2BH2p5qsEg0UYQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 10:36:28 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=test_dat_3%3B55609_test_dat_3&aff_sub2=75077&aff_sub3=wor7bi23ia1iqqcmim3hk0di&aff_click_id=10203881a758b5b964ae687d115643&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_test_dat_3&aff_sub4=ALGO_bucket&source=75077_test_dat_3
pragma: no-cache
set-cookie: 2d2fb929-79a5-4a1c-840d-3f370da182b6-v4=Hjf1ROeYEZuakH1RmSYRof6KQQ9riygOopMkQPI68KY; Max-Age=86400; Expires=Sun, 05-Feb-2023 10:36:28 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=CcK5BSrZb%2BZb6YuzAARjCNLyIdzeErllTPu7kXxicaMi5kZRCCJAU6n75oRhd%2F8o8gf7PMovW8SNY0gYa9vllLOVhFwPAcu2AMVYfihi5eo9mcdC1baemGiAKSkNhDAkJxXaaUlH%2FCGyuz58KxykYw%3D%3D; Max-Age=31536000; Expires=Sun, 04-Feb-2024 10:36:28 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2378
Expires: Sat, 04 Feb 2023 11:16:06 GMT
Date: Sat, 04 Feb 2023 10:36:28 GMT
Connection: keep-alive
s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=test_dat_3%3B55609_test_dat_3&aff_sub2=75077&aff_sub3=wor7bi23ia1iqqcmim3hk0di&aff_click_id=10203881a758b5b964ae687d115643&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_test_dat_3&aff_sub4=ALGO_bucket&source=75077_test_dat_3
52.1.220.62303 See Other 392 B URL HTTP/2 s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=test_dat_3%3B55609_test_dat_3&aff_sub2=75077&aff_sub3=wor7bi23ia1iqqcmim3hk0di&aff_click_id=10203881a758b5b964ae687d115643&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_test_dat_3&aff_sub4=ALGO_bucket&source=75077_test_dat_3
IP 52.1.220.62:0
File type HTML document, ASCII text, with very long lines (392), with no line terminators
Hash 3f607043672930eefc7d40daca2269aa
92a1fd11e14a798f6fd73fb88914557a5a820218
49d82668c5d9694e4e1decb560a252188cb386f17f74fca5e60afc215f401824
GET /170910/8373/0/?aff_sub4=_bucket&aff_sub=test_dat_3%3B55609_test_dat_3&aff_sub2=75077&aff_sub3=wor7bi23ia1iqqcmim3hk0di&aff_click_id=10203881a758b5b964ae687d115643&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_test_dat_3&aff_sub4=ALGO_bucket&source=75077_test_dat_3 HTTP/1.1
Host: s.sloffer1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: aff_ran_url_3785=26412; enc_aff_session_3785=ENC03074cefd998f6ec2fc6927ed6484f52080fd3bb7bae6efe598063aa601f05565d0d4fef724b9850cedfc0717e728c69b4d368c8cb590fac1b49be775b40fa946407f94df881bc92aed6c4f25ae3415d5aba5a5ac7c492924a71d766fd3c53f22245e7bdaa5ea19c8535458839624927cb9c5a3e250150ba6d1876be5a34857b839a1f8c73f9bfa6a695fc553525305d47e70157f26cb1dfd6630611d8affe74ebec6ab9fa610bdadcbfb44591a98e2e185e23e95e9527358f4ae8ee6773c4f78901d2141f; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 303 See Other
server: nginx/1.19.0
date: Sat, 04 Feb 2023 10:36:28 GMT
content-type: text/html; charset=utf-8
content-length: 392
location: https://tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_test_dat_3&sub3=102eeacde2771259349c49cc6270e3&bo=2753%2C2754%2C2755%2C2756
set-cookie: enc_aff_session_8373=ENC03d80d4ea959cf7bac6a8b600044333edb89106c174fa75d7b2b492307ac99da83a229b58b0805b87c908312eea484186909a6f0390c523a2698ef109a6ef56fc164a14d984a64bb6194ec9dcd823ce71b98b8c7e2221cc1a74d76deb38f1b6a43ecbea86abf86eee09d4fd7fc30da2c48a52261470e33a30dedd2db5cf5d0177930d8ad971a42ea6b2d4e0b80f1caa87a1bcf5c89c218d59e207ac0903f2faccc7c6c3a4184a3c394b8c0830817a293c34debeb992504b10dbe60f302875660382286d371c23164725b4e35b6330ed22e8c5cc3b29aef0ce2c0bf6bd45c7f66f31596a792; Path=/; Expires=Mon, 03 Feb 2025 10:36:28 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Mon, 29 Dec 2025 21:16:28 GMT; Secure
tracking_id: 102eeacde2771259349c49cc6270e3
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/3HtowcmIRnI
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/3HtowcmIRnI
IP 216.58.211.3:0
Hash 5d0bd74690290eebbeac3085c8e35690
cb152d5fde8ffa905a18654664568f92c13528b2
b7f8a581b9a32abcbe30091ef5d6aa2b99e333b57fdc60e24b2b3e1b06a8e362
POST /s/gts1p5/3HtowcmIRnI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:36:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_test_dat_3&sub3=102eeacde2771259349c49cc6270e3&bo=2753%2C2754%2C2755%2C2756
172.67.190.127302 Found 0 B URL HTTP/2 tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_test_dat_3&sub3=102eeacde2771259349c49cc6270e3&bo=2753%2C2754%2C2755%2C2756
IP 172.67.190.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=781&offer_id=1085&sub1=170910&sub2=75077_test_dat_3&sub3=102eeacde2771259349c49cc6270e3&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: tracking.t0r4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 04 Feb 2023 10:36:29 GMT
content-length: 0
location: https://zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_test_dat_3&campaign=&sum=&clickid=63de352d0bbfd10001795061
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63de352d0bbfd10001795061; expires=Sun, 04 Feb 2024 10:36:29 GMT; secure; SameSite=None
afoffers={"1085":1675506989}; expires=Sun, 04 Feb 2024 10:36:29 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=036f5v0MrNZpjJUIX0ZyBHGM4I2K82KvAeDG3ifzvJDOv73XhZXOgx8iaTwYlCKOw%2FmWQo%2BOg8DcY1obaQtZWFXyOjZcm0xWzZu%2F3EHJy7%2BpsXKiIk9KhitWWWbfnLI7KXzsaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942c3f919c21c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/3HtowcmIRnI
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/3HtowcmIRnI
IP 216.58.211.3:0
Hash 5d0bd74690290eebbeac3085c8e35690
cb152d5fde8ffa905a18654664568f92c13528b2
b7f8a581b9a32abcbe30091ef5d6aa2b99e333b57fdc60e24b2b3e1b06a8e362
POST /s/gts1p5/3HtowcmIRnI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:36:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.166.71.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.71.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zL/p9KjLP7o9Fis5fPRjew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: T1Gp0onQAYiG5K4WeSSrcw8KFaE=
zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_test_dat_3&campaign=&sum=&clickid=63de352d0bbfd10001795061
18.184.38.55302 Found 0 B URL HTTP/2 zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_test_dat_3&campaign=&sum=&clickid=63de352d0bbfd10001795061
IP 18.184.38.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_test_dat_3&campaign=&sum=&clickid=63de352d0bbfd10001795061 HTTP/1.1
Host: zzotrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 10:36:29 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=wor7bi23ia1iqqcmi5hevmoq&aff_sub3=170910
pragma: no-cache
set-cookie: 381f1b1b-7ced-4eef-857b-418b4c176094-v4=H_C7O7B6CGTjhLOtEtusb5yFjQZyO6KywNYJQ-jsMus; Max-Age=86400; Expires=Sun, 05-Feb-2023 10:36:29 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=Ab6ZOQVDOBhwuxorF1Uej7cbruLoe219ds6yutn2gMzV9CVKCdYYcNgEguNrNgYMXPnRJVTipPdGztmgEtJR05vWwxwCjiod6bk41UpaaSYTmOSWMj30mxtN5nDCGAKpRXAS038SFcCBYIRCKvWdpA%3D%3D; Max-Age=31536000; Expires=Sun, 04-Feb-2024 10:36:29 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9174ae5379c65605bc7bc94d2c34b2ba
75e764ef86b953ffc07ae24d1b7a8ede75e31558
221616f0bbafa97a0385ae68f07b7a79d8e1f3988f6ba9e2b3364c44a470ecda
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 10:36:29 GMT
Etag: "63db4eaa-1d7"
Server: ECS (dcb/7F16)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tN9PkO7X7Get7gvzGwFQMDBfI81W7xAxv65RJsufeW74VGEBftWnoA==
www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=wor7bi23ia1iqqcmi5hevmoq&aff_sub3=170910
34.252.0.95302 Found 403 B URL HTTP/1.1 www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=wor7bi23ia1iqqcmi5hevmoq&aff_sub3=170910
IP 34.252.0.95:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash b5b6c120f2ce8d761aebc7b0b05cd390
97e4f22441ab1ec94df3a2f82e1c63e58c2cc1f5
fbf4eccd4e049a65667b838f7650cb2225d3fd2c13e9ffd566eb28b2b5552a03
GET /aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=wor7bi23ia1iqqcmi5hevmoq&aff_sub3=170910 HTTP/1.1
Host: www.ntr4x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 Feb 2023 10:36:29 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 403
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.våtedrømmer.com/campaign?utm_campaign=6535&utm_term=102ab625010f117b274f77aed1d169&utm_source=170910&utm_content=wor7bi23ia1iqqcmi5hevmoq&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_1672=ENC0318b4c037dec711e088189467b392142d77a0870dc022195a519fed121d3a4eb4048f48af51a3c9d49da137700a8ad8a53892c9c1d8c36638548e1db3e52a618fb10d7bd6f5964e0af481833e5c0b4f58dc0dc424a075bc3737db323cb42cd5ffa4fe41ff16e974fc3732bb62aab714172171843fb3c84a25af9d8fc44dbe7f59de398bb471f64ece7633925870da15b9dd661d4709a3d623efb13aa71808680d7324dcf010e9e5d5a3bc104500bf4120835a5dfc8eebf8b1f295caf7b81ff620152e5786; expires=Sun, 05 Feb 2023 10:36:29 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Mon, 29 Dec 2025 21:16:29 GMT; path=/; SameSite=None; Secure
Tracking_id: 102ab625010f117b274f77aed1d169
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 1943750279de19d4e5eb18db5df53ee2
Access-Control-Allow-Headers: Tune-SDK-Version
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash ae8546a5d31983ff3127bd5ad6dc1e14
07c697b8af3bdafa3043c0490c52685a9f426f9a
b07b02b736c0bf608dc1a7106d816ca88b642aef62f9b280834e549f9232c639
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 10:36:29 GMT
Server: ECS (dcb/7EEC)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P8IGBSjibHpNTFk-tJeIbtMrkQUXNs9C0RWgjO7U7puYXmBzrNEFbA==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15423
Expires: Sat, 04 Feb 2023 14:53:33 GMT
Date: Sat, 04 Feb 2023 10:36:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15423
Expires: Sat, 04 Feb 2023 14:53:33 GMT
Date: Sat, 04 Feb 2023 10:36:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15423
Expires: Sat, 04 Feb 2023 14:53:33 GMT
Date: Sat, 04 Feb 2023 10:36:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15423
Expires: Sat, 04 Feb 2023 14:53:33 GMT
Date: Sat, 04 Feb 2023 10:36:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 46106
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45c6a062f8637e689819f505b019dc0e
61665688f1039c4fad848853a68e28d057718ad1
c9b14113eba535a2e1a6cbbf121a818ad0204fc6dd7b2ea9b592830ab927d6d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6718
x-amzn-requestid: 662f889b-4c25-4dec-85d4-ea9dfa8b8974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7DE5boAMF_cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-33ca99fc7b6eac8d5486d6c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvNs1hPPXHBJs5rTIBqH3DbqLLX6si9jHF46KrsuT9BFB2N2V3zeUA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:06:20 GMT
age: 45010
etag: "61665688f1039c4fad848853a68e28d057718ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 44757
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 44769
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 77e225775154732b55c206faa6fce355
126bdaa18d9a1650b5e3a4e883d89188e8bbf136
af7fb0e6cfe7082af183bd2ba5ef43ab3ef3f9e6df2761ed4534bd48aa078798
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3868
x-amzn-requestid: f130379c-2ea2-43d6-a1b0-e3afd4811bc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEwLFYgIAMFzwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd819a-3d0199ab38a410ff7a78a675;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:50:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QrCYar2bxFJ_7bBH-5oJ4qdaS58NXDwNJxLI7ILxrBkzvzGV95PSFw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:30:36 GMT
etag: "126bdaa18d9a1650b5e3a4e883d89188e8bbf136"
content-type: image/jpeg
age: 43554
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 44758
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/campaign?utm_campaign=6535&utm_term=102ab625010f117b274f77aed1d169&utm_source=170910&utm_content=wor7bi23ia1iqqcmi5hevmoq&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781
143.204.55.33302 Found 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/campaign?utm_campaign=6535&utm_term=102ab625010f117b274f77aed1d169&utm_source=170910&utm_content=wor7bi23ia1iqqcmi5hevmoq&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781
IP 143.204.55.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /campaign?utm_campaign=6535&utm_term=102ab625010f117b274f77aed1d169&utm_source=170910&utm_content=wor7bi23ia1iqqcmi5hevmoq&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781 HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
content-length: 0
cache-control: no-store, no-cache, must-revalidate, no-cache="set-cookie"
date: Sat, 04 Feb 2023 10:36:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /landingpage
pragma: no-cache
server: nginx/1.22.0
set-cookie: PHPSESSID=90evahrmh4eucb9m6acne1uhl3; path=/
AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32521334F883789A80A62052FDE19C0E53F7732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF;PATH=/
x-cache: Miss from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GfCztbEquNv_GTI36SzXCi9xbAm76aXbpQhhNwRJ9yZxw4uvrVsrpg==
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/landingpage
143.204.55.33302 Found 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/landingpage
IP 143.204.55.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /landingpage HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=90evahrmh4eucb9m6acne1uhl3; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32521334F883789A80A62052FDE19C0E53F7732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
content-length: 0
cache-control: no-store, no-cache, must-revalidate
date: Sat, 04 Feb 2023 10:36:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /lp/lp2
pragma: no-cache
server: nginx/1.22.0
x-cache: Miss from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rqRhRN7rmLKk0Swwfr-Rf5d0J4vILXjzcxr_Bz_1IlF2d-Zd_BbeZQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E
142.250.74.40200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E
IP 142.250.74.40:0
File type ASCII text, with very long lines (19467)
Hash a8336e2614015e212587f9b5d6869bb1
06035afcc6c191992ccf888c84d2df19e01d4b97
3337497523ed1b67d6ae1fb230d418096c06046e2abde5c46e8fd4e1626de2c4
GET /gtag/js?id=G-NVWF78EY0E HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 10:36:31 GMT
expires: Sat, 04 Feb 2023 10:36:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77089
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 10:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash e81e0b633d5908a1fda1df241fe67fe0
f87952502bf1dae5fb7376ecce31d051f7f39c07
ed3f26de7e26468fb7f8ff23b6aed7c8c71b94898fb068b233fc0eedfa283a61
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91433
Date: Sat, 04 Feb 2023 10:36:31 GMT
Etag: "63dcf758-1d7"
Expires: Sun, 05 Feb 2023 12:00:24 GMT
Last-Modified: Fri, 03 Feb 2023 12:00:24 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CpZxhTl9ESP5YifCYTuoYSJJNdo-5DnpImxFnkahmdVEMmPoUbT_cQ==
media.xn--vtedrmmer-52a7s.com/project/489/logo_dark.png?config=7826
54.230.111.43200 OK 10 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project/489/logo_dark.png?config=7826
IP 54.230.111.43:0
File type PNG image data, 320 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash dea19df8bf5758e2af9921e166e1420d
4f4610c28f3bad69e8b72d7f6379dcf61f50bd39
2cac0168f0a0c24154662208ee88cfe4213a26fe64c18211fcfcea31f6338b78
GET /project/489/logo_dark.png?config=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 10042
date: Wed, 01 Feb 2023 08:21:59 GMT
last-modified: Fri, 13 Nov 2020 10:55:08 GMT
etag: "dea19df8bf5758e2af9921e166e1420d"
cache-control: max-age=3153600
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MZLe7MsrNpEXexdPOCR0XqejDquaNak2UPuwozuiJAP2QyF3cic12Q==
age: 267273
vary: Origin
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash e81e0b633d5908a1fda1df241fe67fe0
f87952502bf1dae5fb7376ecce31d051f7f39c07
ed3f26de7e26468fb7f8ff23b6aed7c8c71b94898fb068b233fc0eedfa283a61
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 10:36:31 GMT
Server: ECS (dcb/7FA7)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pupTPiZURhpybHBoCtFdM6eD9_TkMdaIxX8qMMfwGh24d2VvhHGb0A==
media.xn--vtedrmmer-52a7s.com/css/landingpage/matchm/style.css?version=7826
54.230.111.43200 OK 84 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/css/landingpage/matchm/style.css?version=7826
IP 54.230.111.43:0
File type ASCII text, with very long lines (50442)
Hash 88fc9f004fb667d33f56de0d9e011e49
fbcbbf3c4437b699b26a27ee7059db7fec6cb8bb
2e091e8c984974a9ec9deee6081500857519d245f60d16faa4b15504e6701cb8
GET /css/landingpage/matchm/style.css?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 83844
date: Wed, 01 Feb 2023 08:21:59 GMT
last-modified: Mon, 21 Nov 2022 10:58:28 GMT
etag: "88fc9f004fb667d33f56de0d9e011e49"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KVUk5eCi8w3Or8WCEMPwrnSZ58AlMEmbmHKPIN3LlUn1wrQrsBsDYg==
age: 267273
vary: Origin
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash e81e0b633d5908a1fda1df241fe67fe0
f87952502bf1dae5fb7376ecce31d051f7f39c07
ed3f26de7e26468fb7f8ff23b6aed7c8c71b94898fb068b233fc0eedfa283a61
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 10:36:31 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oe1SbtXnaDJhomNWUab7KFD2i3TQwxpEJvtHSzB_Ze63DMtJTA7p3w==
media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826
54.230.111.43200 OK 84 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826
IP 54.230.111.43:0
File type Unicode text, UTF-8 text, with very long lines (65426)
Hash ce3ccb44a305193a7ab00bfdb69b4e23
c33ded560d8928ee37892bcab8398fac77e2ed07
7f2f658ecf4bd097d730ab77a8513fb1b8b6ca6032b919d6abb0e3be6be210c9
GET /js/landingpage/script.js?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 83821
date: Wed, 01 Feb 2023 08:21:59 GMT
last-modified: Mon, 15 Aug 2022 09:38:18 GMT
etag: "ce3ccb44a305193a7ab00bfdb69b4e23"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tTikiLfXhZWf3txGZmi02isQwXfbMqQqsAK97JYZsSmdXAIMzcPktg==
age: 267273
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/images/landingpage/lp2/LP2_adult.jpg?version=7826
54.230.111.43200 OK 48 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/images/landingpage/lp2/LP2_adult.jpg?version=7826
IP 54.230.111.43:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 790x594, components 3\012- data
Hash a44c25dedd43edb73532247e0fb53dff
9c2d5134a8dbe684174cc7963966c0269f893c2a
a21353bd80fba56b015461cd9dc88ac2edc3e41552412fe7943477f487536032
GET /images/landingpage/lp2/LP2_adult.jpg?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 48325
date: Wed, 01 Feb 2023 14:06:08 GMT
last-modified: Wed, 29 Apr 2020 08:37:02 GMT
etag: "a44c25dedd43edb73532247e0fb53dff"
cache-control: max-age=3153600
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2OUIxZYuM47Iw7DkJRq4UXfDY3oYfwarLT3bE2ExzOYAIZLOqugzUA==
age: 246624
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/images/niche/adult/reg_gender_male.jpg?version=7826
54.230.111.43200 OK 23 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/images/niche/adult/reg_gender_male.jpg?version=7826
IP 54.230.111.43:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 380x405, components 3\012- data
Hash 9fdb43ee4f4ff25db06ba41ef6496561
ff361b7424649b76708203f53d7fc47517fd7139
d6f41e5d0991e565d290e45bea26d979a0a96f2c18ab2e61695c5db33a5d51a4
GET /images/niche/adult/reg_gender_male.jpg?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 22808
last-modified: Fri, 17 Apr 2020 10:14:38 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 02:23:14 GMT
etag: "9fdb43ee4f4ff25db06ba41ef6496561"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WHyQi-vH-qxQFAs21sGqrlKK4fms2Y0-4covolEvzVU55l96lIYXyA==
age: 29598
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/images/niche/adult/reg_gender_female.jpg?version=7826
54.230.111.43200 OK 21 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/images/niche/adult/reg_gender_female.jpg?version=7826
IP 54.230.111.43:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 380x405, components 3\012- data
Hash 17f81e45188df50b9edb9d05a0839f53
9ba3613b7a7d33c899b0c4f3c6570520996dd6e5
04659fbd63d9bddb6400d664d70223e15f463b529a09c8183b35c45b184fb04f
GET /images/niche/adult/reg_gender_female.jpg?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 20723
last-modified: Fri, 17 Apr 2020 10:14:38 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 02:23:14 GMT
etag: "17f81e45188df50b9edb9d05a0839f53"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m9zr-CVUnlPFHl7yAxLM7FW01hirX1wuEvbdPnez5yyfdZ3Yc6bYVw==
age: 29598
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/project/489/favicon.ico?config=7826
54.230.111.43200 OK 4.3 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project/489/favicon.ico?config=7826
IP 54.230.111.43:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 56283d52626ba639ee4fc7c0a6c84324
b150126aede65c06da7573ac4488ff0043da0431
9b5bd7e7398519bf0f9dd7e52e05194f2f2d64fc549265400484d98e4b6f4281
GET /project/489/favicon.ico?config=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 4286
date: Wed, 01 Feb 2023 08:23:50 GMT
last-modified: Fri, 13 Nov 2020 10:55:42 GMT
etag: "56283d52626ba639ee4fc7c0a6c84324"
cache-control: max-age=3153600
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S2ksKOHBMzaWAuCyPnmwgqAFJxLUR7JSSRr4ZTabwz-yHanEA433Kg==
age: 267162
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/css/project/matchm/style.css?version=7826
54.230.111.43200 OK 98 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/css/project/matchm/style.css?version=7826
IP 54.230.111.43:0
File type ASCII text, with very long lines (53333)
Hash 064699c25e405c0e166d7662c3561761
27fb9b6c67c5a1c09276a71047ab2fbab7ce69d7
1eaa6a6a7e75e343e5fe9f779b7f6502b3b72e5f799bcb01c26f5c5c19a1b52a
GET /css/project/matchm/style.css?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 97544
date: Wed, 01 Feb 2023 08:23:48 GMT
last-modified: Mon, 21 Nov 2022 10:58:32 GMT
etag: "064699c25e405c0e166d7662c3561761"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nz6n7EIfdyo29SlJlhgs6XJiXY8I8uLw9308iALnj0QKQyctBEnm6Q==
age: 267164
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826
54.230.111.43200 OK 757 B URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826
IP 54.230.111.43:0
File type ASCII text, with very long lines (1532), with no line terminators
Hash 69b7363b2a1c3b6ca1d79b403e0c6c1c
d369fce98ab7c8750527c5c2f64130dda8729dbf
e6e40f36330091e93b7e5a1661e132f5624d5622ddd56c8941f4027101c36067
GET /js/manifest/script.js?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 757
date: Wed, 01 Feb 2023 08:23:48 GMT
last-modified: Thu, 08 Oct 2020 13:26:42 GMT
etag: "69b7363b2a1c3b6ca1d79b403e0c6c1c"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fRNyOU1cIa3khJAf9yAU99mOhnTHCPwjTwQjJ6oHPyWid59g2A2vkQ==
age: 267164
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826
54.230.111.43200 OK 236 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826
IP 54.230.111.43:0
File type ASCII text, with very long lines (65433)
Size 236 kB (236255 bytes)
Hash f5ef8833e788ec24ffaac4864a1a9fb6
c4fbc75d56f0269014baf42d5de92ce35f9371f9
9947197e08fb77b400bb6e3294799a442828cb004532c9b7d9872bda9ab16cea
GET /js/vendor/script.js?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 236255
date: Wed, 01 Feb 2023 08:23:48 GMT
last-modified: Mon, 15 Aug 2022 09:38:09 GMT
etag: "f5ef8833e788ec24ffaac4864a1a9fb6"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EMrNHtOZCCrgAewpcCODyEBoj_voGv6aBSDgf267-SfNA2-FMYZfYA==
age: 267164
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826
54.230.111.43200 OK 37 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826
IP 54.230.111.43:0
File type ASCII text, with very long lines (65435)
Hash f1e681a0bb4eb99a76e4fc67ca697e89
c0be4bbc6827461c7b7b4cbf059b160e914fd65a
67e1168eb449f8e436786e6234a78121c4cd500e8b7e445bff775d731a16eeb9
GET /js/main/script.js?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 36974
date: Wed, 01 Feb 2023 08:23:48 GMT
last-modified: Mon, 15 Aug 2022 09:38:12 GMT
etag: "f1e681a0bb4eb99a76e4fc67ca697e89"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O3hGM7M1uZzNjLYaf04aN6J6d3JsgYHLBVKNlFabRy4kVE9cxHz7hA==
age: 267164
vary: Origin
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-NVWF78EY0E>m=45je3210&_p=1157775779&cid=961491449.1675507027&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675507026&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp2&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-NVWF78EY0E>m=45je3210&_p=1157775779&cid=961491449.1675507027&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675507026&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp2&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-NVWF78EY0E>m=45je3210&_p=1157775779&cid=961491449.1675507027&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675507026&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp2&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xn--vtedrmmer-52a7s.com
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.xn--vtedrmmer-52a7s.com
date: Sat, 04 Feb 2023 10:36:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75b9c67fbf2d207afec78eb14b95d7ec
c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8
42ddfef2fc1e0200a1ff3d615fd6da42fd8bdea4551344580c13af07092d401f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 095185b4-b608-4ac8-9041-6e5fcf9033d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW_EA4IAMFxVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f9-1d780a2a58fcc30613bdfdab;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -4TwLeMENj7WdI_QQWKgwxTj9MldN5z7qmo7_OX_eXIVba9zjDEoaA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:42 GMT
age: 44335
etag: "c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/lp/lp2
143.204.55.33200 OK 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/lp2
IP 143.204.55.33:0
GET /lp/lp2 HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=90evahrmh4eucb9m6acne1uhl3; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32521334F883789A80A62052FDE19C0E53F7732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
date: Sat, 04 Feb 2023 10:36:30 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.22.0
x-cache: Miss from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vZoQZMQnGgmW18Et3q5wglfJGtC9e_46o7W2MGcD9JmgP9z1OuWOHA==
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/lp/blank.html
143.204.55.33404 Not Found 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/blank.html
IP 143.204.55.33:0
GET /lp/blank.html HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/lp/lp2
Cookie: PHPSESSID=90evahrmh4eucb9m6acne1uhl3; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32521334F883789A80A62052FDE19C0E53F7732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
date: Sat, 04 Feb 2023 10:36:31 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.22.0
x-cache: Error from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cCXgsqHub_oH4B1w3Z4BhD9ZE-_yTFcayqnvEUBQQmVZyrw9ir4SfQ==
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/lp/blank.html?HistoryLoad
143.204.55.33404 Not Found 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/blank.html?HistoryLoad
IP 143.204.55.33:0
GET /lp/blank.html?HistoryLoad HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/lp/lp2
Cookie: PHPSESSID=90evahrmh4eucb9m6acne1uhl3; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32521334F883789A80A62052FDE19C0E53F7732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF; cookies_marketing=1; cookies_analytic=1; _ga_NVWF78EY0E=GS1.1.1675507026.1.1.1675507026.0.0.0; _ga=GA1.1.961491449.1675507027
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
date: Sat, 04 Feb 2023 10:36:32 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.22.0
x-cache: Error from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v3LLFVXe62f_dbG8kb2AubBDw2TfdWJoNaenKgyGKa1-Nz_Y978VLw==
X-Firefox-Spdy: h2