r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6736
Expires: Sat, 10 Dec 2022 17:38:14 GMT
Date: Sat, 10 Dec 2022 15:45:58 GMT
Connection: keep-alive
gotdate.xyz/tds?tdsId=s6394rie_r&s1=rs&utm_source=jump&utm_campaign={utm_campaign}&p1=your-meet.com
3.69.246.149302 Found 0 B URL HTTP/1.1 gotdate.xyz/tds?tdsId=s6394rie_r&s1=rs&utm_source=jump&utm_campaign={utm_campaign}&p1=your-meet.com
IP 3.69.246.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?tdsId=s6394rie_r&s1=rs&utm_source=jump&utm_campaign={utm_campaign}&p1=your-meet.com HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 10 Dec 2022 15:45:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
Set-Cookie: dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131; Max-Age=31536000; Domain=.gotdate.xyz; Path=/; Expires=Sun, 10 Dec 2023 15:45:58 GMT; Secure; SameSite=None
dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Thu, 15 Dec 2022 15:45:58 GMT
Location: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2261
Expires: Sat, 10 Dec 2022 16:23:39 GMT
Date: Sat, 10 Dec 2022 15:45:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9833
Expires: Sat, 10 Dec 2022 18:29:51 GMT
Date: Sat, 10 Dec 2022 15:45:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 15:08:24 GMT
content-type: application/json
age: 2254
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QOmndlCd8hJB0K5wZSksAmpAfdwi3LNxW0UDI9oEcY/rdwvBkeeZoUwARqVKLDrFHt6YHG5NtLw=
x-amz-request-id: BAEQQA1PKMMJ015J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 14:48:50 GMT
age: 3429
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 291dbd96d4a7d5659d557ff89379c7f3
990bdc5ca038ca562e3a67ad65d1717186e1be87
5c7147ce6c668b47cad7bf983fc04f3f3ad5e867586e695c7d87232727b54157
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111799
Date: Sat, 10 Dec 2022 15:45:59 GMT
Etag: "6393bb6e-1d7"
Expires: Sun, 11 Dec 2022 22:49:18 GMT
Last-Modified: Fri, 09 Dec 2022 22:49:18 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oFcTLU8r-ozi6ZevMzngbUP-mKjBaZjWtNEfj0LB44uKsn4O3KJ8KA==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 15:33:14 GMT
age: 765
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 44d4574b46375a2d215ae74bc5eae610
5257ed3edeb56231a9bee921671bb2e0c566000e
923454b28e4fa10085df809768a75c2d9f58f104afa016c06ccca7a26479073b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 813
Cache-Control: max-age=149664
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:45:59 GMT
Etag: "63944c2a-1d7"
Expires: Mon, 12 Dec 2022 09:20:23 GMT
Last-Modified: Sat, 10 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:45:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gotdate.xyz/bridge/intg.js?v=8
3.69.246.149200 OK 317 B URL HTTP/2 gotdate.xyz/bridge/intg.js?v=8
IP 3.69.246.149:0
File type ASCII text, with very long lines (316)
Hash d9bd6d4fe07232e0fcae03c7e68d4e81
4a7e1c2e8cc35c2ff31c71175095f4b1a2b8c17b
0ad2eb2d6a74f3d18026ab24c088ca7c561a742fd870e44045db9d823ac0a3c6
GET /bridge/intg.js?v=8 HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/javascript; charset=UTF-8
content-length: 317
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Tue, 06 Dec 2022 23:13:59 GMT
etag: W/"13d-184e9b7aad8"
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
104.17.25.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (48316), with no line terminators
Hash 2e46e3b0807c19e0ee85603dd4ba3f72
cb55679976d9a5d9933f291218b8ff0f95ebdc17
87a3f839cfc8bca3368a7dec7c5ff14e5f613928e899b601292b5a1f1bd5dc05
GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2067521
expires: Thu, 30 Nov 2023 15:45:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cx4gbzAddBHpnojjzTYxS2S3iekaEpcRvR7fo2ttpRS7vjt6VwFFGbJ2ZktsZCcB3mZblPApiRdXPw8L4cL2nRb7788goZ%2FdXVAhC3mzhQ1DEr28GKn7Lza39eIZtI02%2BqKGdeES"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77771c5c39feb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 260c3fb796ad9a4f2f09a4074de5a0d2
ee71498ca8254c112b3494043fe4307bebe9d4b9
17fff3556686fce2f7820a5fef53b0bef79d3473e0bae286c2159c08b8ebdef9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126599
Date: Sat, 10 Dec 2022 15:45:59 GMT
Etag: "6393dff6-1d7"
Expires: Mon, 12 Dec 2022 02:55:58 GMT
Last-Modified: Sat, 10 Dec 2022 01:25:10 GMT
Server: ECS (dcb/7F82)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tq9ivyvgcrg6ERKvkb39CShh74KAREp84CiyUxS5x1G_1bmTlz9cVg==
Age: 5448
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:45:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn3reference.com/landings/20001/images/3.gif
54.230.111.111200 OK 295 kB URL HTTP/2 cdn3reference.com/landings/20001/images/3.gif
IP 54.230.111.111:0
File type GIF image data, version 89a, 620 x 327\012- data
Size 295 kB (295428 bytes)
Hash 4fc012fd91ac40389304b8b5cb05a6c3
6a03861bd1ddfe5d4ae047ff9625c8b62add65ae
8b8a4097806f810bf7a1371fc109e047b377f3dffc8df72b70de9e279aa737ed
GET /landings/20001/images/3.gif HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 295428
server: nginx
last-modified: Tue, 20 Sep 2016 12:40:24 GMT
accept-ranges: bytes
date: Sat, 10 Dec 2022 15:45:59 GMT
cache-control: public, max-age=604800
etag: "48204-53cefbb7dfe00"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X1ufmnzjATnAMzChwd70TdMQdUKM7vVOH6jG14mE0tyBdh-6LCyKuw==
X-Firefox-Spdy: h2
gotdate.xyz/bridge/ao_loader.js
3.69.246.149200 OK 836 B URL HTTP/2 gotdate.xyz/bridge/ao_loader.js
IP 3.69.246.149:0
File type ASCII text, with very long lines (835)
Hash 9c129816fdafb5e9525563ba64018bd7
79dfb5a385a3583a597716ac4b1e1649e9b9994d
43d06cd88d872d0f1ab73eda7cf55805382dfd0d56bb90aad3398c72a5bb4acf
Analyzer Verdict Alert fortinet Phishing
GET /bridge/ao_loader.js HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/javascript; charset=UTF-8
content-length: 836
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Tue, 06 Dec 2022 23:13:59 GMT
etag: W/"344-184e9b7aad8"
vary: Accept-Encoding
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.213.121.129101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.121.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9F5IWbgWsPKbLOOEJ/rRXQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qHgBLCsMjWmau8tSm/xERJIaUjg=
gotdate.xyz/ufis/rtr?referer=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001
3.69.246.149200 OK 10 B URL HTTP/2 gotdate.xyz/ufis/rtr?referer=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001
IP 3.69.246.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c2db64f99c6ebc0162f2ff0a32704299
d483e5dbd40c7600c97357394ebe7c7e747aee9f
0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6
GET /ufis/rtr?referer=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001 HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/json; charset=utf-8
content-length: 10
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"a-1IPl29QMdgDJc1c5Tr58fnR67p8"
vary: Accept-Encoding
X-Firefox-Spdy: h2
gotdate.xyz/ufis/recaptcha/inject/gotdate.xyz?placement=default&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001
3.69.246.149200 OK 27 B URL HTTP/2 gotdate.xyz/ufis/recaptcha/inject/gotdate.xyz?placement=default&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001
IP 3.69.246.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c7f55b876f962b6dc8dc3b2145a13315
aef7bcbe00d506bf8ae34b4f469ccc69b701fdb4
341891286e02aad359716b2976363f926c510a574f3ec042f10fb056f629f9af
GET /ufis/recaptcha/inject/gotdate.xyz?placement=default&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001 HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/json; charset=utf-8
content-length: 27
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1b-rve8vgDVBr+K40tPRpzMabcB/bQ"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:46:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:46:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gotdate.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 420799
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:46:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash b1f9aa9f1030aa318b0573312c4d3096
b4db7b18885eeedd2addb84f46e139405f3a7fe5
85b83bfbfdad799d9a9b76086af7b87515f2322c5e7c78aa8b81dc0b7abfd47d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 10 Dec 2022 15:46:00 GMT
Last-Modified: Sat, 10 Dec 2022 14:11:04 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 97p1Cuwy83Hv795jpdCVm56V0gKfXHTOClFUelH0JUKJJI3xWZDI0g==
Age: 5696
gotdate.xyz/ufis/ipp/track?uaDataValues={}&networkGroup=
3.69.246.149200 OK 20 B URL HTTP/2 gotdate.xyz/ufis/ipp/track?uaDataValues={}&networkGroup=
IP 3.69.246.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST /ufis/ipp/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Content-Type: application/json
Origin: https://gotdate.xyz
Content-Length: 410
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:00 GMT
content-type: application/json; charset=utf-8
content-length: 20
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
gotdate.xyz/ufis/ipp/track?uaDataValues={}&networkGroup=
3.69.246.149200 OK 20 B URL HTTP/2 gotdate.xyz/ufis/ipp/track?uaDataValues={}&networkGroup=
IP 3.69.246.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST /ufis/ipp/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Content-Type: application/json
Origin: https://gotdate.xyz
Content-Length: 420
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:00 GMT
content-type: application/json; charset=utf-8
content-length: 20
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
gotdate.xyz/ufis/webpush/track?uaDataValues={}&networkGroup=
3.69.246.149200 OK 30 B URL HTTP/2 gotdate.xyz/ufis/webpush/track?uaDataValues={}&networkGroup=
IP 3.69.246.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1137
Origin: https://gotdate.xyz
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:00 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
gotdate.xyz/ufis/webpush/track?uaDataValues={}&networkGroup=
3.69.246.149200 OK 30 B URL HTTP/2 gotdate.xyz/ufis/webpush/track?uaDataValues={}&networkGroup=
IP 3.69.246.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1198
Origin: https://gotdate.xyz
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:01 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Sat, 10 Dec 2022 16:54:27 GMT
Date: Sat, 10 Dec 2022 15:46:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Sat, 10 Dec 2022 16:54:27 GMT
Date: Sat, 10 Dec 2022 15:46:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Sat, 10 Dec 2022 16:54:27 GMT
Date: Sat, 10 Dec 2022 15:46:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Sat, 10 Dec 2022 16:54:27 GMT
Date: Sat, 10 Dec 2022 15:46:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4106
Expires: Sat, 10 Dec 2022 16:54:27 GMT
Date: Sat, 10 Dec 2022 15:46:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e8e86712ca485e90f958dc16ec8dbff
78de6033ca9bca46953483801f19591c2ff47bbe
2984d8b533e095654d5e1c5fa826dc93cbd16ac8bdb5d974fd2d283a86f44874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: 80dfc074-73f4-4b47-95fb-57169d32cf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNbHhYoAMF2Kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-6f54d0bf6d9246cd48d44352;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8aHbgs9DELCrVY_4QHSKpScXzzCW7bdBlNh_YEUGaas-bJTd9nsSVg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:07 GMT
age: 64374
etag: "78de6033ca9bca46953483801f19591c2ff47bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 052b61a3bd1c839e1f5ce37834cad817
1fbbf8fb328a1406904d6346004e2c89c6ba2419
96dcb266eaec98f6305071598df3b49ca93234e0e8b1c8c9801a1a99d7f5c817
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7811
x-amzn-requestid: dc97f86e-a29c-4139-887a-e775a0327280
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4EH_oAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-3a38086160ac180b3f8cf5d8;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TM_0Q_GmJDuXth6JpRvm_JAZXwT-xFZEjzuMeIzfzBu1J5jQ_Tng9A==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:15:38 GMT
etag: "1fbbf8fb328a1406904d6346004e2c89c6ba2419"
content-type: image/jpeg
age: 63023
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gotdate.xyz/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
3.69.246.149200 OK 30 B URL HTTP/2 gotdate.xyz/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
IP 3.69.246.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues=%7B%7D&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gotdate.xyz/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
content-type: application/json; charset=UTF-8
Origin: https://gotdate.xyz
Content-Length: 1154
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:01 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YTqJN92gTy04q3obEXe4P1gmG2h9b2IQjjSkkUXyqnfFOL67uobN4Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:58:18 GMT
age: 64063
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9051770b3587c195bea670f8820e8cfe
abf58087f0e345202da088238daea85d177b431b
f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: bVrZoVci4YfYCRAZqXhH60jeZdSTx3uS0lLKZB9DOfHBiqFvyAAkfw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:17 GMT
age: 64364
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0cb823bf2991a7047962ee388f00dc0
4a0377cd21b6ab69f7e45392a547c9846e607464
86e8e629ffd2efe7c4c86a7e140412dae81a35376cb7f03ee511c6e1d023c788
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8caef8f-937f-4132-9440-daa516389582.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9948
x-amzn-requestid: 0b1400a6-7791-468f-a1d5-b46836e7b164
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMEGNZoAMF7ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4d-124f9a6f03db01a67784657f;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oTKfu5W6CwOWjb8xOm9ZTu_X_w4JXU7uz4BstlwXZ9k8strPr9H4vg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:22 GMT
age: 64359
etag: "4a0377cd21b6ab69f7e45392a547c9846e607464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 05:47:56 GMT
age: 35885
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.gen-ref.com/image/en1lok9l.png
54.230.111.54200 OK 52 kB URL HTTP/2 cdn.gen-ref.com/image/en1lok9l.png
IP 54.230.111.54:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e46cea23fb66c015f2ad91789ee87c4
ab6ac43ea5cceaacc17a8f80c9c171757f0211cd
ab4c8d75000f1ad0f9df9810edc7ca283a7d05207e81b33a2dccc9ac793fe1b6
GET /image/en1lok9l.png HTTP/1.1
Host: cdn.gen-ref.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 52144
last-modified: Wed, 24 Nov 2021 17:12:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Dec 2022 15:46:02 GMT
etag: "3e46cea23fb66c015f2ad91789ee87c4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: STBhZ0ZHFY6MgOriwwDYyqqFvfe8XnGsMuWtzEQsLHGGuyTWAHNFLw==
X-Firefox-Spdy: h2
cdn3reference.com/landings/20001/css/92482b4504e1654b7654135c7442aa4e.css
54.230.111.111200 OK 0 B URL HTTP/2 cdn3reference.com/landings/20001/css/92482b4504e1654b7654135c7442aa4e.css
IP 54.230.111.111:0
GET /landings/20001/css/92482b4504e1654b7654135c7442aa4e.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sat, 10 Dec 2022 15:45:59 GMT
last-modified: Tue, 29 Mar 2022 11:55:03 GMT
content-encoding: gzip
etag: W/"70a-5db5a1962d3c0"
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M87GO-65soT82-z3vI5FAS9JZ2fyv_XSiirIHePnMl31eRRsASte4w==
X-Firefox-Spdy: h2
gotdate.xyz/bridge/frodi_data.js
3.69.246.149200 OK 0 B URL HTTP/2 gotdate.xyz/bridge/frodi_data.js
IP 3.69.246.149:0
Analyzer Verdict Alert fortinet Phishing
GET /bridge/frodi_data.js HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Tue, 06 Dec 2022 23:13:59 GMT
etag: W/"19f8-184e9b7aad8"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
retarget2core.com/fp/fp_ec.js
18.184.95.183200 OK 0 B URL HTTP/2 retarget2core.com/fp/fp_ec.js
IP 18.184.95.183:0
GET /fp/fp_ec.js HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:00 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Tue, 06 Dec 2022 23:13:59 GMT
etag: W/"4bd-184e9b7aad8"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700
IP 142.250.74.74:0
GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Dec 2022 15:45:59 GMT
date: Sat, 10 Dec 2022 15:45:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn3reference.com/js/dc_img.js?v=8
54.230.111.111200 OK 0 B URL HTTP/2 cdn3reference.com/js/dc_img.js?v=8
IP 54.230.111.111:0
GET /js/dc_img.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 10 Dec 2022 15:45:59 GMT
last-modified: Thu, 29 Oct 2020 09:22:15 GMT
content-encoding: gzip
etag: W/"1e8-5b2cbd0d9620d"
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5l35Q3n0n5tlPY8YIrxTiKTbhM8mEqTSZRDCNSR2OAYslrZBfBfR-w==
X-Firefox-Spdy: h2
gotdate.xyz/integration.js
3.69.246.149200 OK 0 B URL HTTP/2 gotdate.xyz/integration.js
IP 3.69.246.149:0
Analyzer Verdict Alert fortinet Phishing
GET /integration.js HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"70e-YKqzjYG2/mLc3rs1J0HJusMrpKc"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gotdate.xyz/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001&uaDataValues={}
3.69.246.149200 OK 0 B URL HTTP/2 gotdate.xyz/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001&uaDataValues={}
IP 3.69.246.149:0
GET /ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fgotdate.xyz%2Fjump%3Futm_source%3Djump%26s2%3D%257Bs2%257D%26tds_host%3Dgotdate.xyz%26tds_ao%3D3%26_tgUrl%3DaHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%253D%253D%26utm_campaign%3D%257Butm_campaign%257D%26tds_ac_id%3Ds6394rie%26s4%3D%257Bs4%257D%26s5%3D%257Bs5%257D%26tds_oid%3D20001%26tds_rt%3D%26dci%3Dad5f39ea5cee452f5d112f1e421df47f7ca34131%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_cid%3Db6e4be92ba3a82b3d134356a5efc055f7aad73c4%26s1%3Drs%26tds_campaign%3Db1023rie%26s3%3D%257Bs3%257D%26id%3D20001&uaDataValues={} HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"22710-DfsUuC9fgU8i09Z/BQTQei0WJco"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gotdate.xyz/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
3.69.246.149200 OK 0 B URL HTTP/2 gotdate.xyz/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
IP 3.69.246.149:0
GET /ufis/webpush/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:01 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"35e5-ggvNzPbrS4iAvrqVuh7HqGhzYqo"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
3.69.246.149200 OK 0 B URL HTTP/2 gotdate.xyz/jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001
IP 3.69.246.149:0
GET /jump?utm_source=jump&s2=%7Bs2%7D&tds_host=gotdate.xyz&tds_ao=3&_tgUrl=aHR0cHM6Ly9nb3RkYXRlLnh5ei90ZHMvdGcvcy81ZjM0YzliMjdlNjZlNDc1ZGZkNmZjZmE2NGZlOTlhYz9fX3Q9MTY3MDY4NzE1ODk0NyZfX2w9MzYwMA%3D%3D&utm_campaign=%7Butm_campaign%7D&tds_ac_id=s6394rie&s4=%7Bs4%7D&s5=%7Bs5%7D&tds_oid=20001&tds_rt=&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&tds_id=b1023rie_jump_a_1587034661799&tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&s1=rs&tds_campaign=b1023rie&s3=%7Bs3%7D&id=20001 HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:45:59 GMT
content-type: text/html; charset=UTF-8
server: nginx
content-encoding: br
X-Firefox-Spdy: h2
cdn3reference.com/landings/20001/js/9201c561338075754b824dbd541b9980.js
54.230.111.111200 OK 0 B URL HTTP/2 cdn3reference.com/landings/20001/js/9201c561338075754b824dbd541b9980.js
IP 54.230.111.111:0
GET /landings/20001/js/9201c561338075754b824dbd541b9980.js HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 10 Dec 2022 15:46:00 GMT
last-modified: Tue, 29 Mar 2022 11:55:03 GMT
content-encoding: gzip
etag: W/"17ba7-5db5a1962d3c0"
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rxmcVogU1dHAodhVnmXIuHbZ0FwjE_KgLz4xemvF-Ncp0riYKNdtJw==
X-Firefox-Spdy: h2
gotdate.xyz/ufis/pwa/sw.js?uaDataValues={}&networkGroup=
3.69.246.149200 OK 0 B URL HTTP/2 gotdate.xyz/ufis/pwa/sw.js?uaDataValues={}&networkGroup=
IP 3.69.246.149:0
GET /ufis/pwa/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:00 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"8a5-jxVx3HNgm8c2Bvxd6GQ6e3r2rSU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&j_type=open&jump=20001&jump_name=
18.184.95.183200 OK 0 B URL HTTP/2 retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&j_type=open&jump=20001&jump_name=
IP 18.184.95.183:0
GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=b6e4be92ba3a82b3d134356a5efc055f7aad73c4&dci=ad5f39ea5cee452f5d112f1e421df47f7ca34131&j_type=open&jump=20001&jump_name= HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gotdate.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:46:00 GMT
content-type: image/gif
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
set-cookie: dci=84f4572a52daead571f299c071cb01c4e1e90e42; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Sun, 10 Dec 2023 15:46:00 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2