urlquery - report: mobile1.fun/pt/bx/vodafonechest/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
player.vimeo.com (1)	1858	2013-09-26 03:16:08 UTC	2020-01-28 05:29:01 UTC	162.159.138.60
europe-west2-tech-microservices-production.cloudfunctions.net (1)	0	2019-10-08 09:29:41 UTC	2022-11-23 12:13:58 UTC	216.239.36.54	Unknown ranking
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-24 05:30:55 UTC	34.117.237.239
broker-systems.com (17)	0	2020-12-15 12:26:55 UTC	2022-11-24 08:10:27 UTC	104.21.79.157	Unknown ranking
flagicons.lipis.dev (1)	527996	No data	No data	185.199.108.153
ocsp.sectigo.com (1)	487	2019-11-29 11:50:24 UTC	2021-09-17 20:05:40 UTC	172.64.155.188
cdntechone.com (1)	64371	2021-12-24 17:09:58 UTC	2022-11-23 06:48:58 UTC	104.21.29.183
my.rtmark.net (3)	9054	2017-08-22 14:11:49 UTC	2022-11-24 08:54:46 UTC	139.45.195.8
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	35.86.38.2
e1.o.lencr.org (1)	6159	No data	No data	23.36.77.32
fonts.gstatic.com (1)	0	2014-09-09 00:40:21 UTC	2022-11-24 11:09:52 UTC	216.58.207.195	Domain (gstatic.com) ranked at: 540
region1.google-analytics.com (1)	0	2022-03-17 11:26:33 UTC	2022-11-24 06:15:58 UTC	216.239.34.36	Domain (google-analytics.com) ranked at: 8401
www.googleoptimize.com (1)	1604	2019-07-23 08:23:32 UTC	2022-11-24 09:15:39 UTC	142.250.74.46
datatechone.com (1)	0	2015-06-17 13:52:19 UTC	2022-11-23 15:15:09 UTC	139.45.195.253	Unknown ranking
mobile1.fun (1)	0	2022-10-21 11:11:39 UTC	2022-11-23 15:01:18 UTC	79.98.29.29	Unknown ranking
r3.o.lencr.org (9)	344	No data	No data	23.36.76.226
ocsp.digicert.com (4)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
whampamp.com (3)	30947	2022-03-12 13:52:24 UTC	2022-11-23 13:37:13 UTC	139.45.197.236
fonts.googleapis.com (1)	8877	2013-06-10 20:14:26 UTC	2022-11-24 11:11:51 UTC	142.250.74.10
unpkg.com (1)	11693	2016-01-07 23:26:01 UTC	2022-11-24 08:16:14 UTC	104.16.123.175
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-24 05:36:55 UTC	34.102.187.140
ocsp.pki.goog (6)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.3
www.google-analytics.com (1)	40	2012-10-03 01:04:21 UTC	2022-11-24 10:18:11 UTC	142.250.74.174
img-getpocket.cdn.mozilla.net (5)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
vod-progressive.akamaized.net (1)	19176	No data	No data	23.36.76.123

Scan Date	Severity	Indicator	Comment
2022-11-24	2	whampamp.com	Sinkholed
2022-11-24	2	whampamp.com	Sinkholed
2022-11-24	2	whampamp.com	Sinkholed
2022-11-24	2	datatechone.com	Sinkholed

Date	UQ / IDS / BL	URL	IP
2023-02-04 05:04:15 +0000	0 - 3 - 4	tele10.site/m/th/s4/	79.98.29.29
2023-02-03 22:00:46 +0000	0 - 0 - 4	tele10.site/m/id/sw/	79.98.29.29
2023-02-03 17:32:35 +0000	0 - 0 - 3	tele10.site/m/ae/ewh	79.98.29.29
2023-02-03 17:08:25 +0000	0 - 1 - 3	tele10.site/m/ng/ppt5/	79.98.29.29
2023-02-03 14:50:59 +0000	0 - 0 - 3	tele10.site/m/ae/ewh/	79.98.29.29

Date	UQ / IDS / BL	URL	IP
2023-02-04 21:17:16 +0000	0 - 0 - 3	telebest.site/m/ke/ppt2/	62.77.158.198
2023-02-04 18:31:04 +0000	0 - 6 - 0	ausines.lt/	194.135.87.104
2023-02-04 18:09:59 +0000	0 - 1 - 3	telebest.site/m/th/s3/	62.77.158.198
2023-02-04 16:00:23 +0000	0 - 0 - 3	televip.site/ph/env/globe/	79.98.29.22
2023-02-04 08:59:46 +0000	0 - 1 - 3	hdd2.site/m/ng/ppt5/	62.77.158.198

Date	UQ / IDS / BL	URL	IP
2022-12-30 14:14:45 +0000	0 - 7 - 0	mobile1.fun/om/bx/ooredoochest/	79.98.29.29
2022-12-29 13:59:40 +0000	0 - 7 - 0	mobile1.fun/om/bx/ooredoochest/	79.98.29.29
2022-12-25 06:00:09 +0000	0 - 7 - 0	mobile1.fun/zm/env/nl/	79.98.29.29
2022-12-25 04:59:19 +0000	0 - 7 - 0	mobile1.fun/uz/env/nl/	79.98.29.29
2022-12-12 14:12:09 +0000	0 - 0 - 1	mobile1.fun/uz/env/ucell/	79.98.29.29

Date	UQ / IDS / BL	URL	IP
2022-12-02 12:00:55 +0000	0 - 0 - 2	tele123.store/cl/500/env/nl	79.98.29.10
2022-12-02 12:00:27 +0000	0 - 0 - 2	telefonica.site/bd/fortune/nl/	79.98.24.35
2022-12-02 10:51:13 +0000	0 - 0 - 2	senecaphoneupdate.top/smart-security-0/index. (...)	172.67.133.55
2022-12-01 13:56:11 +0000	0 - 0 - 2	exceptionalphonesecurity.xyz/smart-security-0 (...)	172.67.155.44
2022-12-01 13:02:12 +0000	0 - 0 - 2	televivo.online/kz/env/nl	194.135.87.58

Request	Response
GET /pt/bx/vodafonechest/ HTTP/1.1 Host: mobile1.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: mobile1.fun/pt/bx/vodafonechest/ FQDN: mobile1.fun IP: 79.98.29.29 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 79.98.29.29 HTTP/1.1 302 Found Content-Type: text/html Date: Thu, 24 Nov 2022 13:00:41 GMT Server: Apache Connection: Upgrade, Keep-Alive Location: //whampamp.com/4/5087048?var=ag2 Keep-Alive: timeout=2, max=100 Transfer-Encoding: chunked --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5" Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6392 Expires: Thu, 24 Nov 2022 14:47:14 GMT Date: Thu, 24 Nov 2022 13:00:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1456357aecbd23f21ad98da57e0127eb Sha1: 7074815b39fa8da9013883971d665e4c1b0797ea Sha256: f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634" Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5856 Expires: Thu, 24 Nov 2022 14:38:18 GMT Date: Thu, 24 Nov 2022 13:00:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 054ff0d1a0a43f7cb1d78dbd34e27f99 Sha1: 3caf54f3de1d6a8c6f6454083f8b8e7dec77db54 Sha256: fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6119 Cache-Control: max-age=169948 Date: Thu, 24 Nov 2022 13:00:42 GMT Etag: "637f47ef-1d7" Expires: Sat, 26 Nov 2022 12:13:10 GMT Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: af40a2fcf8debb90c3608002da6c907a Sha1: 3c75d6c0b557a3bd8d5db50155b8d896e852c145 Sha256: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: +STwa8UMFT+92D7FJLvdvz0tM7PYgb5s9ZylOOCZmuRN7zIE3D9EJAcD+zLK3PmMu3IJ/YLpqro= x-amz-request-id: MD07YKHR70G4GY96 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 24 Nov 2022 12:40:24 GMT age: 1218 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 24 Nov 2022 12:18:58 GMT cache-control: public,max-age=3600 age: 2504 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 567df7db606cf5d0871aa5bc9311b6da Sha1: 4263faac7cbab2fcaf6661911dcad5091c06be17 Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /4/5087048?var=ag2 HTTP/1.1 Host: whampamp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: whampamp.com/4/5087048?var=ag2 FQDN: whampamp.com IP: 139.45.197.236 HASH: bbf6318e8c64219acc55537dc675da49806e3aa4a8ba867edeb67bf362d77bac 139.45.197.236 HTTP/1.1 200 OK Content-Type: text/html; charset=utf8 Server: nginx Date: Thu, 24 Nov 2022 13:00:42 GMT Transfer-Encoding: chunked Connection: keep-alive X-Trace-Id: 0f69ca0430d64153ba8510322ef1c829 Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Timing-Allow-Origin: * Set-Cookie: OAID=07a6e12e38534ee28eecfadaefea5a67; expires=Fri, 24 Nov 2023 13:00:42 GMT; path=/ oaidts=1669294842; expires=Fri, 24 Nov 2023 13:00:42 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT Pragma: no-cache, no-cache Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT Access-Control-Allow-Origin: , Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5406) Size: 2954 Md5: 539cd59f5476fc368437fdba2d362fe3 Sha1: f37a55e44173017eeb836e0c89f994c163a9fb71 Sha256: bbf6318e8c64219acc55537dc675da49806e3aa4a8ba867edeb67bf362d77bac Alerts: Blocklists: - quad9: Sinkholed
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 24 Nov 2022 13:00:42 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E" Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11666 Expires: Thu, 24 Nov 2022 16:15:08 GMT Date: Thu, 24 Nov 2022 13:00:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 94d86bd8aa3fb64d5ef4ba39b2093f46 Sha1: f6f8b969e6d14af88dcd584c72ad52d904d459e9 Sha256: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e
GET /favicon.ico HTTP/1.1 Host: whampamp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://whampamp.com/4/5087048?var=ag2 Cookie: OAID=07a6e12e38534ee28eecfadaefea5a67; oaidts=1669294842	URL: whampamp.com/favicon.ico FQDN: whampamp.com IP: 139.45.197.236 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.236 HTTP/1.1 204 No Content Server: nginx Date: Thu, 24 Nov 2022 13:00:42 GMT Connection: keep-alive Expires: Thu, 31 Dec 2037 23:55:55 GMT Pragma: public Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /img.gif?f=merge&userId=07a6e12e38534ee28eecfadaefea5a67 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://whampamp.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: my.rtmark.net/img.gif?f=merge&userId=07a6e12e38534ee28e (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.195.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Thu, 24 Nov 2022 13:00:42 GMT content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=07a6e12e38534ee28eecfadaefea5a67; expires=Fri, 24 Nov 2023 13:00:42 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1 Host: whampamp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Content-Length: 463 Origin: http://whampamp.com Connection: keep-alive Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false Cookie: OAID=07a6e12e38534ee28eecfadaefea5a67; oaidts=1669294842 Upgrade-Insecure-Requests: 1	URL: whampamp.com/?z=5087048&syncedCookie=true&rhd=false FQDN: whampamp.com IP: 139.45.197.236 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.236 HTTP/1.1 302 Found Server: nginx Date: Thu, 24 Nov 2022 13:00:42 GMT Content-Length: 0 Connection: keep-alive X-Trace-Id: 43d77d8af021f69389e16083925cfcbf Link: <https://broker-systems.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch" Referrer-Policy: no-referrer Location: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Access-Control-Allow-Origin: http://whampamp.com Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding Access-Control-Max-Age: 86400 Pragma: no-cache Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0 Expires: Tue, 11 Jan 1994 10:00:00 GMT Set-Cookie: OAID=07a6e12e38534ee28eecfadaefea5a67; expires=Fri, 24 Nov 2023 13:00:42 GMT; path=/ oaidts=1669294842; expires=Fri, 24 Nov 2023 13:00:42 GMT; path=/ syncedCookie=true; expires=Thu, 01 Dec 2022 13:00:42 GMT; path=/ Strict-Transport-Security: max-age=1 X-Content-Type-Options: nosniff Timing-Allow-Origin: , --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 24 Nov 2022 12:08:53 GMT cache-control: public,max-age=3600 age: 3109 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 3e9326eed70039fb966609c04fa7da9c6f714d3c674b0bce36f2abe109511f2f 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Cache-Control: max-age=152665 Date: Thu, 24 Nov 2022 13:00:42 GMT Etag: "637f1c53-118" Expires: Sat, 26 Nov 2022 07:25:07 GMT Last-Modified: Thu, 24 Nov 2022 07:25:07 GMT Server: nginx Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 308eff1f289275eba76cbe78567c4f22 Sha1: b8bc7278977fa4116ee664708fabba403f8bbe3a Sha256: 3e9326eed70039fb966609c04fa7da9c6f714d3c674b0bce36f2abe109511f2f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5703 Cache-Control: max-age=164470 Date: Thu, 24 Nov 2022 13:00:42 GMT Etag: "637f3429-1d7" Expires: Sat, 26 Nov 2022 10:41:52 GMT Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fb6949e7abaa473393f7c604691de14f Sha1: 599681bba3947709baa603bbae2dd7afd04059a4 Sha256: 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: iXnqIhOHobfhFKDy/LsVkQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.86.38.2 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.86.38.2 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: fxptF6f/Wxi9NGRQF6QMKvnocO4= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/reg/v2/registration.js HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/reg/v2/registration.js FQDN: broker-systems.com IP: 104.21.79.157 HASH: 9ee7da4527ca3efd371a0432ea2e5b6e663a4f8b2cff789c84f4c7de48fae600 104.21.79.157 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 vary: Accept-Encoding x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:57:21 GMT cf-cache-status: HIT age: 3792 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QlbRASLJEsNxXVCj4sA%2Ff9pPRqreYCeUn%2BFFfIAHeujL3kgDCtFcSevFQGwwQ5dZFCtSQfncIxMHfT%2FCaRHsfsc0%2F8bEkHOHFN9341d0G4ckkgQBcTcfwAAv75UnATqzoG2qO0%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254420986b4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (22747) Size: 5581 Md5: 8130a53585aca8f3fd0e0a8c58959606 Sha1: 314209692757571885c910988c5f15297bbf4f15 Sha256: 9ee7da4527ca3efd371a0432ea2e5b6e663a4f8b2cff789c84f4c7de48fae600
GET /assets/img/2021/07/03/1627994300561-5bf0b534-f69d-4dab-ba2c-ade842022f0f.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/07/03/1627994300561- (...) FQDN: broker-systems.com IP: 104.21.79.157 HASH: 57c764fc6b98dd553ee7d944391a3bdbe85179f1f24c609275a2ce85262ef357 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:57:21 GMT vary: Accept-Encoding cf-cache-status: HIT age: 3792 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugmbZ4TwAUPZ9IQ9ECpmOpxeCoJbT55yTMowtAcjLAx7o8RVEUclg95%2FuhZZDsCDZeY2atnC1FF8I%2BzC%2B%2FegdKLXy1h53Q7tKhcs%2BUpedhfKbhxGLIIoKp6iIx1gMNFUDvq3zh4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f2544229a8b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 120 x 102, 8-bit colormap, non-interlaced\012- data Size: 1319 Md5: bab54e9a9549fec58a0294b8cffdd720 Sha1: d5abb83c7522f3686dc89e5ec8f48e61d3a02900 Sha256: 57c764fc6b98dd553ee7d944391a3bdbe85179f1f24c609275a2ce85262ef357
GET /assets/img/2021/07/03/1627994280359-a8930d1d-c68c-48c1-9109-f4c3e8036b91.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/07/03/1627994280359- (...) FQDN: broker-systems.com IP: 104.21.79.157 HASH: 92ce88294e6ad5f0b65ef207d7d5bad9286894fe8f411a48886e084ad100887a 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYrJWRG66IndkOgg3A1ZbK6Rgv%2FzaAbzy%2FRp%2Fx%2F1%2FzA0kE0DrJGHkCjYDRIF%2FmYxZ9BPKGjfES4%2BAxHNoBeaeqwE4il79xjc3RdPtpWJS%2Bz%2Fdc8%2BDyglvpF5AivStO0OvfGd51o%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f2544229a0b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 119 x 113, 8-bit colormap, non-interlaced\012- data Size: 2242 Md5: d34130a210e108e15c275dbf36154a9d Sha1: 7cb1d72515aacfdf876f52fa39e7aba7ef3b9494 Sha256: 92ce88294e6ad5f0b65ef207d7d5bad9286894fe8f411a48886e084ad100887a
GET /assets/reg/v2/registration-form.js HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/reg/v2/registration-form.js FQDN: broker-systems.com IP: 104.21.79.157 HASH: 5fa3caaaf3da2b1ce77fabf6a8b6ce9d08ba2517ff56cd0c5df3b86a25e6397d 104.21.79.157 HTTP/2 200 OK content-type: text/javascript; charset=utf-8 date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 vary: Accept-Encoding x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuiG0g%2BoRyRicer%2BWeNScumkZzgeJE7lKlxSN%2FupsKXEK2r5L9GWNl95%2FTmM2bjlWyrZziW9qVgCxDfAAg%2Fbae6PAQfus7hNddz2iKJY6Bm8gYgzRemQLPenIycdZ94j%2BpG4Ejk%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254420987b4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (41190) Size: 59041 Md5: 610cd956e68d501870769eb8c46485c0 Sha1: 7f1ae893992756fe0d11f3fa02bdef25e5aaafec Sha256: 5fa3caaaf3da2b1ce77fabf6a8b6ce9d08ba2517ff56cd0c5df3b86a25e6397d
GET /css2?family=Cabin:wght@400;700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css2?family=Cabin:wght@400;700&dis (...) FQDN: fonts.googleapis.com IP: 142.250.74.10 HASH: f6101b009501ac1bbabd50961fadec3bb9f5e3bb893f0debd46fe7a155e5e278 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 24 Nov 2022 13:00:43 GMT date: Thu, 24 Nov 2022 13:00:43 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 799 Md5: e855b54c48bd1df8a7e02055026d7c52 Sha1: e101ae16c9aa1ce66b55bb62fa43e51b2d126c32 Sha256: f6101b009501ac1bbabd50961fadec3bb9f5e3bb893f0debd46fe7a155e5e278
GET /assets/img/2021/07/03/1627983981297-09ae9196-87ef-4a69-938e-8ca455880a42.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/07/03/1627983981297- (...) FQDN: broker-systems.com IP: 104.21.79.157 HASH: 70f5521ff170d664f7a2f43ab55f612f72f50852ef2eec213bea55cfe5c2cfa7 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwVr2ov7ouDdmdVMfbcaQsST7bBJ7wv4I6%2BN0R8qNyMM6DXfzHHiteTUGUkRZpyQOxe6s%2BqPyFra%2F21KKbMCUEeUpgFktMTlZjwV4D%2Fs7NDA1t5%2FqPOawtZYUJS2X9E9M5mSWog%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254421994b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 300 x 66, 8-bit/color RGBA, non-interlaced\012- data Size: 7876 Md5: 0f5a2647ad311b820655847123107921 Sha1: 6a08d83a003ae0988ecbc4db5837a4b16100fc15 Sha256: 70f5521ff170d664f7a2f43ab55f612f72f50852ef2eec213bea55cfe5c2cfa7
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: dd0dd96ca622aa07354fabdd0da767bf Sha1: a29eaa02a81dabed2c12be20a89d65a5a0417524 Sha256: 6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: 1c54351546080ee0abc8faff0b81a5ea222914f24fe4b200e267d2ab119bbc5d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "1C54351546080EE0ABC8FAFF0B81A5EA222914F24FE4B200E267D2AB119BBC5D" Last-Modified: Wed, 23 Nov 2022 01:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5562 Expires: Thu, 24 Nov 2022 14:33:25 GMT Date: Thu, 24 Nov 2022 13:00:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 970dc5ce1693949b64ea15b24bfb639b Sha1: af2f53945ecacc020fc56eb01089f589f5711eda Sha256: 1c54351546080ee0abc8faff0b81a5ea222914f24fe4b200e267d2ab119bbc5d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: aee1eaa2ef2d0edbb0bc5703979e6439 Sha1: 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db Sha256: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: aee1eaa2ef2d0edbb0bc5703979e6439 Sha1: 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db Sha256: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://broker-systems.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpb (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 26100 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 18:28:35 GMT expires: Thu, 23 Nov 2023 18:28:35 GMT cache-control: public, max-age=31536000 age: 66728 last-modified: Fri, 24 Jun 2022 18:41:34 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data Size: 26100 Md5: 312bcfa92b0b0a09c3f404b2c662a0b6 Sha1: 5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a Sha256: 979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: aee1eaa2ef2d0edbb0bc5703979e6439 Sha1: 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db Sha256: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
GET /optimize.js?id=OPT-TLN47DR HTTP/1.1 Host: www.googleoptimize.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googleoptimize.com/optimize.js?id=OPT-TLN47DR FQDN: www.googleoptimize.com IP: 142.250.74.46 HASH: c67474a0fb12b5dd3ca1fedd6bc025a8c4e36b545b11d3cc628c7735c42a7a19 142.250.74.46 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 24 Nov 2022 13:00:43 GMT expires: Thu, 24 Nov 2022 13:00:43 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 45228 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1921) Size: 45228 Md5: e020ce690007c895d1070182bb990372 Sha1: 9f875f5e4585f54ea792bbe115dc91c6e2f42f0e Sha256: c67474a0fb12b5dd3ca1fedd6bc025a8c4e36b545b11d3cc628c7735c42a7a19
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E" Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11665 Expires: Thu, 24 Nov 2022 16:15:08 GMT Date: Thu, 24 Nov 2022 13:00:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 94d86bd8aa3fb64d5ef4ba39b2093f46 Sha1: f6f8b969e6d14af88dcd584c72ad52d904d459e9 Sha256: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e
GET /flags/4x3/no.svg HTTP/1.1 Host: flagicons.lipis.dev User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: flagicons.lipis.dev/flags/4x3/no.svg FQDN: flagicons.lipis.dev IP: 185.199.108.153 HASH: 9c4ce2506adbbb63dda2139fb698e6ec80134b41862e8206d431ba3607cd4148 185.199.108.153 HTTP/2 200 OK content-type: image/svg+xml server: GitHub.com x-origin-cache: HIT last-modified: Wed, 19 Oct 2022 08:52:22 GMT access-control-allow-origin: * etag: W/"634fbac6-13e" expires: Sun, 20 Nov 2022 06:21:53 GMT cache-control: max-age=600 content-encoding: gzip x-proxy-cache: MISS x-github-request-id: ECA6:9356:1523F66:1CD8CDC:6379C529 accept-ranges: bytes date: Thu, 24 Nov 2022 13:00:43 GMT via: 1.1 varnish age: 157 x-served-by: cache-bma1662-BMA x-cache: HIT x-cache-hits: 1 x-timer: S1669294844.860356,VS0,VE1 vary: Accept-Encoding x-fastly-request-id: 726cce526703d08075d0b177e79d022cbf0d37d9 content-length: 188 X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text Size: 188 Md5: f916e66fd4723d7b98979d330bdab4d4 Sha1: b30df178bab8c3751c9e593dc19999823d98c6a7 Sha256: 9c4ce2506adbbb63dda2139fb698e6ec80134b41862e8206d431ba3607cd4148
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: 595ec3abe1ad4b2c5d26dfb7d05fb72fecfef889ed05c1df7815730b36f26008 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:43 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Mon, 21 Nov 2022 04:52:37 GMT Expires: Mon, 28 Nov 2022 04:52:36 GMT Etag: "77a508ce53a271b7407c6f50af3dc2ed88618c09" Cache-Control: max-age=315712,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 76f25445ed270b4d-OSL --- Additional Info --- Magic: data Size: 472 Md5: 347d32389552af6d8f1be3b4f806234a Sha1: 77a508ce53a271b7407c6f50af3dc2ed88618c09 Sha256: 595ec3abe1ad4b2c5d26dfb7d05fb72fecfef889ed05c1df7815730b36f26008
GET /p.js?f=sync&lr=1&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: my.rtmark.net/p.js?f=sync&lr=1&partner=eab99f1fc1f1a842 (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 73657615b5abe9d595c5dcb7faa33dd526743bc03168c7fd72de56d573c5cc7c 139.45.195.8 HTTP/2 200 OK content-type: text/javascript server: nginx date: Thu, 24 Nov 2022 13:00:43 GMT content-length: 697 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 697 Md5: 109d9d0f284658da4525b3d1c0ead2ec Sha1: 3fc4214c1bef95a85db5eaa84c262d6d85275b6e Sha256: 73657615b5abe9d595c5dcb7faa33dd526743bc03168c7fd72de56d573c5cc7c
POST /log/add?cid=0146f596-44d1-40c0-b3b5-74fcad621e75 HTTP/1.1 Host: datatechone.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 1122 Origin: https://broker-systems.com Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: datatechone.com/log/add?cid=0146f596-44d1-40c0-b3b5-74f (...) FQDN: datatechone.com IP: 139.45.195.253 HASH: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df 139.45.195.253 HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Server: nginx/1.19.10 Date: Thu, 24 Nov 2022 13:00:43 GMT Content-Length: 2 Connection: keep-alive Access-Control-Allow-Origin: https://broker-systems.com Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Access-Control-Allow-Credentials: true --- Additional Info --- Magic: ASCII text, with no line terminators Size: 2 Md5: 444bcb3a3fcf8389296c49467f27e1d6 Sha1: 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: abb9ee4b6ce6bc3df8bde8309882b1c3b07a627629200d8e6080ae24ec3a2775 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5907 Cache-Control: max-age=104943 Date: Thu, 24 Nov 2022 13:00:44 GMT Etag: "637e4ad8-118" Expires: Fri, 25 Nov 2022 18:09:47 GMT Last-Modified: Wed, 23 Nov 2022 16:31:20 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 9fc47df66f766e631ee72b07f14eae3c Sha1: 10efe23c2677829012ec3ac1c0cd45fcbb0c851b Sha256: abb9ee4b6ce6bc3df8bde8309882b1c3b07a627629200d8e6080ae24ec3a2775
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google-analytics.com/analytics.js FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e 142.250.74.174 HTTP/2 200 OK content-type: text/javascript strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20039 date: Thu, 24 Nov 2022 12:41:08 GMT expires: Thu, 24 Nov 2022 14:41:08 GMT cache-control: public, max-age=7200 age: 1176 last-modified: Tue, 27 Sep 2022 22:01:05 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1325) Size: 20039 Md5: 47e6f374ca946fddd5b59871b325736c Sha1: baa9282efc8785e84d247c3bff518eaa45f101c4 Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /external/465726082.hd.mp4?s=e5c3d3024ed8e02293307a9d67b5e6f9b16e59e8&profile_id=174 HTTP/1.1 Host: player.vimeo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: player.vimeo.com/external/465726082.hd.mp4?s=e5c3d3024e (...) FQDN: player.vimeo.com IP: 162.159.138.60 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 162.159.138.60 HTTP/1.1 302 Found Date: Thu, 24 Nov 2022 13:00:44 GMT Content-Length: 0 Connection: keep-alive Access-Control-Allow-Origin: * Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com Expires: Fri, 15 Dec 1985 19:30:00 GMT Location: https://vod-progressive.akamaized.net/exp=1669309244~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=6d17927a8b6844c584f4873ee50f2fd0ffe8f35499a0a0e237ef9aae508683fd/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff X-Host: player-backend-5ff8dcb846-7sq97 X-Player-Backend: g X-Xss-Protection: 1; mode=block Via: 1.1 google, 1.1 varnish Accept-Ranges: bytes Age: 0 X-Served-By: cache-cph2320028-CPH X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1669294844.050903,VS0,VE148 CF-Cache-Status: DYNAMIC Set-Cookie: __cf_bm=vY9oK_VE3oljmdjEgS_s1ghPx2m6p7Qt2sB0N1IbhGI-1669294844-0-AY77HnRHOq3+JDk9TTGxdigAHZKIpSwF82wDFKWAKTyLjEuUKkR8IhjRj3UkXHEkilDp1FL5gyx2aVIeEbtO9Jk=; path=/; expires=Thu, 24-Nov-22 13:30:44 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None Server: cloudflare CF-RAY: 76f2544738c20b39-OSL --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21163 Expires: Thu, 24 Nov 2022 18:53:27 GMT Date: Thu, 24 Nov 2022 13:00:44 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21163 Expires: Thu, 24 Nov 2022 18:53:27 GMT Date: Thu, 24 Nov 2022 13:00:44 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
GET /img.gif?f=sync&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a&ttl=&rurl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D619630080876089819%26country%3DNO%26campaignid%3D6340333%26cost%3D0.002546%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D5087048%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: my.rtmark.net/img.gif?f=sync&partner=eab99f1fc1f1a842a8 (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.195.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Thu, 24 Nov 2022 13:00:44 GMT content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=bab922c1062a461b932168835227cca6; expires=Fri, 24 Nov 2023 13:00:44 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21163 Expires: Thu, 24 Nov 2022 18:53:27 GMT Date: Thu, 24 Nov 2022 13:00:44 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21163 Expires: Thu, 24 Nov 2022 18:53:27 GMT Date: Thu, 24 Nov 2022 13:00:44 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21163 Expires: Thu, 24 Nov 2022 18:53:27 GMT Date: Thu, 24 Nov 2022 13:00:44 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7993 x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cEvCsG5mIAMFqAQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Wed, 23 Nov 2022 21:47:52 GMT age: 54772 etag: "43d1dec7fc06879988c9c3cadd800cc8145df988" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7993 Md5: 92c78302bcce1568eb6a5563100b932c Sha1: 43d1dec7fc06879988c9c3cadd800cc8145df988 Sha256: 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /exp=1669309244~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=6d17927a8b6844c584f4873ee50f2fd0ffe8f35499a0a0e237ef9aae508683fd/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4 HTTP/1.1 Host: vod-progressive.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Range: bytes=0- Referer: https://broker-systems.com/ Connection: keep-alive Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: vod-progressive.akamaized.net/exp=1669309244~acl=%2Fvim (...) FQDN: vod-progressive.akamaized.net IP: 23.36.76.123 HASH: d945e04c74f6b88360ee453d3183015ed971b3dd55c89de0d36e11e117c0137d 23.36.76.123 HTTP/1.1 206 Partial Content Content-Type: video/mp4 X-GUploader-UploadID: ADPycdvFALOJgFC8lHRE0XZtj_vOO8NMw94V883uDWMJyDi0Z5tzcMZ5sJ_cbHrMp_W3I5t9ZIwCFXUG4i7oN_MZINQBq6BT75Ie x-goog-generation: 1661020573365224 x-goog-metageneration: 1 x-goog-stored-content-encoding: identity x-goog-stored-content-length: 11965965 x-amz-meta-x-goog-reserved-source-generation: 1602068348320686 x-goog-hash: crc32c=hqujiA==, md5=DBrrzNDq44InOGp42cFLAQ== x-goog-storage-class: COLDLINE Accept-Ranges: bytes Server: UploadServer Aka-c-hit: cache-hit Last-Modified: Sat, 20 Aug 2022 18:36:13 GMT ETag: "0c1aebccd0eae38227386a78d9c14b01" Cache-Control: private, max-age=25922394 Expires: Wed, 20 Sep 2023 13:40:38 GMT Date: Thu, 24 Nov 2022 13:00:44 GMT Content-Range: bytes 0-11965964/11965965 Content-Length: 11965965 Connection: keep-alive AK-REFERENCE-ID: 0.774c2417.1669294844.2f27aab Akamai-Mon-Iucid-Del: 875210 Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Timing-Allow-Origin: * X-VIM-CACHEBC: EP:H11,E:h Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, AK-REFERENCE-ID Akamai-Edge-IP: 23.36.76.123 --- Additional Info --- Magic: ISO Media, MP4 v2 [ISO 14496-14]\012- data Size: 11965965 Md5: 0c1aebccd0eae38227386a78d9c14b01 Sha1: f05673ace82e6c754989e36334a939d66fadf3c8 Sha256: d945e04c74f6b88360ee453d3183015ed971b3dd55c89de0d36e11e117c0137d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ad1430-c833-4f58-99a3-6a959cced2fe.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3efff3d6a8bfa358652bf73ae26ab233ed8c2ca37dab1ff2f2298cd805b88bc1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9099 x-amzn-requestid: d828c8f5-3ff1-4e20-822f-32d9ad7a0d7a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cExDeGjKIAMFQHw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637e9549-71d957297c3ec4b01633b1ce;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 21:48:57 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: ZXi-qHYx7QoMQZAsZzEW099laTRSyxjhe8stloZ5ZhlRfw4W8sebjw== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Wed, 23 Nov 2022 22:13:58 GMT etag: "c35c0a9bf6ad7f53e3aadaffb8f3a03c4f9457e3" age: 53206 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9099 Md5: 891d19eb042be6fd5d021ff08db2dfcc Sha1: c35c0a9bf6ad7f53e3aadaffb8f3a03c4f9457e3 Sha256: 3efff3d6a8bfa358652bf73ae26ab233ed8c2ca37dab1ff2f2298cd805b88bc1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b9d9f8ed6c8abffda48365f6bc32b84b Sha1: 33ad802992d04ae77047e05a68120cb4e42a00e6 Sha256: 7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7462 x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cEwV3HV9oAMFs9w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Wed, 23 Nov 2022 22:08:16 GMT age: 53548 etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7462 Md5: b4157f2c5c3c77ce699324ecb08f47c7 Sha1: a7d9135f9d01ba13c3cdaf8b038c70212f159297 Sha256: 2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4fc8414d39bbaacb1e6575924bd0bbb9373d78b177022f7d3c6457829abffd06 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8748 x-amzn-requestid: 864da50a-44bb-4d20-b499-08c2a140871e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cEvCtENmoAMFqKw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637e9211-2705cc956f2c2aa5535533b0;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: xT0IorkRpXysoYMnugcrV40YaAxoRPjLmkPcv1ElteP_-rNZ1c6fog== via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Wed, 23 Nov 2022 21:48:57 GMT age: 54707 etag: "a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8748 Md5: 28381329eca6c426a8b05fcdef4aafcc Sha1: a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a Sha256: 4fc8414d39bbaacb1e6575924bd0bbb9373d78b177022f7d3c6457829abffd06
GET /assets/img/2021/06/26/1627296041352-f498966e-8044-4d89-8e33-75e2f6f534c4.jpg HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/06/26/1627296041352- (...) FQDN: broker-systems.com IP: 104.21.79.157 HASH: ed5baa9c39d2db8d36c1715780fff3efa25106809677c4a070b57e35369d7f5a 104.21.79.157 HTTP/2 200 OK content-type: image/jpeg date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yqe98OjK2jMztNu2Vbu8Od2xNg4HZc%2F%2Bffy94bCbTDVVHY4iuYQFJdDxfJOaRRsNwR5UTI3Kl2zo717p6b5%2BwvkAsWMj2KYp0Ovbgjq9%2FL2AwX4m%2BTGB8uuL7OqKD8x6wh2lbw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f25443bba7b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2800x423, components 3\012- data Size: 15520 Md5: 3cd0d2bff5925518dda9872a695b1990 Sha1: ddb0c91279407a73d05e01ae0a53e507aa50679c Sha256: ed5baa9c39d2db8d36c1715780fff3efa25106809677c4a070b57e35369d7f5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4309 x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b1U8xGxgIAMF-qQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0 x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 05:04:28 GMT age: 28576 etag: "126771b86638108050cf57c0d12faa27f80f0edb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4309 Md5: 841a4b110022a99ddea6f7bf66df0fa1 Sha1: 126771b86638108050cf57c0d12faa27f80f0edb Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
POST /batch-event-collector HTTP/1.1 Host: europe-west2-tech-microservices-production.cloudfunctions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 1171 Origin: https://broker-systems.com Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: europe-west2-tech-microservices-production.cloudfunctio (...) FQDN: europe-west2-tech-microservices-production.cloudfunctions.net IP: 216.239.36.54 HASH: a0ce47d8f99c7c1b5988ae1c07711bb0aed25484d8ce3563c3a589f2d7216c2f 216.239.36.54 HTTP/2 200 OK content-type: text/plain; charset=utf-8 access-control-allow-origin: * etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" function-execution-id: w6i4vbdoem4u x-powered-by: Express x-cloud-trace-context: 1d742f7801470b08c2f41f0c75208a21 content-encoding: gzip date: Thu, 24 Nov 2022 13:00:45 GMT server: Google Frontend cache-control: private content-length: 22 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 22 Md5: 7ed7900fc45647ddd2f5e4799f6e3f4e Sha1: c599a3e8d0cf90430834cda9a07a4b52dd609a7c Sha256: a0ce47d8f99c7c1b5988ae1c07711bb0aed25484d8ce3563c3a589f2d7216c2f
POST /g/collect?v=2&tid=G-Y5BMFENDVB&gtm=2oeb90&_p=558186308&cid=1542866630.1669294844&ul=en-us&sr=1280x1024&_s=1&sid=1669294843&sct=1&seg=0&dl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D619630080876089819%26country%3DNO%26campaignid%3D6340333%26cost%3D0.002546%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D5087048%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3&dt=broker-systems.com&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://broker-systems.com Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: region1.google-analytics.com/g/collect?v=2&tid=G-Y5BMFE (...) FQDN: region1.google-analytics.com IP: 216.239.34.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.34.36 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: https://broker-systems.com date: Thu, 24 Nov 2022 13:00:45 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b9d9f8ed6c8abffda48365f6bc32b84b Sha1: 33ad802992d04ae77047e05a68120cb4e42a00e6 Sha256: 7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583
GET /assets/img/2021/08/08/1631094157993-71e6734e-0583-460e-ad85-f2e9c96f6f65.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Cookie: _ga_Y5BMFENDVB=GS1.1.1669294843.1.0.1669294843.0.0.0; _ga=GA1.1.1542866630.1669294844 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/08/08/1631094157993- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:44 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 10:03:40 GMT vary: Accept-Encoding cf-cache-status: HIT age: 3397 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4%2FOFDTt1DxLrULgJLdUuYUSk3ox%2FIHAsmETi8nm7grjOxOKFt9aNToLG%2BS9HBRRmMjQnm5mFbE7Buuwqavx%2BlIRjk20slMEsTCyzgl82D%2BMAHGpZDlYD43Q67aiCQJ922%2BPpUo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254471882b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /stattag.js HTTP/1.1 Host: cdntechone.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdntechone.com/stattag.js FQDN: cdntechone.com IP: 104.21.29.183 104.21.29.183 HTTP/2 200 OK content-type: application/javascript date: Thu, 24 Nov 2022 13:00:43 GMT last-modified: Wed, 23 Nov 2022 15:07:35 GMT etag: W/"637e3737-3284" link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin cache-control: max-age=14400 cf-cache-status: HIT age: 2744 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJdP2Z%2BjDK4Cuzd9ab65XD0HrPeiXa16dTIdQbLvSvpK5fIMS8Z6U%2FlA8hjlzjOgvlX2WkYcpsbcg%2B62AgwxodF2u7n%2BhJz86R5qBPcVDLONSf9YmUJ90NllDVCTMvpoEw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 76f2544318e3b4f3-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2021/07/03/1627994332152-c4584953-f3aa-4b49-b0fb-e9b64e9d2a97.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/07/03/1627994332152- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2z7jhcRCATVURQa%2FozihINiDiOfhduZHKpvSeOB6T7Qtgo7h%2BOq34V8GtQ5qYiBW0CwbtSub%2Fy7MjUvEM43rFZz9Ou5tyitsDPdu%2BGaJutuNVPvhoxFdZkjlN%2FkpmWTm6KmRZ2E%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f2544229afb4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2021/06/26/1627314620658-6820b11c-be15-43f5-8fe9-9c5a5a70c2ca.jpg HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/06/26/1627314620658- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/jpeg date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIRO%2FhzJndm95XKStEhw0XvJlnDmx2%2FvS0qeQ3f6mbxQHxy7wKkUMQJ8b%2BB1Xr66WapzQz2nmqoIU3st0wl3QwZ%2Flbmb2WImZVlgxXK69l8eMAuGMzFNpQFEcM7E8ZKk3OAlZxU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f25443bbaab4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /vue@2.6.14/dist/vue.min.js HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: unpkg.com/vue@2.6.14/dist/vue.min.js FQDN: unpkg.com IP: 104.16.123.175 104.16.123.175 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 24 Nov 2022 13:00:43 GMT access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Sat, 26 Oct 1985 08:15:00 GMT etag: W/"16fc7-2o16WfTmzFXqWKvsM++c67m6Z8E" via: 1.1 fly.io fly-request-id: 01F7JYERAAW5E3031G1EAGDR8T cf-cache-status: HIT age: 14699012 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 76f25442893b0b61-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robo (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex vary: Accept-Encoding x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 cache-control: private x-do-orig-status: 200 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EJ1O2cfmiTty9sJJ35eUtQhGCFEZWjAr7sRBmyKk%2F%2FhMTC8yzauTPJIolJgMzQ9bt9fnK0p%2BamvRYWxbgwTW8azaFjclXoQx4SCeWVG1ru%2BovN%2Bbu%2FYTr0qyU2tzgW7RV9cv9Q%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f2543f6ddfb4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2021/06/23/1627034872559-2caa23ff-eecf-4033-b355-8c1f5da0ec76.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/06/23/1627034872559- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWhRF%2BU588M328oD09TpSxJ78yES05rhjRYNADOvXCYJHcd8LRm1PvBCtZr1KhGzFQnIysp7GDR98jMJrTI0YIt2xba0O8VPe%2Fy6boAxCnxnodmiMDsHg4KzAadEOlIE2omqBsY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f25442199bb4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2021/06/26/1627297013883-7dbc897f-02ca-4586-9259-4c23ea49acb5.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/06/26/1627297013883- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2B4q2ziC4pkUUVG7OzrakJZTJGfK%2FELWHzmC1ZZnztBATs3hfu6t09JR1NJw8q45KTlQq2d%2BV%2Bfv2b3wziN%2BfiiXKNHo1oZ0VzsfsAYoWcnGccZiUtqvLb65CkTQOH%2FMYYKhPBY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f25442299cb4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2022/02/04/1646413684488-18ea1365-fd52-4a50-b07f-2ba9046efb59.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2022/02/04/1646413684488- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJeIo65Ae5UljUM71K0IZ7BD5GzrLTYauJm7OYdqBSb6WZc%2F8XqPbxZMWRycxwUqf5UnqdJMZwU3ZYFavEVtiaWOS35Bx3%2BwRVlTzqaAW8yMMmPvbq2PthaY0nzIEp%2BHiga2Hqc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f25442198db4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2021/07/03/1627979101733-6f5c97a5-241b-4c75-a8ad-48f67971041f.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/07/03/1627979101733- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEKFqnBHvVSifapZxasGKTLIW%2BjvOHLxcBEnZy5EnBvu3eAHQnAldC0AnDNrRHPf%2B%2B%2Fku18vCeOTJ2EdqJddDt71ZwyLmPXLzfQwnBPml%2FyXLAKI8iHW9XlnFbktWKRDYau1BM0%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f2544229b0b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /services/offers/register?language=no&includesConsent=false&includesMinimumAge=true HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/services/offers/register?language=no (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 cache-control: private x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 13:00:43 GMT cf-cache-status: DYNAMIC vary: Accept-Encoding report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4fKPo9hmM0zMnoxtkX8QEorme50v1t91yowa0x%2FwSgqfEie81LmSYOLyv3jsZ1owE0XP17bFjv%2Bbn5Mg6dPqB19XIWKUs74SXDvolSOXm80j6LjUivQt7UQMZxMO%2BR9aiI77A4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254436b37b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/at/v5/tracking.js HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/at/v5/tracking.js FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 vary: Accept-Encoding x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:57:21 GMT cf-cache-status: HIT age: 3792 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XzWQy9%2BzedAR1z9hN2Npso5oc8pB8tKbWKR6fFQsFbi9VTLS2YAWs15V7Yaz1EPvKbIty9wfvQjmAeDE0UI%2BKizhOsNQY5y8HvrGTAsEsM6os2trT1u52K71c6wn%2B%2FxxYLR7e0%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254420989b4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2021/07/03/1627983967543-9619d850-d57a-4851-807a-02068b4f5e17.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/07/03/1627983967543- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JauyZjV5jeutQuxOL19Q7e9xyofNko%2BA4vtYT3zmvhAB0a8%2BssHWLz0raa0UHnzzgBxckGiFl25klBNCWNrm5NTTJSA8hRq1ELsKqWfeXRy2c4bYcsF4k3tDLZoYtvZWQNv2MPY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254421991b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            GET /pt/bx/vodafonechest/ HTTP/1.1 

                                        
                                            
Host: mobile1.fun

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         79.98.29.29

                                        
                                            HTTP/1.1 302 Found 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Date: Thu, 24 Nov 2022 13:00:41 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Connection: Upgrade, Keep-Alive 

                                        
                                            
Location: //whampamp.com/4/5087048?var=ag2 

                                        
                                            
Keep-Alive: timeout=2, max=100 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634" 

                                        
                                            
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5856 

                                        
                                            
Expires: Thu, 24 Nov 2022 14:38:18 GMT 

                                        
                                            
Date: Thu, 24 Nov 2022 13:00:42 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    054ff0d1a0a43f7cb1d78dbd34e27f99

                                                Sha1:   3caf54f3de1d6a8c6f6454083f8b8e7dec77db54

                                                Sha256: fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: +STwa8UMFT+92D7FJLvdvz0tM7PYgb5s9ZylOOCZmuRN7zIE3D9EJAcD+zLK3PmMu3IJ/YLpqro= 

                                        
                                            
x-amz-request-id: MD07YKHR70G4GY96 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Thu, 24 Nov 2022 12:40:24 GMT 

                                        
                                            
age: 1218 

                                        
                                            
last-modified: Thu, 10 Nov 2022 09:21:27 GMT 

                                        
                                            
etag: "9ebddc2b260d081ebbefee47c037cb28" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    9ebddc2b260d081ebbefee47c037cb28

                                                Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39

                                                Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=11666 

                                        
                                            
Expires: Thu, 24 Nov 2022 16:15:08 GMT 

                                        
                                            
Date: Thu, 24 Nov 2022 13:00:42 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    94d86bd8aa3fb64d5ef4ba39b2093f46

                                                Sha1:   f6f8b969e6d14af88dcd584c72ad52d904d459e9

                                                Sha256: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e

                                        
                                            GET /img.gif?f=merge&userId=07a6e12e38534ee28eecfadaefea5a67 HTTP/1.1 

                                        
                                            
Host: my.rtmark.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://whampamp.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         139.45.195.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 24 Nov 2022 13:00:42 GMT 

                                        
                                            
content-length: 43 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE 

                                        
                                            
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token 

                                        
                                            
access-control-expose-headers: Authorization 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
set-cookie: ID=07a6e12e38534ee28eecfadaefea5a67; expires=Fri, 24 Nov 2023 13:00:42 GMT; secure; SameSite=None 

                                        
                                            
strict-transport-security: max-age=1 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: *, * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    b4491705564909da7f9eaf749dbbfbb1

                                                Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8

                                                Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Thu, 24 Nov 2022 12:08:53 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 3109 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5703 

                                        
                                            
Cache-Control: max-age=164470 

                                        
                                            
Date: Thu, 24 Nov 2022 13:00:42 GMT 

                                        
                                            
Etag: "637f3429-1d7" 

                                        
                                            
Expires: Sat, 26 Nov 2022 10:41:52 GMT 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT 

                                        
                                            
Server: ECS (ska/F706) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    fb6949e7abaa473393f7c604691de14f

                                                Sha1:   599681bba3947709baa603bbae2dd7afd04059a4

                                                Sha256: 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

                                        
                                            GET /assets/reg/v2/registration.js HTTP/1.1 

                                        
                                            
Host: broker-systems.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.21.79.157

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
x-powered-by: Express 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-robots-tag: noindex 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 

                                        
                                            
x-do-orig-status: 200 

                                        
                                            
last-modified: Thu, 24 Nov 2022 09:57:21 GMT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 3792 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QlbRASLJEsNxXVCj4sA%2Ff9pPRqreYCeUn%2BFFfIAHeujL3kgDCtFcSevFQGwwQ5dZFCtSQfncIxMHfT%2FCaRHsfsc0%2F8bEkHOHFN9341d0G4ckkgQBcTcfwAAv75UnATqzoG2qO0%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f254420986b4ee-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (22747)

                                                Size:   5581

                                                Md5:    8130a53585aca8f3fd0e0a8c58959606

                                                Sha1:   314209692757571885c910988c5f15297bbf4f15

                                                Sha256: 9ee7da4527ca3efd371a0432ea2e5b6e663a4f8b2cff789c84f4c7de48fae600

                                        
                                            GET /assets/img/2021/07/03/1627994280359-a8930d1d-c68c-48c1-9109-f4c3e8036b91.png HTTP/1.1 

                                        
                                            
Host: broker-systems.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.21.79.157

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
x-powered-by: Express 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-robots-tag: noindex 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 

                                        
                                            
x-do-orig-status: 200 

                                        
                                            
last-modified: Thu, 24 Nov 2022 09:37:03 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 4988 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYrJWRG66IndkOgg3A1ZbK6Rgv%2FzaAbzy%2FRp%2Fx%2F1%2FzA0kE0DrJGHkCjYDRIF%2FmYxZ9BPKGjfES4%2BAxHNoBeaeqwE4il79xjc3RdPtpWJS%2Bz%2Fdc8%2BDyglvpF5AivStO0OvfGd51o%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f2544229a0b4ee-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 119 x 113, 8-bit colormap, non-interlaced\012- data

                                                Size:   2242

                                                Md5:    d34130a210e108e15c275dbf36154a9d

                                                Sha1:   7cb1d72515aacfdf876f52fa39e7aba7ef3b9494

                                                Sha256: 92ce88294e6ad5f0b65ef207d7d5bad9286894fe8f411a48886e084ad100887a

                                        
                                            GET /css2?family=Cabin:wght@400;700&display=swap HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.10

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   799

                                                Md5:    e855b54c48bd1df8a7e02055026d7c52

                                                Sha1:   e101ae16c9aa1ce66b55bb62fa43e51b2d126c32

                                                Sha256: f6101b009501ac1bbabd50961fadec3bb9f5e3bb893f0debd46fe7a155e5e278

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    dd0dd96ca622aa07354fabdd0da767bf

                                                Sha1:   a29eaa02a81dabed2c12be20a89d65a5a0417524

                                                Sha256: 6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    aee1eaa2ef2d0edbb0bc5703979e6439

                                                Sha1:   8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db

                                                Sha256: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1

                                        
                                            GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://broker-systems.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         216.58.207.195

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 26100 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Wed, 23 Nov 2022 18:28:35 GMT 

                                        
                                            
expires: Thu, 23 Nov 2023 18:28:35 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 66728 

                                        
                                            
last-modified: Fri, 24 Jun 2022 18:41:34 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data

                                                Size:   26100

                                                Md5:    312bcfa92b0b0a09c3f404b2c662a0b6

                                                Sha1:   5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a

                                                Sha256: 979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec

                                        
                                            GET /optimize.js?id=OPT-TLN47DR HTTP/1.1 

                                        
                                            
Host: www.googleoptimize.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: Cache-Control 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
expires: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
cache-control: private, max-age=900 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Google Tag Manager 

                                        
                                            
content-length: 45228 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (1921)

                                                Size:   45228

                                                Md5:    e020ce690007c895d1070182bb990372

                                                Sha1:   9f875f5e4585f54ea792bbe115dc91c6e2f42f0e

                                                Sha256: c67474a0fb12b5dd3ca1fedd6bc025a8c4e36b545b11d3cc628c7735c42a7a19

                                        
                                            GET /flags/4x3/no.svg HTTP/1.1 

                                        
                                            
Host: flagicons.lipis.dev

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         185.199.108.153

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
server: GitHub.com 

                                        
                                            
x-origin-cache: HIT 

                                        
                                            
last-modified: Wed, 19 Oct 2022 08:52:22 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
etag: W/"634fbac6-13e" 

                                        
                                            
expires: Sun, 20 Nov 2022 06:21:53 GMT 

                                        
                                            
cache-control: max-age=600 

                                        
                                            
content-encoding: gzip 

                                        
                                            
x-proxy-cache: MISS 

                                        
                                            
x-github-request-id: ECA6:9356:1523F66:1CD8CDC:6379C529 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
via: 1.1 varnish 

                                        
                                            
age: 157 

                                        
                                            
x-served-by: cache-bma1662-BMA 

                                        
                                            
x-cache: HIT 

                                        
                                            
x-cache-hits: 1 

                                        
                                            
x-timer: S1669294844.860356,VS0,VE1 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-fastly-request-id: 726cce526703d08075d0b177e79d022cbf0d37d9 

                                        
                                            
content-length: 188 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text

                                                Size:   188

                                                Md5:    f916e66fd4723d7b98979d330bdab4d4

                                                Sha1:   b30df178bab8c3751c9e593dc19999823d98c6a7

                                                Sha256: 9c4ce2506adbbb63dda2139fb698e6ec80134b41862e8206d431ba3607cd4148

                                        
                                            GET /p.js?f=sync&lr=1&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a HTTP/1.1 

                                        
                                            
Host: my.rtmark.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         139.45.195.8

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
content-length: 697 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE 

                                        
                                            
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token 

                                        
                                            
access-control-expose-headers: Authorization 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
strict-transport-security: max-age=1 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
timing-allow-origin: *, * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   697

                                                Md5:    109d9d0f284658da4525b3d1c0ead2ec

                                                Sha1:   3fc4214c1bef95a85db5eaa84c262d6d85275b6e

                                                Sha256: 73657615b5abe9d595c5dcb7faa33dd526743bc03168c7fd72de56d573c5cc7c

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5907 

                                        
                                            
Cache-Control: max-age=104943 

                                        
                                            
Date: Thu, 24 Nov 2022 13:00:44 GMT 

                                        
                                            
Etag: "637e4ad8-118" 

                                        
                                            
Expires: Fri, 25 Nov 2022 18:09:47 GMT 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 16:31:20 GMT 

                                        
                                            
Server: ECS (ska/F706) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   280

                                                Md5:    9fc47df66f766e631ee72b07f14eae3c

                                                Sha1:   10efe23c2677829012ec3ac1c0cd45fcbb0c851b

                                                Sha256: abb9ee4b6ce6bc3df8bde8309882b1c3b07a627629200d8e6080ae24ec3a2775

                                        
                                            GET /external/465726082.hd.mp4?s=e5c3d3024ed8e02293307a9d67b5e6f9b16e59e8&profile_id=174 HTTP/1.1 

                                        
                                            
Host: player.vimeo.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Range: bytes=0- 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/ 

                                        
                                            
Sec-Fetch-Dest: video 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         162.159.138.60

                                        
                                            HTTP/1.1 302 Found

                                        

                                        
                                            
Date: Thu, 24 Nov 2022 13:00:44 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 

                                        
                                            
Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com 

                                        
                                            
Expires: Fri, 15 Dec 1985 19:30:00 GMT 

                                        
                                            
Location: https://vod-progressive.akamaized.net/exp=1669309244~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=6d17927a8b6844c584f4873ee50f2fd0ffe8f35499a0a0e237ef9aae508683fd/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4 

                                        
                                            
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Host: player-backend-5ff8dcb846-7sq97 

                                        
                                            
X-Player-Backend: g 

                                        
                                            
X-Xss-Protection: 1; mode=block 

                                        
                                            
Via: 1.1 google, 1.1 varnish 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 0 

                                        
                                            
X-Served-By: cache-cph2320028-CPH 

                                        
                                            
X-Cache: MISS 

                                        
                                            
X-Cache-Hits: 0 

                                        
                                            
X-Timer: S1669294844.050903,VS0,VE148 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Set-Cookie: __cf_bm=vY9oK_VE3oljmdjEgS_s1ghPx2m6p7Qt2sB0N1IbhGI-1669294844-0-AY77HnRHOq3+JDk9TTGxdigAHZKIpSwF82wDFKWAKTyLjEuUKkR8IhjRj3UkXHEkilDp1FL5gyx2aVIeEbtO9Jk=; path=/; expires=Thu, 24-Nov-22 13:30:44 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 76f2544738c20b39-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=21163 

                                        
                                            
Expires: Thu, 24 Nov 2022 18:53:27 GMT 

                                        
                                            
Date: Thu, 24 Nov 2022 13:00:44 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    6827d82f488045e02e40d6a2fdbae4b3

                                                Sha1:   4944139a4b08769511ffc6aa913857d88a0db7bc

                                                Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=21163 

                                        
                                            
Expires: Thu, 24 Nov 2022 18:53:27 GMT 

                                        
                                            
Date: Thu, 24 Nov 2022 13:00:44 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    6827d82f488045e02e40d6a2fdbae4b3

                                                Sha1:   4944139a4b08769511ffc6aa913857d88a0db7bc

                                                Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=21163 

                                        
                                            
Expires: Thu, 24 Nov 2022 18:53:27 GMT 

                                        
                                            
Date: Thu, 24 Nov 2022 13:00:44 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    6827d82f488045e02e40d6a2fdbae4b3

                                                Sha1:   4944139a4b08769511ffc6aa913857d88a0db7bc

                                                Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

                                        
                                            GET /exp=1669309244~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=6d17927a8b6844c584f4873ee50f2fd0ffe8f35499a0a0e237ef9aae508683fd/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4 HTTP/1.1 

                                        
                                            
Host: vod-progressive.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Range: bytes=0- 

                                        
                                            
Referer: https://broker-systems.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: video 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         23.36.76.123

                                        
                                            HTTP/1.1 206 Partial Content 

                                        
                                            
Content-Type: video/mp4

                                        

                                        
                                            
X-GUploader-UploadID: ADPycdvFALOJgFC8lHRE0XZtj_vOO8NMw94V883uDWMJyDi0Z5tzcMZ5sJ_cbHrMp_W3I5t9ZIwCFXUG4i7oN_MZINQBq6BT75Ie 

                                        
                                            
x-goog-generation: 1661020573365224 

                                        
                                            
x-goog-metageneration: 1 

                                        
                                            
x-goog-stored-content-encoding: identity 

                                        
                                            
x-goog-stored-content-length: 11965965 

                                        
                                            
x-amz-meta-x-goog-reserved-source-generation: 1602068348320686 

                                        
                                            
x-goog-hash: crc32c=hqujiA==, md5=DBrrzNDq44InOGp42cFLAQ== 

                                        
                                            
x-goog-storage-class: COLDLINE 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: UploadServer 

                                        
                                            
Aka-c-hit: cache-hit 

                                        
                                            
Last-Modified: Sat, 20 Aug 2022 18:36:13 GMT 

                                        
                                            
ETag: "0c1aebccd0eae38227386a78d9c14b01" 

                                        
                                            
Cache-Control: private, max-age=25922394 

                                        
                                            
Expires: Wed, 20 Sep 2023 13:40:38 GMT 

                                        
                                            
Date: Thu, 24 Nov 2022 13:00:44 GMT 

                                        
                                            
Content-Range: bytes 0-11965964/11965965 

                                        
                                            
Content-Length: 11965965 

                                        
                                            
Connection: keep-alive 

                                        
                                            
AK-REFERENCE-ID: 0.774c2417.1669294844.2f27aab 

                                        
                                            
Akamai-Mon-Iucid-Del: 875210 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
Timing-Allow-Origin: * 

                                        
                                            
X-VIM-CACHEBC: EP:H11,E:h 

                                        
                                            
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, AK-REFERENCE-ID 

                                        
                                            
Akamai-Edge-IP: 23.36.76.123 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ISO Media, MP4 v2 [ISO 14496-14]\012- data

                                                Size:   11965965

                                                Md5:    0c1aebccd0eae38227386a78d9c14b01

                                                Sha1:   f05673ace82e6c754989e36334a939d66fadf3c8

                                                Sha256: d945e04c74f6b88360ee453d3183015ed971b3dd55c89de0d36e11e117c0137d

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 24 Nov 2022 13:00:44 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    b9d9f8ed6c8abffda48365f6bc32b84b

                                                Sha1:   33ad802992d04ae77047e05a68120cb4e42a00e6

                                                Sha256: 7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8748 

                                        
                                            
x-amzn-requestid: 864da50a-44bb-4d20-b499-08c2a140871e 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cEvCtENmoAMFqKw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637e9211-2705cc956f2c2aa5535533b0;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: xT0IorkRpXysoYMnugcrV40YaAxoRPjLmkPcv1ElteP_-rNZ1c6fog== 

                                        
                                            
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 23 Nov 2022 21:48:57 GMT 

                                        
                                            
age: 54707 

                                        
                                            
etag: "a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8748

                                                Md5:    28381329eca6c426a8b05fcdef4aafcc

                                                Sha1:   a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a

                                                Sha256: 4fc8414d39bbaacb1e6575924bd0bbb9373d78b177022f7d3c6457829abffd06

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 4309 

                                        
                                            
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: b1U8xGxgIAMF-qQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C3 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg== 

                                        
                                            
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 24 Nov 2022 05:04:28 GMT 

                                        
                                            
age: 28576 

                                        
                                            
etag: "126771b86638108050cf57c0d12faa27f80f0edb" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   4309

                                                Md5:    841a4b110022a99ddea6f7bf66df0fa1

                                                Sha1:   126771b86638108050cf57c0d12faa27f80f0edb

                                                Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

                                        
                                            POST /g/collect?v=2&tid=G-Y5BMFENDVB&gtm=2oeb90&_p=558186308&cid=1542866630.1669294844&ul=en-us&sr=1280x1024&_s=1&sid=1669294843&sct=1&seg=0&dl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D619630080876089819%26country%3DNO%26campaignid%3D6340333%26cost%3D0.002546%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D5087048%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3&dt=broker-systems.com&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 

                                        
                                            
Host: region1.google-analytics.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://broker-systems.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Content-Length: 0

                                         216.239.34.36

                                        
                                            HTTP/2 204 No Content 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
access-control-allow-origin: https://broker-systems.com 

                                        
                                            
date: Thu, 24 Nov 2022 13:00:45 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /assets/img/2021/08/08/1631094157993-71e6734e-0583-460e-ad85-f2e9c96f6f65.png HTTP/1.1 

                                        
                                            
Host: broker-systems.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 

                                        
                                            
Cookie: _ga_Y5BMFENDVB=GS1.1.1669294843.1.0.1669294843.0.0.0; _ga=GA1.1.1542866630.1669294844 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.21.79.157

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
date: Thu, 24 Nov 2022 13:00:44 GMT 

                                        
                                            
x-powered-by: Express 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-robots-tag: noindex 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 

                                        
                                            
x-do-orig-status: 200 

                                        
                                            
last-modified: Thu, 24 Nov 2022 10:03:40 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 3397 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4%2FOFDTt1DxLrULgJLdUuYUSk3ox%2FIHAsmETi8nm7grjOxOKFt9aNToLG%2BS9HBRRmMjQnm5mFbE7Buuwqavx%2BlIRjk20slMEsTCyzgl82D%2BMAHGpZDlYD43Q67aiCQJ922%2BPpUo%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f254471882b4ee-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /assets/img/2021/07/03/1627994332152-c4584953-f3aa-4b49-b0fb-e9b64e9d2a97.png HTTP/1.1 

                                        
                                            
Host: broker-systems.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.21.79.157

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
x-powered-by: Express 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-robots-tag: noindex 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 

                                        
                                            
x-do-orig-status: 200 

                                        
                                            
last-modified: Thu, 24 Nov 2022 09:37:03 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 4988 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2z7jhcRCATVURQa%2FozihINiDiOfhduZHKpvSeOB6T7Qtgo7h%2BOq34V8GtQ5qYiBW0CwbtSub%2Fy7MjUvEM43rFZz9Ou5tyitsDPdu%2BGaJutuNVPvhoxFdZkjlN%2FkpmWTm6KmRZ2E%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f2544229afb4ee-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /vue@2.6.14/dist/vue.min.js HTTP/1.1 

                                        
                                            
Host: unpkg.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.16.123.175

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
last-modified: Sat, 26 Oct 1985 08:15:00 GMT 

                                        
                                            
etag: W/"16fc7-2o16WfTmzFXqWKvsM++c67m6Z8E" 

                                        
                                            
via: 1.1 fly.io 

                                        
                                            
fly-request-id: 01F7JYERAAW5E3031G1EAGDR8T 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 14699012 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f25442893b0b61-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /assets/img/2021/06/23/1627034872559-2caa23ff-eecf-4033-b355-8c1f5da0ec76.png HTTP/1.1 

                                        
                                            
Host: broker-systems.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.21.79.157

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
x-powered-by: Express 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-robots-tag: noindex 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 

                                        
                                            
x-do-orig-status: 200 

                                        
                                            
last-modified: Thu, 24 Nov 2022 09:37:03 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 4988 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWhRF%2BU588M328oD09TpSxJ78yES05rhjRYNADOvXCYJHcd8LRm1PvBCtZr1KhGzFQnIysp7GDR98jMJrTI0YIt2xba0O8VPe%2Fy6boAxCnxnodmiMDsHg4KzAadEOlIE2omqBsY%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f25442199bb4ee-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /assets/img/2022/02/04/1646413684488-18ea1365-fd52-4a50-b07f-2ba9046efb59.png HTTP/1.1 

                                        
                                            
Host: broker-systems.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.21.79.157

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
x-powered-by: Express 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-robots-tag: noindex 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 

                                        
                                            
x-do-orig-status: 200 

                                        
                                            
last-modified: Thu, 24 Nov 2022 09:37:03 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 4988 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJeIo65Ae5UljUM71K0IZ7BD5GzrLTYauJm7OYdqBSb6WZc%2F8XqPbxZMWRycxwUqf5UnqdJMZwU3ZYFavEVtiaWOS35Bx3%2BwRVlTzqaAW8yMMmPvbq2PthaY0nzIEp%2BHiga2Hqc%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f25442198db4ee-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /services/offers/register?language=no&includesConsent=false&includesMinimumAge=true HTTP/1.1 

                                        
                                            
Host: broker-systems.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.21.79.157

                                        
                                            HTTP/2 200 OK

                                        

                                        
                                            
date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
x-powered-by: Express 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-robots-tag: noindex 

                                        
                                            
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 

                                        
                                            
cache-control: private 

                                        
                                            
x-do-orig-status: 200 

                                        
                                            
last-modified: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4fKPo9hmM0zMnoxtkX8QEorme50v1t91yowa0x%2FwSgqfEie81LmSYOLyv3jsZ1owE0XP17bFjv%2Bbn5Mg6dPqB19XIWKUs74SXDvolSOXm80j6LjUivQt7UQMZxMO%2BR9aiI77A4%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f254436b37b4ee-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /assets/img/2021/07/03/1627983967543-9619d850-d57a-4851-807a-02068b4f5e17.png HTTP/1.1 

                                        
                                            
Host: broker-systems.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         104.21.79.157

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
date: Thu, 24 Nov 2022 13:00:43 GMT 

                                        
                                            
x-powered-by: Express 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-robots-tag: noindex 

                                        
                                            
cache-control: public, max-age=14400 

                                        
                                            
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 

                                        
                                            
x-do-orig-status: 200 

                                        
                                            
last-modified: Thu, 24 Nov 2022 09:37:03 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 4988 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JauyZjV5jeutQuxOL19Q7e9xyofNko%2BA4vtYT3zmvhAB0a8%2BssHWLz0raa0UHnzzgBxckGiFl25klBNCWNrm5NTTJSA8hRq1ELsKqWfeXRy2c4bYcsF4k3tDLZoYtvZWQNv2MPY%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 76f254421991b4ee-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	mobile1.fun/pt/bx/vodafonechest/
IP	79.98.29.29 (Lithuania)
ASN	#212531 UAB Interneto vizija
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-24 13:00:54 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	4
urlquery alerts	No alerts detected
Tags	None

Request	Response
GET /pt/bx/vodafonechest/ HTTP/1.1 Host: mobile1.fun User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: mobile1.fun/pt/bx/vodafonechest/ FQDN: mobile1.fun IP: 79.98.29.29 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 79.98.29.29 HTTP/1.1 302 Found Content-Type: text/html Date: Thu, 24 Nov 2022 13:00:41 GMT Server: Apache Connection: Upgrade, Keep-Alive Location: //whampamp.com/4/5087048?var=ag2 Keep-Alive: timeout=2, max=100 Transfer-Encoding: chunked --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5" Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6392 Expires: Thu, 24 Nov 2022 14:47:14 GMT Date: Thu, 24 Nov 2022 13:00:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1456357aecbd23f21ad98da57e0127eb Sha1: 7074815b39fa8da9013883971d665e4c1b0797ea Sha256: f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634" Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5856 Expires: Thu, 24 Nov 2022 14:38:18 GMT Date: Thu, 24 Nov 2022 13:00:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 054ff0d1a0a43f7cb1d78dbd34e27f99 Sha1: 3caf54f3de1d6a8c6f6454083f8b8e7dec77db54 Sha256: fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6119 Cache-Control: max-age=169948 Date: Thu, 24 Nov 2022 13:00:42 GMT Etag: "637f47ef-1d7" Expires: Sat, 26 Nov 2022 12:13:10 GMT Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: af40a2fcf8debb90c3608002da6c907a Sha1: 3c75d6c0b557a3bd8d5db50155b8d896e852c145 Sha256: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: +STwa8UMFT+92D7FJLvdvz0tM7PYgb5s9ZylOOCZmuRN7zIE3D9EJAcD+zLK3PmMu3IJ/YLpqro= x-amz-request-id: MD07YKHR70G4GY96 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 24 Nov 2022 12:40:24 GMT age: 1218 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 24 Nov 2022 12:18:58 GMT cache-control: public,max-age=3600 age: 2504 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 567df7db606cf5d0871aa5bc9311b6da Sha1: 4263faac7cbab2fcaf6661911dcad5091c06be17 Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /4/5087048?var=ag2 HTTP/1.1 Host: whampamp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: whampamp.com/4/5087048?var=ag2 FQDN: whampamp.com IP: 139.45.197.236 HASH: bbf6318e8c64219acc55537dc675da49806e3aa4a8ba867edeb67bf362d77bac 139.45.197.236 HTTP/1.1 200 OK Content-Type: text/html; charset=utf8 Server: nginx Date: Thu, 24 Nov 2022 13:00:42 GMT Transfer-Encoding: chunked Connection: keep-alive X-Trace-Id: 0f69ca0430d64153ba8510322ef1c829 Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" Access-Control-Allow-Credentials: true Access-Control-Max-Age: 86400 Timing-Allow-Origin: * Set-Cookie: OAID=07a6e12e38534ee28eecfadaefea5a67; expires=Fri, 24 Nov 2023 13:00:42 GMT; path=/ oaidts=1669294842; expires=Fri, 24 Nov 2023 13:00:42 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT Pragma: no-cache, no-cache Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT Access-Control-Allow-Origin: , Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5406) Size: 2954 Md5: 539cd59f5476fc368437fdba2d362fe3 Sha1: f37a55e44173017eeb836e0c89f994c163a9fb71 Sha256: bbf6318e8c64219acc55537dc675da49806e3aa4a8ba867edeb67bf362d77bac Alerts: Blocklists: - quad9: Sinkholed
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 24 Nov 2022 13:00:42 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E" Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11666 Expires: Thu, 24 Nov 2022 16:15:08 GMT Date: Thu, 24 Nov 2022 13:00:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 94d86bd8aa3fb64d5ef4ba39b2093f46 Sha1: f6f8b969e6d14af88dcd584c72ad52d904d459e9 Sha256: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e
GET /favicon.ico HTTP/1.1 Host: whampamp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://whampamp.com/4/5087048?var=ag2 Cookie: OAID=07a6e12e38534ee28eecfadaefea5a67; oaidts=1669294842	URL: whampamp.com/favicon.ico FQDN: whampamp.com IP: 139.45.197.236 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.236 HTTP/1.1 204 No Content Server: nginx Date: Thu, 24 Nov 2022 13:00:42 GMT Connection: keep-alive Expires: Thu, 31 Dec 2037 23:55:55 GMT Pragma: public Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /img.gif?f=merge&userId=07a6e12e38534ee28eecfadaefea5a67 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://whampamp.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: my.rtmark.net/img.gif?f=merge&userId=07a6e12e38534ee28e (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.195.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Thu, 24 Nov 2022 13:00:42 GMT content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=07a6e12e38534ee28eecfadaefea5a67; expires=Fri, 24 Nov 2023 13:00:42 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /?z=5087048&syncedCookie=true&rhd=false HTTP/1.1 Host: whampamp.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Content-Length: 463 Origin: http://whampamp.com Connection: keep-alive Referer: http://whampamp.com/afu.php?zoneid=5087048&var=5087048&rid=uZkGuFtJfk-T2gq_XdzZSg%3D%3D&rhd=false Cookie: OAID=07a6e12e38534ee28eecfadaefea5a67; oaidts=1669294842 Upgrade-Insecure-Requests: 1	URL: whampamp.com/?z=5087048&syncedCookie=true&rhd=false FQDN: whampamp.com IP: 139.45.197.236 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 139.45.197.236 HTTP/1.1 302 Found Server: nginx Date: Thu, 24 Nov 2022 13:00:42 GMT Content-Length: 0 Connection: keep-alive X-Trace-Id: 43d77d8af021f69389e16083925cfcbf Link: <https://broker-systems.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch" Referrer-Policy: no-referrer Location: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Access-Control-Allow-Origin: http://whampamp.com Access-Control-Allow-Credentials: true Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding Access-Control-Max-Age: 86400 Pragma: no-cache Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0 Expires: Tue, 11 Jan 1994 10:00:00 GMT Set-Cookie: OAID=07a6e12e38534ee28eecfadaefea5a67; expires=Fri, 24 Nov 2023 13:00:42 GMT; path=/ oaidts=1669294842; expires=Fri, 24 Nov 2023 13:00:42 GMT; path=/ syncedCookie=true; expires=Thu, 01 Dec 2022 13:00:42 GMT; path=/ Strict-Transport-Security: max-age=1 X-Content-Type-Options: nosniff Timing-Allow-Origin: , --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - quad9: Sinkholed
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 24 Nov 2022 12:08:53 GMT cache-control: public,max-age=3600 age: 3109 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 3e9326eed70039fb966609c04fa7da9c6f714d3c674b0bce36f2abe109511f2f 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Cache-Control: max-age=152665 Date: Thu, 24 Nov 2022 13:00:42 GMT Etag: "637f1c53-118" Expires: Sat, 26 Nov 2022 07:25:07 GMT Last-Modified: Thu, 24 Nov 2022 07:25:07 GMT Server: nginx Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 308eff1f289275eba76cbe78567c4f22 Sha1: b8bc7278977fa4116ee664708fabba403f8bbe3a Sha256: 3e9326eed70039fb966609c04fa7da9c6f714d3c674b0bce36f2abe109511f2f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5703 Cache-Control: max-age=164470 Date: Thu, 24 Nov 2022 13:00:42 GMT Etag: "637f3429-1d7" Expires: Sat, 26 Nov 2022 10:41:52 GMT Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fb6949e7abaa473393f7c604691de14f Sha1: 599681bba3947709baa603bbae2dd7afd04059a4 Sha256: 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: iXnqIhOHobfhFKDy/LsVkQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.86.38.2 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.86.38.2 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: fxptF6f/Wxi9NGRQF6QMKvnocO4= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/reg/v2/registration.js HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/reg/v2/registration.js FQDN: broker-systems.com IP: 104.21.79.157 HASH: 9ee7da4527ca3efd371a0432ea2e5b6e663a4f8b2cff789c84f4c7de48fae600 104.21.79.157 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 vary: Accept-Encoding x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:57:21 GMT cf-cache-status: HIT age: 3792 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QlbRASLJEsNxXVCj4sA%2Ff9pPRqreYCeUn%2BFFfIAHeujL3kgDCtFcSevFQGwwQ5dZFCtSQfncIxMHfT%2FCaRHsfsc0%2F8bEkHOHFN9341d0G4ckkgQBcTcfwAAv75UnATqzoG2qO0%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254420986b4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (22747) Size: 5581 Md5: 8130a53585aca8f3fd0e0a8c58959606 Sha1: 314209692757571885c910988c5f15297bbf4f15 Sha256: 9ee7da4527ca3efd371a0432ea2e5b6e663a4f8b2cff789c84f4c7de48fae600
GET /assets/img/2021/07/03/1627994300561-5bf0b534-f69d-4dab-ba2c-ade842022f0f.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/07/03/1627994300561- (...) FQDN: broker-systems.com IP: 104.21.79.157 HASH: 57c764fc6b98dd553ee7d944391a3bdbe85179f1f24c609275a2ce85262ef357 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:57:21 GMT vary: Accept-Encoding cf-cache-status: HIT age: 3792 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugmbZ4TwAUPZ9IQ9ECpmOpxeCoJbT55yTMowtAcjLAx7o8RVEUclg95%2FuhZZDsCDZeY2atnC1FF8I%2BzC%2B%2FegdKLXy1h53Q7tKhcs%2BUpedhfKbhxGLIIoKp6iIx1gMNFUDvq3zh4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f2544229a8b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 120 x 102, 8-bit colormap, non-interlaced\012- data Size: 1319 Md5: bab54e9a9549fec58a0294b8cffdd720 Sha1: d5abb83c7522f3686dc89e5ec8f48e61d3a02900 Sha256: 57c764fc6b98dd553ee7d944391a3bdbe85179f1f24c609275a2ce85262ef357
GET /assets/img/2021/07/03/1627994280359-a8930d1d-c68c-48c1-9109-f4c3e8036b91.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/07/03/1627994280359- (...) FQDN: broker-systems.com IP: 104.21.79.157 HASH: 92ce88294e6ad5f0b65ef207d7d5bad9286894fe8f411a48886e084ad100887a 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYrJWRG66IndkOgg3A1ZbK6Rgv%2FzaAbzy%2FRp%2Fx%2F1%2FzA0kE0DrJGHkCjYDRIF%2FmYxZ9BPKGjfES4%2BAxHNoBeaeqwE4il79xjc3RdPtpWJS%2Bz%2Fdc8%2BDyglvpF5AivStO0OvfGd51o%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f2544229a0b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 119 x 113, 8-bit colormap, non-interlaced\012- data Size: 2242 Md5: d34130a210e108e15c275dbf36154a9d Sha1: 7cb1d72515aacfdf876f52fa39e7aba7ef3b9494 Sha256: 92ce88294e6ad5f0b65ef207d7d5bad9286894fe8f411a48886e084ad100887a
GET /assets/reg/v2/registration-form.js HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/reg/v2/registration-form.js FQDN: broker-systems.com IP: 104.21.79.157 HASH: 5fa3caaaf3da2b1ce77fabf6a8b6ce9d08ba2517ff56cd0c5df3b86a25e6397d 104.21.79.157 HTTP/2 200 OK content-type: text/javascript; charset=utf-8 date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 vary: Accept-Encoding x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuiG0g%2BoRyRicer%2BWeNScumkZzgeJE7lKlxSN%2FupsKXEK2r5L9GWNl95%2FTmM2bjlWyrZziW9qVgCxDfAAg%2Fbae6PAQfus7hNddz2iKJY6Bm8gYgzRemQLPenIycdZ94j%2BpG4Ejk%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254420987b4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (41190) Size: 59041 Md5: 610cd956e68d501870769eb8c46485c0 Sha1: 7f1ae893992756fe0d11f3fa02bdef25e5aaafec Sha256: 5fa3caaaf3da2b1ce77fabf6a8b6ce9d08ba2517ff56cd0c5df3b86a25e6397d
GET /css2?family=Cabin:wght@400;700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css2?family=Cabin:wght@400;700&dis (...) FQDN: fonts.googleapis.com IP: 142.250.74.10 HASH: f6101b009501ac1bbabd50961fadec3bb9f5e3bb893f0debd46fe7a155e5e278 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 24 Nov 2022 13:00:43 GMT date: Thu, 24 Nov 2022 13:00:43 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 799 Md5: e855b54c48bd1df8a7e02055026d7c52 Sha1: e101ae16c9aa1ce66b55bb62fa43e51b2d126c32 Sha256: f6101b009501ac1bbabd50961fadec3bb9f5e3bb893f0debd46fe7a155e5e278
GET /assets/img/2021/07/03/1627983981297-09ae9196-87ef-4a69-938e-8ca455880a42.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/07/03/1627983981297- (...) FQDN: broker-systems.com IP: 104.21.79.157 HASH: 70f5521ff170d664f7a2f43ab55f612f72f50852ef2eec213bea55cfe5c2cfa7 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwVr2ov7ouDdmdVMfbcaQsST7bBJ7wv4I6%2BN0R8qNyMM6DXfzHHiteTUGUkRZpyQOxe6s%2BqPyFra%2F21KKbMCUEeUpgFktMTlZjwV4D%2Fs7NDA1t5%2FqPOawtZYUJS2X9E9M5mSWog%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254421994b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 300 x 66, 8-bit/color RGBA, non-interlaced\012- data Size: 7876 Md5: 0f5a2647ad311b820655847123107921 Sha1: 6a08d83a003ae0988ecbc4db5837a4b16100fc15 Sha256: 70f5521ff170d664f7a2f43ab55f612f72f50852ef2eec213bea55cfe5c2cfa7
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: dd0dd96ca622aa07354fabdd0da767bf Sha1: a29eaa02a81dabed2c12be20a89d65a5a0417524 Sha256: 6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 23.36.77.32 HASH: 1c54351546080ee0abc8faff0b81a5ea222914f24fe4b200e267d2ab119bbc5d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "1C54351546080EE0ABC8FAFF0B81A5EA222914F24FE4B200E267D2AB119BBC5D" Last-Modified: Wed, 23 Nov 2022 01:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5562 Expires: Thu, 24 Nov 2022 14:33:25 GMT Date: Thu, 24 Nov 2022 13:00:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: 970dc5ce1693949b64ea15b24bfb639b Sha1: af2f53945ecacc020fc56eb01089f589f5711eda Sha256: 1c54351546080ee0abc8faff0b81a5ea222914f24fe4b200e267d2ab119bbc5d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: aee1eaa2ef2d0edbb0bc5703979e6439 Sha1: 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db Sha256: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: aee1eaa2ef2d0edbb0bc5703979e6439 Sha1: 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db Sha256: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://broker-systems.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpb (...) FQDN: fonts.gstatic.com IP: 216.58.207.195 HASH: 979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec 216.58.207.195 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 26100 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 18:28:35 GMT expires: Thu, 23 Nov 2023 18:28:35 GMT cache-control: public, max-age=31536000 age: 66728 last-modified: Fri, 24 Jun 2022 18:41:34 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data Size: 26100 Md5: 312bcfa92b0b0a09c3f404b2c662a0b6 Sha1: 5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a Sha256: 979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: aee1eaa2ef2d0edbb0bc5703979e6439 Sha1: 8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db Sha256: 095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
GET /optimize.js?id=OPT-TLN47DR HTTP/1.1 Host: www.googleoptimize.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googleoptimize.com/optimize.js?id=OPT-TLN47DR FQDN: www.googleoptimize.com IP: 142.250.74.46 HASH: c67474a0fb12b5dd3ca1fedd6bc025a8c4e36b545b11d3cc628c7735c42a7a19 142.250.74.46 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 24 Nov 2022 13:00:43 GMT expires: Thu, 24 Nov 2022 13:00:43 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 45228 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1921) Size: 45228 Md5: e020ce690007c895d1070182bb990372 Sha1: 9f875f5e4585f54ea792bbe115dc91c6e2f42f0e Sha256: c67474a0fb12b5dd3ca1fedd6bc025a8c4e36b545b11d3cc628c7735c42a7a19
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E" Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11665 Expires: Thu, 24 Nov 2022 16:15:08 GMT Date: Thu, 24 Nov 2022 13:00:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 94d86bd8aa3fb64d5ef4ba39b2093f46 Sha1: f6f8b969e6d14af88dcd584c72ad52d904d459e9 Sha256: 43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e
GET /flags/4x3/no.svg HTTP/1.1 Host: flagicons.lipis.dev User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: flagicons.lipis.dev/flags/4x3/no.svg FQDN: flagicons.lipis.dev IP: 185.199.108.153 HASH: 9c4ce2506adbbb63dda2139fb698e6ec80134b41862e8206d431ba3607cd4148 185.199.108.153 HTTP/2 200 OK content-type: image/svg+xml server: GitHub.com x-origin-cache: HIT last-modified: Wed, 19 Oct 2022 08:52:22 GMT access-control-allow-origin: * etag: W/"634fbac6-13e" expires: Sun, 20 Nov 2022 06:21:53 GMT cache-control: max-age=600 content-encoding: gzip x-proxy-cache: MISS x-github-request-id: ECA6:9356:1523F66:1CD8CDC:6379C529 accept-ranges: bytes date: Thu, 24 Nov 2022 13:00:43 GMT via: 1.1 varnish age: 157 x-served-by: cache-bma1662-BMA x-cache: HIT x-cache-hits: 1 x-timer: S1669294844.860356,VS0,VE1 vary: Accept-Encoding x-fastly-request-id: 726cce526703d08075d0b177e79d022cbf0d37d9 content-length: 188 X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text Size: 188 Md5: f916e66fd4723d7b98979d330bdab4d4 Sha1: b30df178bab8c3751c9e593dc19999823d98c6a7 Sha256: 9c4ce2506adbbb63dda2139fb698e6ec80134b41862e8206d431ba3607cd4148
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: 595ec3abe1ad4b2c5d26dfb7d05fb72fecfef889ed05c1df7815730b36f26008 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:43 GMT Content-Length: 472 Connection: keep-alive Last-Modified: Mon, 21 Nov 2022 04:52:37 GMT Expires: Mon, 28 Nov 2022 04:52:36 GMT Etag: "77a508ce53a271b7407c6f50af3dc2ed88618c09" Cache-Control: max-age=315712,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 76f25445ed270b4d-OSL --- Additional Info --- Magic: data Size: 472 Md5: 347d32389552af6d8f1be3b4f806234a Sha1: 77a508ce53a271b7407c6f50af3dc2ed88618c09 Sha256: 595ec3abe1ad4b2c5d26dfb7d05fb72fecfef889ed05c1df7815730b36f26008
GET /p.js?f=sync&lr=1&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: my.rtmark.net/p.js?f=sync&lr=1&partner=eab99f1fc1f1a842 (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 73657615b5abe9d595c5dcb7faa33dd526743bc03168c7fd72de56d573c5cc7c 139.45.195.8 HTTP/2 200 OK content-type: text/javascript server: nginx date: Thu, 24 Nov 2022 13:00:43 GMT content-length: 697 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 697 Md5: 109d9d0f284658da4525b3d1c0ead2ec Sha1: 3fc4214c1bef95a85db5eaa84c262d6d85275b6e Sha256: 73657615b5abe9d595c5dcb7faa33dd526743bc03168c7fd72de56d573c5cc7c
POST /log/add?cid=0146f596-44d1-40c0-b3b5-74fcad621e75 HTTP/1.1 Host: datatechone.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 1122 Origin: https://broker-systems.com Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: datatechone.com/log/add?cid=0146f596-44d1-40c0-b3b5-74f (...) FQDN: datatechone.com IP: 139.45.195.253 HASH: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df 139.45.195.253 HTTP/1.1 200 OK Content-Type: text/plain; charset=utf-8 Server: nginx/1.19.10 Date: Thu, 24 Nov 2022 13:00:43 GMT Content-Length: 2 Connection: keep-alive Access-Control-Allow-Origin: https://broker-systems.com Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Access-Control-Allow-Credentials: true --- Additional Info --- Magic: ASCII text, with no line terminators Size: 2 Md5: 444bcb3a3fcf8389296c49467f27e1d6 Sha1: 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Alerts: Blocklists: - quad9: Sinkholed
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: abb9ee4b6ce6bc3df8bde8309882b1c3b07a627629200d8e6080ae24ec3a2775 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5907 Cache-Control: max-age=104943 Date: Thu, 24 Nov 2022 13:00:44 GMT Etag: "637e4ad8-118" Expires: Fri, 25 Nov 2022 18:09:47 GMT Last-Modified: Wed, 23 Nov 2022 16:31:20 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 9fc47df66f766e631ee72b07f14eae3c Sha1: 10efe23c2677829012ec3ac1c0cd45fcbb0c851b Sha256: abb9ee4b6ce6bc3df8bde8309882b1c3b07a627629200d8e6080ae24ec3a2775
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google-analytics.com/analytics.js FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e 142.250.74.174 HTTP/2 200 OK content-type: text/javascript strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20039 date: Thu, 24 Nov 2022 12:41:08 GMT expires: Thu, 24 Nov 2022 14:41:08 GMT cache-control: public, max-age=7200 age: 1176 last-modified: Tue, 27 Sep 2022 22:01:05 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1325) Size: 20039 Md5: 47e6f374ca946fddd5b59871b325736c Sha1: baa9282efc8785e84d247c3bff518eaa45f101c4 Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /external/465726082.hd.mp4?s=e5c3d3024ed8e02293307a9d67b5e6f9b16e59e8&profile_id=174 HTTP/1.1 Host: player.vimeo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: player.vimeo.com/external/465726082.hd.mp4?s=e5c3d3024e (...) FQDN: player.vimeo.com IP: 162.159.138.60 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 162.159.138.60 HTTP/1.1 302 Found Date: Thu, 24 Nov 2022 13:00:44 GMT Content-Length: 0 Connection: keep-alive Access-Control-Allow-Origin: * Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com Expires: Fri, 15 Dec 1985 19:30:00 GMT Location: https://vod-progressive.akamaized.net/exp=1669309244~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=6d17927a8b6844c584f4873ee50f2fd0ffe8f35499a0a0e237ef9aae508683fd/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4 Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff X-Host: player-backend-5ff8dcb846-7sq97 X-Player-Backend: g X-Xss-Protection: 1; mode=block Via: 1.1 google, 1.1 varnish Accept-Ranges: bytes Age: 0 X-Served-By: cache-cph2320028-CPH X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1669294844.050903,VS0,VE148 CF-Cache-Status: DYNAMIC Set-Cookie: __cf_bm=vY9oK_VE3oljmdjEgS_s1ghPx2m6p7Qt2sB0N1IbhGI-1669294844-0-AY77HnRHOq3+JDk9TTGxdigAHZKIpSwF82wDFKWAKTyLjEuUKkR8IhjRj3UkXHEkilDp1FL5gyx2aVIeEbtO9Jk=; path=/; expires=Thu, 24-Nov-22 13:30:44 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None Server: cloudflare CF-RAY: 76f2544738c20b39-OSL --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21163 Expires: Thu, 24 Nov 2022 18:53:27 GMT Date: Thu, 24 Nov 2022 13:00:44 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21163 Expires: Thu, 24 Nov 2022 18:53:27 GMT Date: Thu, 24 Nov 2022 13:00:44 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
GET /img.gif?f=sync&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a&ttl=&rurl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D619630080876089819%26country%3DNO%26campaignid%3D6340333%26cost%3D0.002546%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D5087048%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3 HTTP/1.1 Host: my.rtmark.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: my.rtmark.net/img.gif?f=sync&partner=eab99f1fc1f1a842a8 (...) FQDN: my.rtmark.net IP: 139.45.195.8 HASH: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 139.45.195.8 HTTP/2 200 OK content-type: image/gif server: nginx date: Thu, 24 Nov 2022 13:00:44 GMT content-length: 43 access-control-allow-origin: * access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token access-control-expose-headers: Authorization access-control-allow-credentials: true set-cookie: ID=bab922c1062a461b932168835227cca6; expires=Fri, 24 Nov 2023 13:00:44 GMT; secure; SameSite=None strict-transport-security: max-age=1 x-content-type-options: nosniff timing-allow-origin: , X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: b4491705564909da7f9eaf749dbbfbb1 Sha1: 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21163 Expires: Thu, 24 Nov 2022 18:53:27 GMT Date: Thu, 24 Nov 2022 13:00:44 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21163 Expires: Thu, 24 Nov 2022 18:53:27 GMT Date: Thu, 24 Nov 2022 13:00:44 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21163 Expires: Thu, 24 Nov 2022 18:53:27 GMT Date: Thu, 24 Nov 2022 13:00:44 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7993 x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cEvCsG5mIAMFqAQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Wed, 23 Nov 2022 21:47:52 GMT age: 54772 etag: "43d1dec7fc06879988c9c3cadd800cc8145df988" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7993 Md5: 92c78302bcce1568eb6a5563100b932c Sha1: 43d1dec7fc06879988c9c3cadd800cc8145df988 Sha256: 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /exp=1669309244~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=6d17927a8b6844c584f4873ee50f2fd0ffe8f35499a0a0e237ef9aae508683fd/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4 HTTP/1.1 Host: vod-progressive.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Range: bytes=0- Referer: https://broker-systems.com/ Connection: keep-alive Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: vod-progressive.akamaized.net/exp=1669309244~acl=%2Fvim (...) FQDN: vod-progressive.akamaized.net IP: 23.36.76.123 HASH: d945e04c74f6b88360ee453d3183015ed971b3dd55c89de0d36e11e117c0137d 23.36.76.123 HTTP/1.1 206 Partial Content Content-Type: video/mp4 X-GUploader-UploadID: ADPycdvFALOJgFC8lHRE0XZtj_vOO8NMw94V883uDWMJyDi0Z5tzcMZ5sJ_cbHrMp_W3I5t9ZIwCFXUG4i7oN_MZINQBq6BT75Ie x-goog-generation: 1661020573365224 x-goog-metageneration: 1 x-goog-stored-content-encoding: identity x-goog-stored-content-length: 11965965 x-amz-meta-x-goog-reserved-source-generation: 1602068348320686 x-goog-hash: crc32c=hqujiA==, md5=DBrrzNDq44InOGp42cFLAQ== x-goog-storage-class: COLDLINE Accept-Ranges: bytes Server: UploadServer Aka-c-hit: cache-hit Last-Modified: Sat, 20 Aug 2022 18:36:13 GMT ETag: "0c1aebccd0eae38227386a78d9c14b01" Cache-Control: private, max-age=25922394 Expires: Wed, 20 Sep 2023 13:40:38 GMT Date: Thu, 24 Nov 2022 13:00:44 GMT Content-Range: bytes 0-11965964/11965965 Content-Length: 11965965 Connection: keep-alive AK-REFERENCE-ID: 0.774c2417.1669294844.2f27aab Akamai-Mon-Iucid-Del: 875210 Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Timing-Allow-Origin: * X-VIM-CACHEBC: EP:H11,E:h Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, AK-REFERENCE-ID Akamai-Edge-IP: 23.36.76.123 --- Additional Info --- Magic: ISO Media, MP4 v2 [ISO 14496-14]\012- data Size: 11965965 Md5: 0c1aebccd0eae38227386a78d9c14b01 Sha1: f05673ace82e6c754989e36334a939d66fadf3c8 Sha256: d945e04c74f6b88360ee453d3183015ed971b3dd55c89de0d36e11e117c0137d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ad1430-c833-4f58-99a3-6a959cced2fe.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3efff3d6a8bfa358652bf73ae26ab233ed8c2ca37dab1ff2f2298cd805b88bc1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9099 x-amzn-requestid: d828c8f5-3ff1-4e20-822f-32d9ad7a0d7a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cExDeGjKIAMFQHw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637e9549-71d957297c3ec4b01633b1ce;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 21:48:57 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: ZXi-qHYx7QoMQZAsZzEW099laTRSyxjhe8stloZ5ZhlRfw4W8sebjw== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Wed, 23 Nov 2022 22:13:58 GMT etag: "c35c0a9bf6ad7f53e3aadaffb8f3a03c4f9457e3" age: 53206 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9099 Md5: 891d19eb042be6fd5d021ff08db2dfcc Sha1: c35c0a9bf6ad7f53e3aadaffb8f3a03c4f9457e3 Sha256: 3efff3d6a8bfa358652bf73ae26ab233ed8c2ca37dab1ff2f2298cd805b88bc1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b9d9f8ed6c8abffda48365f6bc32b84b Sha1: 33ad802992d04ae77047e05a68120cb4e42a00e6 Sha256: 7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7462 x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cEwV3HV9oAMFs9w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Wed, 23 Nov 2022 22:08:16 GMT age: 53548 etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7462 Md5: b4157f2c5c3c77ce699324ecb08f47c7 Sha1: a7d9135f9d01ba13c3cdaf8b038c70212f159297 Sha256: 2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4fc8414d39bbaacb1e6575924bd0bbb9373d78b177022f7d3c6457829abffd06 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8748 x-amzn-requestid: 864da50a-44bb-4d20-b499-08c2a140871e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cEvCtENmoAMFqKw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637e9211-2705cc956f2c2aa5535533b0;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: xT0IorkRpXysoYMnugcrV40YaAxoRPjLmkPcv1ElteP_-rNZ1c6fog== via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Wed, 23 Nov 2022 21:48:57 GMT age: 54707 etag: "a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8748 Md5: 28381329eca6c426a8b05fcdef4aafcc Sha1: a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a Sha256: 4fc8414d39bbaacb1e6575924bd0bbb9373d78b177022f7d3c6457829abffd06
GET /assets/img/2021/06/26/1627296041352-f498966e-8044-4d89-8e33-75e2f6f534c4.jpg HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/06/26/1627296041352- (...) FQDN: broker-systems.com IP: 104.21.79.157 HASH: ed5baa9c39d2db8d36c1715780fff3efa25106809677c4a070b57e35369d7f5a 104.21.79.157 HTTP/2 200 OK content-type: image/jpeg date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yqe98OjK2jMztNu2Vbu8Od2xNg4HZc%2F%2Bffy94bCbTDVVHY4iuYQFJdDxfJOaRRsNwR5UTI3Kl2zo717p6b5%2BwvkAsWMj2KYp0Ovbgjq9%2FL2AwX4m%2BTGB8uuL7OqKD8x6wh2lbw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f25443bba7b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2800x423, components 3\012- data Size: 15520 Md5: 3cd0d2bff5925518dda9872a695b1990 Sha1: ddb0c91279407a73d05e01ae0a53e507aa50679c Sha256: ed5baa9c39d2db8d36c1715780fff3efa25106809677c4a070b57e35369d7f5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4309 x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b1U8xGxgIAMF-qQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0 x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 05:04:28 GMT age: 28576 etag: "126771b86638108050cf57c0d12faa27f80f0edb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4309 Md5: 841a4b110022a99ddea6f7bf66df0fa1 Sha1: 126771b86638108050cf57c0d12faa27f80f0edb Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
POST /batch-event-collector HTTP/1.1 Host: europe-west2-tech-microservices-production.cloudfunctions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 1171 Origin: https://broker-systems.com Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: europe-west2-tech-microservices-production.cloudfunctio (...) FQDN: europe-west2-tech-microservices-production.cloudfunctions.net IP: 216.239.36.54 HASH: a0ce47d8f99c7c1b5988ae1c07711bb0aed25484d8ce3563c3a589f2d7216c2f 216.239.36.54 HTTP/2 200 OK content-type: text/plain; charset=utf-8 access-control-allow-origin: * etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" function-execution-id: w6i4vbdoem4u x-powered-by: Express x-cloud-trace-context: 1d742f7801470b08c2f41f0c75208a21 content-encoding: gzip date: Thu, 24 Nov 2022 13:00:45 GMT server: Google Frontend cache-control: private content-length: 22 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 22 Md5: 7ed7900fc45647ddd2f5e4799f6e3f4e Sha1: c599a3e8d0cf90430834cda9a07a4b52dd609a7c Sha256: a0ce47d8f99c7c1b5988ae1c07711bb0aed25484d8ce3563c3a589f2d7216c2f
POST /g/collect?v=2&tid=G-Y5BMFENDVB&gtm=2oeb90&_p=558186308&cid=1542866630.1669294844&ul=en-us&sr=1280x1024&_s=1&sid=1669294843&sct=1&seg=0&dl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D619630080876089819%26country%3DNO%26campaignid%3D6340333%26cost%3D0.002546%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D5087048%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3&dt=broker-systems.com&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://broker-systems.com Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: region1.google-analytics.com/g/collect?v=2&tid=G-Y5BMFE (...) FQDN: region1.google-analytics.com IP: 216.239.34.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.34.36 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: https://broker-systems.com date: Thu, 24 Nov 2022 13:00:45 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 24 Nov 2022 13:00:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b9d9f8ed6c8abffda48365f6bc32b84b Sha1: 33ad802992d04ae77047e05a68120cb4e42a00e6 Sha256: 7009ce6ea1f0023531d8fd70bcf73a0091b663ad7b0f5a9d1785a0f1d2334583
GET /assets/img/2021/08/08/1631094157993-71e6734e-0583-460e-ad85-f2e9c96f6f65.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Cookie: _ga_Y5BMFENDVB=GS1.1.1669294843.1.0.1669294843.0.0.0; _ga=GA1.1.1542866630.1669294844 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/08/08/1631094157993- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:44 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 10:03:40 GMT vary: Accept-Encoding cf-cache-status: HIT age: 3397 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4%2FOFDTt1DxLrULgJLdUuYUSk3ox%2FIHAsmETi8nm7grjOxOKFt9aNToLG%2BS9HBRRmMjQnm5mFbE7Buuwqavx%2BlIRjk20slMEsTCyzgl82D%2BMAHGpZDlYD43Q67aiCQJ922%2BPpUo%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254471882b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /stattag.js HTTP/1.1 Host: cdntechone.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdntechone.com/stattag.js FQDN: cdntechone.com IP: 104.21.29.183 104.21.29.183 HTTP/2 200 OK content-type: application/javascript date: Thu, 24 Nov 2022 13:00:43 GMT last-modified: Wed, 23 Nov 2022 15:07:35 GMT etag: W/"637e3737-3284" link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin cache-control: max-age=14400 cf-cache-status: HIT age: 2744 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJdP2Z%2BjDK4Cuzd9ab65XD0HrPeiXa16dTIdQbLvSvpK5fIMS8Z6U%2FlA8hjlzjOgvlX2WkYcpsbcg%2B62AgwxodF2u7n%2BhJz86R5qBPcVDLONSf9YmUJ90NllDVCTMvpoEw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 76f2544318e3b4f3-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2021/07/03/1627994332152-c4584953-f3aa-4b49-b0fb-e9b64e9d2a97.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/07/03/1627994332152- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2z7jhcRCATVURQa%2FozihINiDiOfhduZHKpvSeOB6T7Qtgo7h%2BOq34V8GtQ5qYiBW0CwbtSub%2Fy7MjUvEM43rFZz9Ou5tyitsDPdu%2BGaJutuNVPvhoxFdZkjlN%2FkpmWTm6KmRZ2E%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f2544229afb4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2021/06/26/1627314620658-6820b11c-be15-43f5-8fe9-9c5a5a70c2ca.jpg HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/06/26/1627314620658- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/jpeg date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIRO%2FhzJndm95XKStEhw0XvJlnDmx2%2FvS0qeQ3f6mbxQHxy7wKkUMQJ8b%2BB1Xr66WapzQz2nmqoIU3st0wl3QwZ%2Flbmb2WImZVlgxXK69l8eMAuGMzFNpQFEcM7E8ZKk3OAlZxU%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f25443bbaab4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /vue@2.6.14/dist/vue.min.js HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: unpkg.com/vue@2.6.14/dist/vue.min.js FQDN: unpkg.com IP: 104.16.123.175 104.16.123.175 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 24 Nov 2022 13:00:43 GMT access-control-allow-origin: * cache-control: public, max-age=31536000 last-modified: Sat, 26 Oct 1985 08:15:00 GMT etag: W/"16fc7-2o16WfTmzFXqWKvsM++c67m6Z8E" via: 1.1 fly.io fly-request-id: 01F7JYERAAW5E3031G1EAGDR8T cf-cache-status: HIT age: 14699012 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 76f25442893b0b61-OSL content-encoding: br X-Firefox-Spdy: h2 --- Additional Info ---
GET /compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robo (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: text/html; charset=utf-8 date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex vary: Accept-Encoding x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 cache-control: private x-do-orig-status: 200 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EJ1O2cfmiTty9sJJ35eUtQhGCFEZWjAr7sRBmyKk%2F%2FhMTC8yzauTPJIolJgMzQ9bt9fnK0p%2BamvRYWxbgwTW8azaFjclXoQx4SCeWVG1ru%2BovN%2Bbu%2FYTr0qyU2tzgW7RV9cv9Q%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f2543f6ddfb4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2021/06/23/1627034872559-2caa23ff-eecf-4033-b355-8c1f5da0ec76.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/06/23/1627034872559- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWhRF%2BU588M328oD09TpSxJ78yES05rhjRYNADOvXCYJHcd8LRm1PvBCtZr1KhGzFQnIysp7GDR98jMJrTI0YIt2xba0O8VPe%2Fy6boAxCnxnodmiMDsHg4KzAadEOlIE2omqBsY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f25442199bb4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2021/06/26/1627297013883-7dbc897f-02ca-4586-9259-4c23ea49acb5.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/06/26/1627297013883- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2B4q2ziC4pkUUVG7OzrakJZTJGfK%2FELWHzmC1ZZnztBATs3hfu6t09JR1NJw8q45KTlQq2d%2BV%2Bfv2b3wziN%2BfiiXKNHo1oZ0VzsfsAYoWcnGccZiUtqvLb65CkTQOH%2FMYYKhPBY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f25442299cb4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2022/02/04/1646413684488-18ea1365-fd52-4a50-b07f-2ba9046efb59.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2022/02/04/1646413684488- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJeIo65Ae5UljUM71K0IZ7BD5GzrLTYauJm7OYdqBSb6WZc%2F8XqPbxZMWRycxwUqf5UnqdJMZwU3ZYFavEVtiaWOS35Bx3%2BwRVlTzqaAW8yMMmPvbq2PthaY0nzIEp%2BHiga2Hqc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f25442198db4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2021/07/03/1627979101733-6f5c97a5-241b-4c75-a8ad-48f67971041f.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/07/03/1627979101733- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEKFqnBHvVSifapZxasGKTLIW%2BjvOHLxcBEnZy5EnBvu3eAHQnAldC0AnDNrRHPf%2B%2B%2Fku18vCeOTJ2EdqJddDt71ZwyLmPXLzfQwnBPml%2FyXLAKI8iHW9XlnFbktWKRDYau1BM0%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f2544229b0b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /services/offers/register?language=no&includesConsent=false&includesMinimumAge=true HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/services/offers/register?language=no (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 cache-control: private x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 13:00:43 GMT cf-cache-status: DYNAMIC vary: Accept-Encoding report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4fKPo9hmM0zMnoxtkX8QEorme50v1t91yowa0x%2FwSgqfEie81LmSYOLyv3jsZ1owE0XP17bFjv%2Bbn5Mg6dPqB19XIWKUs74SXDvolSOXm80j6LjUivQt7UQMZxMO%2BR9aiI77A4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254436b37b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/at/v5/tracking.js HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/at/v5/tracking.js FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 vary: Accept-Encoding x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:57:21 GMT cf-cache-status: HIT age: 3792 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XzWQy9%2BzedAR1z9hN2Npso5oc8pB8tKbWKR6fFQsFbi9VTLS2YAWs15V7Yaz1EPvKbIty9wfvQjmAeDE0UI%2BKizhOsNQY5y8HvrGTAsEsM6os2trT1u52K71c6wn%2B%2FxxYLR7e0%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254420989b4ee-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /assets/img/2021/07/03/1627983967543-9619d850-d57a-4851-807a-02068b4f5e17.png HTTP/1.1 Host: broker-systems.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=619630080876089819&country=NO&campaignid=6340333&cost=0.002546&offerType=rts&utm_source=propellerads&utm_term=5087048&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: broker-systems.com/assets/img/2021/07/03/1627983967543- (...) FQDN: broker-systems.com IP: 104.21.79.157 104.21.79.157 HTTP/2 200 OK content-type: image/png date: Thu, 24 Nov 2022 13:00:43 GMT x-powered-by: Express access-control-allow-origin: * x-robots-tag: noindex cache-control: public, max-age=14400 x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7 x-do-orig-status: 200 last-modified: Thu, 24 Nov 2022 09:37:03 GMT vary: Accept-Encoding cf-cache-status: HIT age: 4988 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JauyZjV5jeutQuxOL19Q7e9xyofNko%2BA4vtYT3zmvhAB0a8%2BssHWLz0raa0UHnzzgBxckGiFl25klBNCWNrm5NTTJSA8hRq1ELsKqWfeXRy2c4bYcsF4k3tDLZoYtvZWQNv2MPY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76f254421991b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---

Overview

Domain Summary (26)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 79.98.29.29

Last 5 reports on ASN: UAB Interneto vizija

Last 5 reports on domain: mobile1.fun

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (17)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (67)

Overview

Domain Summary (26)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 79.98.29.29

Last 5 reports on ASN: UAB Interneto vizija

Last 5 reports on domain: mobile1.fun

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (17)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (67)

Network Intrusion Detection Systems