m.luvmenow.com/click?offer_id=5683&pid=31423&ref_id=rf3qnj748p9b&sub1=28575&sub2=2600:1900:2000:1d:400::1b&sub3=rf3qnj748p9b&sub4=lkeuh6748p7t&sub5=frd&sub6=&sub7=&sub8=15671
172.67.165.172302 Found 0 B URL HTTP/1.1 m.luvmenow.com/click?offer_id=5683&pid=31423&ref_id=rf3qnj748p9b&sub1=28575&sub2=2600:1900:2000:1d:400::1b&sub3=rf3qnj748p9b&sub4=lkeuh6748p7t&sub5=frd&sub6=&sub7=&sub8=15671
IP 172.67.165.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?offer_id=5683&pid=31423&ref_id=rf3qnj748p9b&sub1=28575&sub2=2600:1900:2000:1d:400::1b&sub3=rf3qnj748p9b&sub4=lkeuh6748p7t&sub5=frd&sub6=&sub7=&sub8=15671 HTTP/1.1
Host: m.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 09 Nov 2022 22:34:43 GMT
Content-Length: 0
Connection: keep-alive
X-Adjust-Use-Original-Forwarded-For: 1
Location: https://datify.g2afse.com/click?pid=31423&offer_id=783&sub1=28575&sub2=2600:1900:2000:1d:400::1b&sub3=rf3qnj748p9b&sub4=lkeuh6748p7t&sub5=frd&sub6=&sub7=&sub8=15671
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dG%2FMZSX3vy%2FLmaqw2JZxSIWiDmbRCor6iVxbC2X6sv5cPnee5LWcw%2FmiYOtGiedbcCCNKLXKX2uecEw27%2FS9%2FKSUZXNChiUq23wyiRu66uJlNM4xBqSwXC2GI0iRB3Girg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 767a04785bbbb506-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7433
Expires: Thu, 10 Nov 2022 00:38:37 GMT
Date: Wed, 09 Nov 2022 22:34:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5572
Cache-Control: max-age=134952
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 22:34:44 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 12:03:56 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7253
Expires: Thu, 10 Nov 2022 00:35:37 GMT
Date: Wed, 09 Nov 2022 22:34:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vEUB1rwy7Z42ZtIaoQGZMHX3XlsvQN4tMkE3y45qQQ8BRrtOzEz6K7uljbol3VNNHH5kLt8Xiy0=
x-amz-request-id: 0VER9BMARBDEZ399
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 22:11:53 GMT
age: 1371
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 22:34:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash c0a1a0cff1b52b49210094bf875501f6
f947a9a36b10bdd04a3f1805a27cd9768ae37a85
fd42957f56088480017798e5c41cfec7db177399136c3795c6c9133002c252d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3409
Cache-Control: max-age=94281
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 22:34:44 GMT
Etag: "636aeafc-138"
Expires: Fri, 11 Nov 2022 00:46:05 GMT
Last-Modified: Tue, 08 Nov 2022 23:49:16 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312
datify.g2afse.com/click?pid=31423&offer_id=783&sub1=28575&sub2=2600:1900:2000:1d:400::1b&sub3=rf3qnj748p9b&sub4=lkeuh6748p7t&sub5=frd&sub6=&sub7=&sub8=15671
34.90.14.205302 Found 0 B URL HTTP/2 datify.g2afse.com/click?pid=31423&offer_id=783&sub1=28575&sub2=2600:1900:2000:1d:400::1b&sub3=rf3qnj748p9b&sub4=lkeuh6748p7t&sub5=frd&sub6=&sub7=&sub8=15671
IP 34.90.14.205:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=31423&offer_id=783&sub1=28575&sub2=2600:1900:2000:1d:400::1b&sub3=rf3qnj748p9b&sub4=lkeuh6748p7t&sub5=frd&sub6=&sub7=&sub8=15671 HTTP/1.1
Host: datify.g2afse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 09 Nov 2022 22:34:44 GMT
content-length: 0
location: https://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=31423&sub1=28575&sub2=2600:1900:2000:1d:400::1b&sub3=rf3qnj748p9b&sub4=lkeuh6748p7t&sub5=frd&sub6=&sub7=&sub8=15671
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
X-Firefox-Spdy: h2
t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=31423&sub1=28575&sub2=2600:1900:2000:1d:400::1b&sub3=rf3qnj748p9b&sub4=lkeuh6748p7t&sub5=frd&sub6=&sub7=&sub8=15671
172.67.165.172302 Found 0 B URL HTTP/2 t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=31423&sub1=28575&sub2=2600:1900:2000:1d:400::1b&sub3=rf3qnj748p9b&sub4=lkeuh6748p7t&sub5=frd&sub6=&sub7=&sub8=15671
IP 172.67.165.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=5fa1807a127bd6bcbd272004&pid=31423&sub1=28575&sub2=2600:1900:2000:1d:400::1b&sub3=rf3qnj748p9b&sub4=lkeuh6748p7t&sub5=frd&sub6=&sub7=&sub8=15671 HTTP/1.1
Host: t.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 09 Nov 2022 22:34:44 GMT
content-length: 0
location: https://tracking.t0r4.com/click?pid=740&offer_id=1072&sub2=28575&sub3=a_636c2b048135b70001ab288b
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=636c2b048135b70001ab288b; expires=Thu, 09 Nov 2023 22:34:44 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFjRSr9zgzWPEmJ7jfVZYHbqEWXc5TPOLCvENKfmjVWk9h%2FUcBCQ%2BjiRGX2SyU7G4%2BoLStXapu88CtU3hHUQMhSsl%2FeqkS4uAXcW3oJrLYJjTg%2FPauFEToiLllz0elNL3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767a047cdad2fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b8b93df1b41d325a375f605c3ca598c
018fbf597bd4c2793b2321fd0e4d043ad321cbc0
a41b6aded962aa1f58eb3bbbf4fb8334c495cc44ef6f3b0149590c8e79b9924d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A41B6ADED962AA1F58EB3BBBF4FB8334C495CC44EF6F3B0149590C8E79B9924D"
Last-Modified: Mon, 07 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13586
Expires: Thu, 10 Nov 2022 02:21:10 GMT
Date: Wed, 09 Nov 2022 22:34:44 GMT
Connection: keep-alive
tracking.t0r4.com/click?pid=740&offer_id=1072&sub2=28575&sub3=a_636c2b048135b70001ab288b
104.21.19.241302 Found 0 B URL HTTP/2 tracking.t0r4.com/click?pid=740&offer_id=1072&sub2=28575&sub3=a_636c2b048135b70001ab288b
IP 104.21.19.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=740&offer_id=1072&sub2=28575&sub3=a_636c2b048135b70001ab288b HTTP/1.1
Host: tracking.t0r4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 09 Nov 2022 22:34:44 GMT
content-length: 0
location: https://zzotrack.com/86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=&sub2=28575&campaign=&sum=&clickid=636c2b04293053000156d6f4
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=636c2b04293053000156d6f4; expires=Thu, 09 Nov 2023 22:34:44 GMT; secure; SameSite=None
afoffers={"1072":1668033284}; expires=Thu, 09 Nov 2023 22:34:44 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KGtsvBWEtKuDkTbtzBxPttmRqtoMFXpukFUChsbt1ATOr3dWRYoJQ%2FoA8GrH7mxlAhoJDCpM%2FGr7IeRoGqGCuW7oUPCO6ixK2xtR5RBbYlbasXNSSp%2BHtFTT6QWY8rFkxnmlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767a047dffb7b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b8b93df1b41d325a375f605c3ca598c
018fbf597bd4c2793b2321fd0e4d043ad321cbc0
a41b6aded962aa1f58eb3bbbf4fb8334c495cc44ef6f3b0149590c8e79b9924d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A41B6ADED962AA1F58EB3BBBF4FB8334C495CC44EF6F3B0149590C8E79B9924D"
Last-Modified: Mon, 07 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13586
Expires: Thu, 10 Nov 2022 02:21:10 GMT
Date: Wed, 09 Nov 2022 22:34:44 GMT
Connection: keep-alive
zzotrack.com/86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=&sub2=28575&campaign=&sum=&clickid=636c2b04293053000156d6f4
18.184.38.55302 Found 0 B URL HTTP/2 zzotrack.com/86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=&sub2=28575&campaign=&sum=&clickid=636c2b04293053000156d6f4
IP 18.184.38.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=&sub2=28575&campaign=&sum=&clickid=636c2b04293053000156d6f4 HTTP/1.1
Host: zzotrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 09 Nov 2022 22:34:44 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wuhs9j76hj69kubkiuqepm0s&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740
pragma: no-cache
set-cookie: 86f47e59-27d7-4e44-bd9c-5042398e42a9-v4=QRqnhxBPhgV3jRoeEanNA1H1GUgGMADzG-Y7MQEWPuY; Max-Age=86400; Expires=Thu, 10-Nov-2022 22:34:44 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=WddnP3%2Fp2ytrZy9zqUF2e%2FhQzS4P0nzdK9Oy%2FDLS%2BbDokQVrfJBqDzVPZTiY4unl1Nps3nKiJVdmtglIzH%2B2oF5RTvW8VDIkTYPx1WhEYYbmdPj18M1jlD2PwiuAEFMjAtcdsT8tS%2BEEbv7SvzbF7A%3D%3D; Max-Age=31536000; Expires=Thu, 09-Nov-2023 22:34:44 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3035
Cache-Control: max-age=127359
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 22:34:45 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 09:57:24 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 87ea2b74015af45f86462e50e9ef2189
92fced7a65c08fe4f29351009239e153f6769544
20e7ffba962a6ac95468a65bef9f4f89c8876cf83210f3eeec5be63fc820caaf
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133664
Date: Wed, 09 Nov 2022 22:34:45 GMT
Etag: "636b7a57-1d7"
Expires: Fri, 11 Nov 2022 11:42:29 GMT
Last-Modified: Wed, 09 Nov 2022 10:00:55 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nJV-z7VQ5BnadDX58PfvSbs0846yYdoC8uEV3BlyFVswO87w0VNoqA==
Age: 6094
push.services.mozilla.com/
52.35.167.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.167.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d2+i+5Svhbwm/eIOsRLGLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hujYw9aDkP9vDBarka//atK6buA=
v2.trckguardlnk.com/favicon.ico
18.195.157.163200 OK 318 B URL HTTP/2 v2.trckguardlnk.com/favicon.ico
IP 18.195.157.163:0
File type MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Hash a976d227e5d1dcf62f5f7e623211dd1b
a2a9dc1abdd3d888484678663928cb024c359ee6
66332859bd8e3441a019e073a318b62a47014ba244121301034b510dc7532271
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: v2.trckguardlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; U-13111c20aee51aeb480ecbd988cd8cc9=unique; o_13111c20aee51aeb480ecbd988cd8cc9=ee9de8dd-891a-4a70-a179-c174dfd2fb16
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 22:34:45 GMT
content-type: image/x-icon
content-length: 318
server: nginx/1.20.0
last-modified: Tue, 04 May 2021 06:35:26 GMT
etag: "6090eb2e-13e"
accept-ranges: bytes
X-Firefox-Spdy: h2
smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=6744abb16d2447dc72fa64f6dd996700&s3=558
45.91.67.98200 OK 2.5 kB URL HTTP/1.1 smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=6744abb16d2447dc72fa64f6dd996700&s3=558
IP 45.91.67.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (605), with CRLF line terminators
Hash 595abb7ec16ad378026924c858d725af
d9749dbd1c0e997b6091898c61754b4087ad22ad
acf8188a21a73a5505a70fb2de7a07939bd259a2b3f81e126265cd39ee1e8353
GET /smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=6744abb16d2447dc72fa64f6dd996700&s3=558 HTTP/1.1
Host: smartsecuredt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 22:34:46 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Set-Cookie: gdm_uid_v2_1_001=M6/NO+WPOfx53OfugTGnelTRTgijNLhnYKLl9z2MgmeNU9QxdnUrWZcj3bu6GzRt; Domain=.smartsecuredt.com; Expires=Tue, 07-Feb-2023 22:34:46 GMT; Path=/; Secure; SameSite=None
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.smartsecuredt.com; Expires=Tue, 07-Feb-2023 22:34:46 GMT; Path=/; Secure; SameSite=None
v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5VQC8eNEorZaLfZN10JBZZM=; Domain=.smartsecuredt.com; Expires=Tue, 07-Feb-2023 22:34:46 GMT; Path=/
gdm_uid_v1_1_001=M6/NO+WPOfx53OfugTGnelTRTgijNLhnYKLl9z2MgmeNU9QxdnUrWZcj3bu6GzRt; Domain=.smartsecuredt.com; Expires=Tue, 07-Feb-2023 22:34:46 GMT; Path=/
gdm_visit_freq_v2_1_001=gJLhXJbXqrGXm/hn4dYEDQBoAWvE8qqcS+E+tg7BtwkzbY3VZX9zcLqsSvmJCSy8; Domain=.smartsecuredt.com; Expires=Tue, 07-Feb-2023 22:34:46 GMT; Path=/; Secure; SameSite=None
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.smartsecuredt.com; Expires=Tue, 07-Feb-2023 22:34:46 GMT; Path=/
gdm_visit_freq_v1_1_001=gJLhXJbXqrGXm/hn4dYEDQBoAWvE8qqcS+E+tg7BtwkzbY3VZX9zcLqsSvmJCSy8; Domain=.smartsecuredt.com; Expires=Tue, 07-Feb-2023 22:34:46 GMT; Path=/
v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5VQC8eNEorZaLfZN10JBZZM=; Domain=.smartsecuredt.com; Expires=Tue, 07-Feb-2023 22:34:46 GMT; Path=/; Secure; SameSite=None
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: Sat, 1 May 2020 12:00:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76db8b9c8bd32d8e41b716b82bdc7050
f671aecce29ae29236295580c78358cfaa723d47
ce98d6599962c3ec7df0c4f093673b4ba2c86d83780dc957f726b13143dc4063
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE98D6599962C3EC7DF0C4F093673B4BA2C86D83780DC957F726B13143DC4063"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4729
Expires: Wed, 09 Nov 2022 23:53:35 GMT
Date: Wed, 09 Nov 2022 22:34:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76db8b9c8bd32d8e41b716b82bdc7050
f671aecce29ae29236295580c78358cfaa723d47
ce98d6599962c3ec7df0c4f093673b4ba2c86d83780dc957f726b13143dc4063
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE98D6599962C3EC7DF0C4F093673B4BA2C86D83780DC957F726B13143DC4063"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4729
Expires: Wed, 09 Nov 2022 23:53:35 GMT
Date: Wed, 09 Nov 2022 22:34:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76db8b9c8bd32d8e41b716b82bdc7050
f671aecce29ae29236295580c78358cfaa723d47
ce98d6599962c3ec7df0c4f093673b4ba2c86d83780dc957f726b13143dc4063
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE98D6599962C3EC7DF0C4F093673B4BA2C86D83780DC957F726B13143DC4063"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4729
Expires: Wed, 09 Nov 2022 23:53:35 GMT
Date: Wed, 09 Nov 2022 22:34:46 GMT
Connection: keep-alive
cdn.smrt-assets.com/assets/1387/js/backoffer.js
23.36.76.144200 OK 660 B URL HTTP/1.1 cdn.smrt-assets.com/assets/1387/js/backoffer.js
IP 23.36.76.144:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash e7e1dc07852a36f89e4be03aa3787316
0dc3f8e7eb943af093cf8f4600fcf0e421891025
33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388
GET /assets/1387/js/backoffer.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 660
Last-Modified: Thu, 06 May 2021 12:38:04 GMT
ETag: "e7e1dc07852a36f89e4be03aa3787316"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P2
X-Amz-Cf-Id: wMlw0DS_2cpDlmt-hXkUlzPF3cZyUBp0ipiQ_g-kkKca6KpQvvKboA==
Date: Wed, 09 Nov 2022 22:34:46 GMT
Connection: keep-alive
cdn.smrt-assets.com/assets/1282/css/style01.css
23.36.76.144200 OK 1.7 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1282/css/style01.css
IP 23.36.76.144:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 2f7d31cd97f3b107994486c9a41f480c
a36a87c98a11cd5eb17df420092fa0760b90ba38
cc3eb1d1eb8de4c52a052b5136da8402b671388eef9d8fbbfff3be9cda5f2efe
GET /assets/1282/css/style01.css HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Wed, 24 Mar 2021 15:49:24 GMT
ETag: "7304a2c7a4ed4ff22845255c820780d4"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C3
X-Amz-Cf-Id: Ty2RnnbTVzlW4dOKAaV6gv1OyzBA8NbM9BFctHL-03gcpqjYgu-m2w==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 09 Nov 2022 22:34:46 GMT
Content-Length: 1696
Connection: keep-alive
cdn.smrt-assets.com/assets/1282/js/jquery-2.2.4.min.js
23.36.76.144200 OK 30 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1282/js/jquery-2.2.4.min.js
IP 23.36.76.144:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (32065)
Hash 2fa28552f1ee4e1382ee43930b53afb8
803670da6a35378bf4eb73acc8e72fe4feb5ca30
ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
GET /assets/1282/js/jquery-2.2.4.min.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Last-Modified: Tue, 23 Mar 2021 08:19:36 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C3
X-Amz-Cf-Id: 20EP2zFZ_ZqJgr5cFVUkL_iUDrwRTn97NrfSJpZzjtC8ZUDK0kf2Yw==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 09 Nov 2022 22:34:46 GMT
Content-Length: 29855
Connection: keep-alive
cdn.smrt-assets.com/prod/push-subscriber.js
23.36.76.144200 OK 4.4 kB URL HTTP/1.1 cdn.smrt-assets.com/prod/push-subscriber.js
IP 23.36.76.144:0
ASN #20940 Akamai International B.V.
Hash d87a44d0aa0b54e75b2eb54c76bcf152
f765110fd22c73d181d9a2ea1b20de424b3d9e35
6ec5fc6e201f4cf0ba2754f2510363cad0ea29076f9775cc25a06ff71763c0f7
GET /prod/push-subscriber.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 29 Mar 2022 15:19:51 GMT
ETag: "6b5bccad39f7057909ad0660f33cc2fa"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: 35kqMJuJ1u5RjAKtxbnFwd5U4zZZCXGXjyOLiAvqNh6C3w79fp8VLA==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 09 Nov 2022 22:34:46 GMT
Content-Length: 4395
Connection: keep-alive
cdn.smrt-assets.com/assets/1282/js/translates.js
23.36.76.144200 OK 21 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1282/js/translates.js
IP 23.36.76.144:0
ASN #20940 Akamai International B.V.
Hash 582399a53fc62aec6fa84af0518fec31
e9f50fad9612f9a966dbacab1e10038408a1850d
382c5561b9f4f1ee785de83a1f6318d386ccfb3514c7ef83713ba3f23625a28e
GET /assets/1282/js/translates.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Last-Modified: Tue, 23 Mar 2021 08:19:36 GMT
ETag: "2aaad6f608837c3d11d469676fbf05e3"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C3
X-Amz-Cf-Id: 793vLZtThDYDizrYexXbIgRSngG2cpPoJ4Py0-km2Ho-oX9FQlnpFQ==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 09 Nov 2022 22:34:46 GMT
Content-Length: 21300
Connection: keep-alive
cdn.smrt-assets.com/prod/push-lang-config.js
23.36.76.144200 OK 2.4 kB URL HTTP/1.1 cdn.smrt-assets.com/prod/push-lang-config.js
IP 23.36.76.144:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (7658), with no line terminators
Hash 86caa25373c28e4a962df5e15f4c160f
7a992cdd21a4074c155ccc7016e7cf836a66dd85
fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11
GET /prod/push-lang-config.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT
ETag: "7152525f63649929a736f6efb78b58a5"
x-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: PlzHg_kpLQKC63Gp9E61K1OBX5ibTIl975NYZyc2dmovD1t05XIN0Q==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 09 Nov 2022 22:34:46 GMT
Content-Length: 2366
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 61a9432317cba5908c0a73266e8b8a62
c8bc872f016956cbb5569d7727bdfd46d64146c6
fafa5e76a4ed086616cce2f8e5af613630b11221ec9001d30cac72f6c1f350de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 22:34:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 61a9432317cba5908c0a73266e8b8a62
c8bc872f016956cbb5569d7727bdfd46d64146c6
fafa5e76a4ed086616cce2f8e5af613630b11221ec9001d30cac72f6c1f350de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 22:34:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
142.250.74.163200 OK 8.6 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (25088)
Hash 73069e532b7039778d3a7128c997c61a
c523bbf1ac7f4e612c8ade75434c42fbca885adc
b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:32:44 GMT
expires: Thu, 09 Nov 2023 18:32:44 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
age: 14522
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
142.250.74.163200 OK 10 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (35547)
Hash fa9987a23f5a9d865766e952511baa30
f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 18:29:53 GMT
expires: Tue, 07 Nov 2023 18:29:53 GMT
cache-control: public, max-age=31536000
age: 187493
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2b6e814cf24d6076a53097eacb138a7f
7e3b9b5d44699f81209a7ea0182640f5596804a5
218be263224d3d1a01ba126d0a7311b972bd88744ec0919b5e471077abe68e03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 22:34:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.smrt-assets.com/assets/1282/video/283.mp4
23.36.76.144206 Partial Content 800 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1282/video/283.mp4
IP 23.36.76.144:0
ASN #20940 Akamai International B.V.
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 800 kB (800415 bytes)
Hash beffaf1508377ce14debb2bb943736a2
756a7449cc01cb04a274b573ce972c2e3e822167
7f773d6704008b9bbabd2bd9d15e36cb35b0ab099e85827ca146baa045b4c8ca
GET /assets/1282/video/283.mp4 HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
Last-Modified: Tue, 23 Mar 2021 08:37:48 GMT
ETag: "beffaf1508377ce14debb2bb943736a2"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: Sy-oNQBhZQ0FmwhUTmiI9BG_aKYkQyFx1f64cNbwKu-UdFQZyffVGQ==
Date: Wed, 09 Nov 2022 22:34:46 GMT
Content-Range: bytes 0-800414/800415
Content-Length: 800415
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 61a9432317cba5908c0a73266e8b8a62
c8bc872f016956cbb5569d7727bdfd46d64146c6
fafa5e76a4ed086616cce2f8e5af613630b11221ec9001d30cac72f6c1f350de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 22:34:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX
142.250.74.168200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash a5cf936d2d0665147457f6d9f6ca2140
130dc2ae709d166937286f211cdf730c7509e4a3
0a5764789f20db3c840150f3a0b480d6f8b9b3427846eca4ca2868361248055b
GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 09 Nov 2022 22:34:46 GMT
expires: Wed, 09 Nov 2022 22:34:46 GMT
cache-control: private, max-age=900
last-modified: Wed, 09 Nov 2022 21:41:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2b6e814cf24d6076a53097eacb138a7f
7e3b9b5d44699f81209a7ea0182640f5596804a5
218be263224d3d1a01ba126d0a7311b972bd88744ec0919b5e471077abe68e03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 22:34:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash e00c97dd4799da620aeff194ca855c77
c5d04ee97d144cd3894dd7f5af0f1cf2d85e86a0
55e6692ff083f9083a5bdf6d61a0c2498cc389d491b1a358b8b822d8cc8f1fb7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98085
Date: Wed, 09 Nov 2022 22:34:46 GMT
Etag: "636af080-1d7"
Expires: Fri, 11 Nov 2022 01:49:31 GMT
Last-Modified: Wed, 09 Nov 2022 00:12:48 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ySNm8FtjsvcPdhaQyVrMg_B9oH8C5SKSKUnE16bBdhMhBKwCfX6kvg==
Age: 5803
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4528
Expires: Wed, 09 Nov 2022 23:50:14 GMT
Date: Wed, 09 Nov 2022 22:34:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4528
Expires: Wed, 09 Nov 2022 23:50:14 GMT
Date: Wed, 09 Nov 2022 22:34:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4528
Expires: Wed, 09 Nov 2022 23:50:14 GMT
Date: Wed, 09 Nov 2022 22:34:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4528
Expires: Wed, 09 Nov 2022 23:50:14 GMT
Date: Wed, 09 Nov 2022 22:34:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4528
Expires: Wed, 09 Nov 2022 23:50:14 GMT
Date: Wed, 09 Nov 2022 22:34:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F209aa2c7-5455-4bcc-a570-020a64d657cc.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F209aa2c7-5455-4bcc-a570-020a64d657cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 899d03c61f3b79a2176e6cdbaa7441f0
afc8ee4a5b899e95c4b229d48494ae058bfa4c33
62b52d966cd4216513a0c0cc12f9faa9c2fbb0d4707a458c247047c455b2b6e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F209aa2c7-5455-4bcc-a570-020a64d657cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10006
x-amzn-requestid: 322dbafd-30b5-43b5-a077-aa729ffbc91f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWl_1EKfoAMFS6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d31-242c7c5c5f670e7332c2fa36;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XzhwtvrTl7H_zSjppLfNv74vQAnuzDBupbcVWrgbR0Y1w4yWWh4KCg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:56:35 GMT
age: 2291
etag: "afc8ee4a5b899e95c4b229d48494ae058bfa4c33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: paNICiysr9pIOxtqOqjnIOValYbM8InQZ9SmEOUIJirFQd03IN6eRw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 3096
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca824564-f412-4dc2-b493-0624bc480eed.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca824564-f412-4dc2-b493-0624bc480eed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c390c15d10148f43af21450af434cc7
ef3011cd851559ba8ee39b4bd0dc0af7a25bc651
d76ceb9b671f98d0bbaa47544883108274d4a26c11840f628e7466b23ca541c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca824564-f412-4dc2-b493-0624bc480eed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7696
x-amzn-requestid: e0cf148f-08b1-4399-b07c-5519d852c486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWmHfFepIAMFebw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d62-57d6f0964bceb9711a56cfb7;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:36:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q332Vdi1jyNfDnwszgERBrjmfPxvvz-EnsLImaK_W7-FdZUlbZw0nA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:55:41 GMT
age: 2345
etag: "ef3011cd851559ba8ee39b4bd0dc0af7a25bc651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d68ac59950c3276cd8f92b777a004df1
94c0ee5c14e8e8cdf95883582ba8084cc5867f93
b02d6d61c1fae8260d1fc30c0a78ebbc3482a3aa0acafb58d8269942ff8e732b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74db090f-5da5-464b-91b1-7fac90d3e5eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7987
x-amzn-requestid: 6a465dcd-6a4e-49fb-9fa9-169678d39b5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlo7HBFIAMFSQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9f-4ffe8f2534aeaef73329a8cd;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:19 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gbK3hyzE9RBuLiIQHUrouV-Kqe6r2cTMLYauv9W0ych9irxQexKWAQ==
via: 1.1 637ef0a7bc474e9a314fa064b65e8082.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:53:35 GMT
age: 2471
etag: "94c0ee5c14e8e8cdf95883582ba8084cc5867f93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
v2.trckguardlnk.com/click?a=558&sub_id1=wuhs9j76hj69kubkiuqepm0s&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&o=2219
18.195.157.163200 OK 6.3 kB URL HTTP/2 v2.trckguardlnk.com/click?a=558&sub_id1=wuhs9j76hj69kubkiuqepm0s&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&o=2219
IP 18.195.157.163:0
Hash 3096dde0057d882d9da07b2855f6dabf
4cb180af673927f1c4e65e48785f7288eabaf493
ad159339bbf149ef57204c8e47224326abb0e9d21da7232b65a669cf7ccc77bb
Analyzer Verdict Alert quad9 Sinkholed
GET /click?a=558&sub_id1=wuhs9j76hj69kubkiuqepm0s&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&o=2219 HTTP/1.1
Host: v2.trckguardlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 22:34:45 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-13111c20aee51aeb480ecbd988cd8cc9=unique; expires=Fri, 09-Dec-2022 22:34:45 GMT; Max-Age=2592000; path=/; secure; SameSite=None
o_13111c20aee51aeb480ecbd988cd8cc9=ee9de8dd-891a-4a70-a179-c174dfd2fb16; expires=Wed, 16-Nov-2022 22:34:45 GMT; Max-Age=604800; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61e58563ce83ab22c1604920db81f8e5
71dc8a32634a72c2092ef90a4f46250599b523f6
ddbb9d12368a95d38b94398274524862a28da41f22062d0096ac0c7052e2ca3b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0d37511-5958-42ab-acd0-aed0c04a0e2c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9360
x-amzn-requestid: ab27926c-6cd1-4817-a5ff-aa47f666f337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpOGmjoAMFU4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca1-5835f3a814659500346d44e8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MrUvpMcxRPmksSmHQv-VIavSGtumJjPbrn4wleWN-9EXk-IUctJsgg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:57:48 GMT
age: 2218
etag: "71dc8a32634a72c2092ef90a4f46250599b523f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}
136.243.43.25200 OK 35 B URL HTTP/1.1 tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}
IP 136.243.43.25:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead} HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://smartsecuredt.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 22:34:46 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 35
Connection: keep-alive
Pragma: no-cache
Expires: 0
Vary: *
X-Api-Version: 1
X-Request-Id: e0ff2ed5fcc34a49
Set-Cookie: ts_rt_3f949dfe-3372-4caa-baf0-047f88323cfa=ANmUCUOmR4kbQgQSPEjEBJwwZ8rYSVPmThmDCB9GnFixDMOA; expires=Thu, 09 Nov 2023 22:34:46 GMT; path=/; HttpOnly; secure; SameSite=None
Cache-Control: no-cache, no-store, no-transform, must-revalidate, no-transform
X-Robots-Tag: none, noindex, nofollow
Report-To: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
cdn.smrt-assets.com/assets/1373/other/favicon.ico
23.36.76.144200 OK 1.2 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1373/other/favicon.ico
IP 23.36.76.144:0
ASN #20940 Akamai International B.V.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 38722a803b73dd1871a3d8a19db44d2f
3379960a2c6611bfefcb39e662198d6df322e12d
314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
GET /assets/1373/other/favicon.ico HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Wed, 28 Apr 2021 11:28:55 GMT
ETag: "38722a803b73dd1871a3d8a19db44d2f"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: IAD66-C1
X-Amz-Cf-Id: JbGE-qPp-rz1sjNie-YOUT5WYN1nceHRFWqeEDCyU1T8VI4fT_WTxA==
Date: Wed, 09 Nov 2022 22:34:46 GMT
Connection: keep-alive
static.trafficjunky.com/js/mp.min.js
205.185.208.79200 OK 3.6 kB URL HTTP/1.1 static.trafficjunky.com/js/mp.min.js
IP 205.185.208.79:0
File type ASCII text, with very long lines (10690), with no line terminators
Hash 044c370813dc1ea880f32a5be81384e7
53b0733cfc26f2bc7e83d1da0c087d5513fcf548
2acb7fa7d04e9c94971b02b9f67140f2bcc9fb51ee361096c735e7f81518c94c
GET /js/mp.min.js HTTP/1.1
Host: static.trafficjunky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://smartsecuredt.com/
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 22:34:46 GMT
Connection: Keep-Alive
ETag: "1652721327"
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 3628
Content-Type: application/javascript
Last-Modified: Mon, 16 May 2022 17:15:27 GMT
Accept-Ranges: bytes
X-HW: 1668033286.dop207.sk1.t,1668033286.cds003.sk1.c
Access-Control-Allow-Origin: *
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 09 Nov 2022 20:41:09 GMT
expires: Wed, 09 Nov 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 6817
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash c3b9fb2c758dfad18cfcb870a8f14f49
d3bfd0d8cd64ae9f51013eaa51087bf9774dc5b7
3b4c6ee47a2fb0d9ed4ad676f66e6456893e077e1c944eca62013639f8ccc9d3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101111
Date: Wed, 09 Nov 2022 22:34:46 GMT
Etag: "636b0150-1d7"
Expires: Fri, 11 Nov 2022 02:39:57 GMT
Last-Modified: Wed, 09 Nov 2022 01:24:32 GMT
Server: ECS (dcb/7FA7)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 74QM7Cr3kfjFUXrr-4kYynj9tPvw4VyyJOlyaw_Fhh4g3AKFaY_cwg==
Age: 4525
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 82c95295023c4cedd687b9796d0bf912
87e16cfd5b5e0cc4944001914579e4312f9158d4
3339bdad2df7c661a441e902f5bc4c2a94ae6676099a64901a85b50800a6b982
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 22:34:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=948540075.1668033283&jid=642741796&gjid=410560160&_gid=1454120496.1668033283&_u=YADAAEAAAAAAACAAI~&z=560956121
64.233.165.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=948540075.1668033283&jid=642741796&gjid=410560160&_gid=1454120496.1668033283&_u=YADAAEAAAAAAACAAI~&z=560956121
IP 64.233.165.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=948540075.1668033283&jid=642741796&gjid=410560160&_gid=1454120496.1668033283&_u=YADAAEAAAAAAACAAI~&z=560956121 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://smartsecuredt.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 09 Nov 2022 22:34:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
statisticresearch.com/user-segments/?pid=TH
54.166.46.120200 OK 64 B URL HTTP/2 statisticresearch.com/user-segments/?pid=TH
IP 54.166.46.120:0
File type ASCII text, with no line terminators
Hash 2ba723d5370eb4a09c427fe9f149825d
5053eee8cda1f801c07ea3eb9ecba80a13a42e5a
fae4db7186c6f80b3f4c76e8424f7826d649d090e1c35e94c445a88f1bc6f657
GET /user-segments/?pid=TH HTTP/1.1
Host: statisticresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 22:34:46 GMT
server: nginx
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 82c95295023c4cedd687b9796d0bf912
87e16cfd5b5e0cc4944001914579e4312f9158d4
3339bdad2df7c661a441e902f5bc4c2a94ae6676099a64901a85b50800a6b982
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 22:34:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRPS8FB>m=2oeb70&_p=1300681809&cid=948540075.1668033283&ul=en-us&sr=1280x1024&_s=1&sid=1668033283&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D86f47e59-27d7-4e44-bd9c-5042398e42a9_740%26s2%3D6744abb16d2447dc72fa64f6dd996700%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRPS8FB>m=2oeb70&_p=1300681809&cid=948540075.1668033283&ul=en-us&sr=1280x1024&_s=1&sid=1668033283&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D86f47e59-27d7-4e44-bd9c-5042398e42a9_740%26s2%3D6744abb16d2447dc72fa64f6dd996700%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-C3EPRPS8FB>m=2oeb70&_p=1300681809&cid=948540075.1668033283&ul=en-us&sr=1280x1024&_s=1&sid=1668033283&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D86f47e59-27d7-4e44-bd9c-5042398e42a9_740%26s2%3D6744abb16d2447dc72fa64f6dd996700%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://smartsecuredt.com
date: Wed, 09 Nov 2022 22:34:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.smrt-assets.com/assets/1282/images/poster.png
23.36.76.144200 OK 0 B URL HTTP/1.1 cdn.smrt-assets.com/assets/1282/images/poster.png
IP 23.36.76.144:0
ASN #20940 Akamai International B.V.
GET /assets/1282/images/poster.png HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 692915
Last-Modified: Tue, 23 Mar 2021 08:47:07 GMT
ETag: "a4e969f6e5311f88deffe0899b2605b0"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-P1
X-Amz-Cf-Id: hpFoEprQAdhVCvaGC-glIACkXomd2j1eFwSm-ybbwAF4_Dk5IqTyug==
Date: Wed, 09 Nov 2022 22:34:46 GMT
Connection: keep-alive
v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wuhs9j76hj69kubkiuqepm0s&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740
18.195.157.163302 Found 0 B URL HTTP/2 v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wuhs9j76hj69kubkiuqepm0s&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740
IP 18.195.157.163:0
Analyzer Verdict Alert quad9 Sinkholed
GET /click?a=558&o=2892&sub_id1=wuhs9j76hj69kubkiuqepm0s&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740 HTTP/1.1
Host: v2.trckguardlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 09 Nov 2022 22:34:45 GMT
content-type: text/html; charset=UTF-8
location: https://v2.trckguardlnk.com/click?a=558&sub_id1=wuhs9j76hj69kubkiuqepm0s&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&o=2219
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; expires=Fri, 09-Dec-2022 22:34:45 GMT; Max-Age=2592000; path=/; secure; SameSite=None
X-Firefox-Spdy: h2