td.takemyquote.com/f/a/c9WXANlg77bdAjt19PClXg~~/AAAq-QA~/RgRlYY37P0UDQ1RBRIhodHRwczovL2Nkbi50YWtlbXlxdW90ZS5jb20vcmRyL1lXRTlPRFE1TkRBek5qRTRKbk5sYVQweE1ERXpOamd3TmlaMGF6MXVOemxuVWxCdk5sWXhlVm94VUZkWVMwdzRPU1owUFRJbVl6MDVNR0Z6T0RjMlptUTRPV0Z6Tldabk9HRXdPWE09VwVzcGNldUIKY3P7CH9j8qNsJlIgY2FybXN0cm9uZ0BzY290bWlkZnVuZXJhbHMuY28udWtYBAAAAAA~
172.67.179.30302 Found 316 B URL HTTP/1.1 td.takemyquote.com/f/a/c9WXANlg77bdAjt19PClXg~~/AAAq-QA~/RgRlYY37P0UDQ1RBRIhodHRwczovL2Nkbi50YWtlbXlxdW90ZS5jb20vcmRyL1lXRTlPRFE1TkRBek5qRTRKbk5sYVQweE1ERXpOamd3TmlaMGF6MXVOemxuVWxCdk5sWXhlVm94VUZkWVMwdzRPU1owUFRJbVl6MDVNR0Z6T0RjMlptUTRPV0Z6Tldabk9HRXdPWE09VwVzcGNldUIKY3P7CH9j8qNsJlIgY2FybXN0cm9uZ0BzY290bWlkZnVuZXJhbHMuY28udWtYBAAAAAA~
IP 172.67.179.30:0
File type HTML document, ASCII text, with very long lines (316), with no line terminators
Hash 26870e602414cdda46141206830b7e65
8ebe33b216a9990fc328b35939672b64835175bf
7d3486ef1f43a34105bfa1e7f1f982ebc8d99b7d430c52afcf38294ae1c3730a
Analyzer Verdict Alert fortinet Phishing
GET /f/a/c9WXANlg77bdAjt19PClXg~~/AAAq-QA~/RgRlYY37P0UDQ1RBRIhodHRwczovL2Nkbi50YWtlbXlxdW90ZS5jb20vcmRyL1lXRTlPRFE1TkRBek5qRTRKbk5sYVQweE1ERXpOamd3TmlaMGF6MXVOemxuVWxCdk5sWXhlVm94VUZkWVMwdzRPU1owUFRJbVl6MDVNR0Z6T0RjMlptUTRPV0Z6Tldabk9HRXdPWE09VwVzcGNldUIKY3P7CH9j8qNsJlIgY2FybXN0cm9uZ0BzY290bWlkZnVuZXJhbHMuY28udWtYBAAAAAA~ HTTP/1.1
Host: td.takemyquote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 24 Nov 2022 07:03:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: noindex
Location: https://cdn.takemyquote.com/rdr/YWE9ODQ5NDAzNjE4JnNlaT0xMDEzNjgwNiZ0az1uNzlnUlBvNlYxeVoxUFdYS0w4OSZ0PTImYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=
Vary: Accept
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82lm3bfjl3yt4%2FTKwxC5LyqHALgKVsCGv92ZOqBBanj7%2FEMVLH3nK5V1ORj58EiIfwMMAP5TFLWQ4m2Ay8QhcqHLZtV46eykmZRGZzYCncGLXYMPlq5dM7qFaBnnp0FLDq5Ep30%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f04874bab1b50c-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17350
Expires: Thu, 24 Nov 2022 11:52:18 GMT
Date: Thu, 24 Nov 2022 07:03:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4502
Cache-Control: max-age=103390
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:03:08 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:46:18 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19849
Expires: Thu, 24 Nov 2022 12:33:57 GMT
Date: Thu, 24 Nov 2022 07:03:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 06:17:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2753
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tlvwEUrAw2fUs7nwIcHknv+ck9eYc3ig3ov9Px/5nB7RRAzqkhQDm0cK4sHQxLpUBMq7fFAA/1o=
x-amz-request-id: 54DYSF9AYJ6G3QS0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 06:43:18 GMT
age: 1190
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 44a174e001b8d17756f5efc22e653a71
67f7836f673563f3401e066b16406dcc098b796f
b064717240fdbcca0ff10b22d086001d7b4c5aafc27bb485d0062369df8339f2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2454
Cache-Control: max-age=92665
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:03:08 GMT
Etag: "637dd48f-117"
Expires: Fri, 25 Nov 2022 08:47:33 GMT
Last-Modified: Wed, 23 Nov 2022 08:06:39 GMT
Server: ECS (amb/6BB9)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 07:03:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 44a174e001b8d17756f5efc22e653a71
67f7836f673563f3401e066b16406dcc098b796f
b064717240fdbcca0ff10b22d086001d7b4c5aafc27bb485d0062369df8339f2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2454
Cache-Control: max-age=92665
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:03:08 GMT
Etag: "637dd48f-117"
Expires: Fri, 25 Nov 2022 08:47:33 GMT
Last-Modified: Wed, 23 Nov 2022 08:06:39 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 63fe9c7ad0bc826355a14c026ac198b4
3fc3ec78547b909e2a6995613e5044f1de9dfe3a
8bd2c43be5b7beb9444263fd642461949d71a56e4bb8fa5685b269c32a864c38
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8BD2C43BE5B7BEB9444263FD642461949D71A56E4BB8FA5685B269C32A864C38"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16364
Expires: Thu, 24 Nov 2022 11:35:53 GMT
Date: Thu, 24 Nov 2022 07:03:09 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 63fe9c7ad0bc826355a14c026ac198b4
3fc3ec78547b909e2a6995613e5044f1de9dfe3a
8bd2c43be5b7beb9444263fd642461949d71a56e4bb8fa5685b269c32a864c38
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "8BD2C43BE5B7BEB9444263FD642461949D71A56E4BB8FA5685B269C32A864C38"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16364
Expires: Thu, 24 Nov 2022 11:35:53 GMT
Date: Thu, 24 Nov 2022 07:03:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 06:11:11 GMT
cache-control: public,max-age=3600
age: 3118
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 323b636fff363ffe454c5a24b4b3dfba
64b3719c9ebc28c4a69babb6221462d5cd99f074
5b5aabd1ce5e51d3b5c0e69daebd5cd87a6a831a8956df99b3c1d1ffd7684f2a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B5AABD1CE5E51D3B5C0E69DAEBD5CD87A6A831A8956DF99B3C1D1FFD7684F2A"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5173
Expires: Thu, 24 Nov 2022 08:29:22 GMT
Date: Thu, 24 Nov 2022 07:03:09 GMT
Connection: keep-alive
clk.tradedoubler.com/click?p=278082&a=2933420&g=25304198&url=https://sme-bizzdeals.co.uk/NP_1872_UK_0722/?qcp=NP_1872_UK_0722
35.186.231.97200 OK 1.1 kB URL HTTP/2 clk.tradedoubler.com/click?p=278082&a=2933420&g=25304198&url=https://sme-bizzdeals.co.uk/NP_1872_UK_0722/?qcp=NP_1872_UK_0722
IP 35.186.231.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (429)
Hash d1bab99731107b8639486d8d43e26eb7
4c350dcf67cc5f9844dd9100a549c6658f4dc841
ab0b9a82a4c55c9a0c9e5b19880ea87a8db70428e6cc2ed06576ffae3e9e3cfc
GET /click?p=278082&a=2933420&g=25304198&url=https://sme-bizzdeals.co.uk/NP_1872_UK_0722/?qcp=NP_1872_UK_0722 HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fashionslabs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=ISO-8859-1
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Thu, 24 Nov 2022 07:03:08 GMT
content-length: 1056
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2308
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:03:09 GMT
Last-Modified: Thu, 24 Nov 2022 06:24:41 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 323b636fff363ffe454c5a24b4b3dfba
64b3719c9ebc28c4a69babb6221462d5cd99f074
5b5aabd1ce5e51d3b5c0e69daebd5cd87a6a831a8956df99b3c1d1ffd7684f2a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B5AABD1CE5E51D3B5C0E69DAEBD5CD87A6A831A8956DF99B3C1D1FFD7684F2A"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5173
Expires: Thu, 24 Nov 2022 08:29:22 GMT
Date: Thu, 24 Nov 2022 07:03:09 GMT
Connection: keep-alive
vht.tradedoubler.com/fp/prefs.js
54.230.111.94200 OK 3.7 kB URL HTTP/1.1 vht.tradedoubler.com/fp/prefs.js
IP 54.230.111.94:0
File type ASCII text, with very long lines (764)
Hash 9042aeefa6b50fd89dafd065aee87148
0903b60da6faa7a16b30fe42a0974ae20c0e09bf
dcde81d721f2b5f9e932b434eff9f39b07ce0803a772c991296ddd4e9e8e0b30
GET /fp/prefs.js HTTP/1.1
Host: vht.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 3705
Connection: keep-alive
Date: Thu, 17 Nov 2022 08:28:02 GMT
Server: Apache
Strict-Transport-Security: max-age=15552000; includeSubDomains
Last-Modified: Mon, 15 Oct 2018 09:28:46 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kobbhOlFrTycIsJI2RfaoaTkmULbU70-01-ddhY-ygF709KXBIlv8w==
Age: 599707
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
push.services.mozilla.com/
44.240.57.100101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.57.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ldLvE+s9pqetZnMqdEOHJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: s+8URr6JhCYZ2olDYvsyxrpbpoo=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 17c2e788eae4fe278b0c8a720a8c9583
b6dd44df4078893e188ae0a95399f1a05f95c203
2cffc041b3e248f24bc29b3b1cf9cc2d8ba29f47d6ddf104b3f598a22e637c52
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CFFC041B3E248F24BC29B3B1CF9CC2D8BA29F47D6DDF104B3F598A22E637C52"
Last-Modified: Tue, 22 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 24 Nov 2022 13:03:09 GMT
Date: Thu, 24 Nov 2022 07:03:09 GMT
Connection: keep-alive
sme-bizzdeals.co.uk/NP_1872_UK_0722/?qcp=NP_1872_UK_0722&tduid=8fbef3524b08d05b1978919724c057af
87.98.186.190200 OK 2.5 kB URL HTTP/2 sme-bizzdeals.co.uk/NP_1872_UK_0722/?qcp=NP_1872_UK_0722&tduid=8fbef3524b08d05b1978919724c057af
IP 87.98.186.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1652), with CRLF, LF line terminators
Hash 056e7169f517f72a2aba6fa47ef41f71
4f956729fbd1755453257ac2dd0e72c4498e4495
ef5ac013bebf3ec0694f99219f19c80e6e4880766011ab19c4725996d88f8f8b
GET /NP_1872_UK_0722/?qcp=NP_1872_UK_0722&tduid=8fbef3524b08d05b1978919724c057af HTTP/1.1
Host: sme-bizzdeals.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 07:03:09 GMT
content-type: text/html; charset=UTF-8
content-length: 2521
x-powered-by: PHP/5.6.32
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
sme-bizzdeals.co.uk/NP_1872_UK_0722/img/image_lps.jpg
87.98.186.190200 OK 57 kB URL HTTP/2 sme-bizzdeals.co.uk/NP_1872_UK_0722/img/image_lps.jpg
IP 87.98.186.190:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=165, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=315], progressive, precision 8, 315x165, components 3\012- data
Hash 2929591e799e2eb1c9b6c0356ff2b986
04520ca67e07cd14af42b18ef2bd7cd729517555
e55273c0a0c536704d8cabb0922a888489fdda22b29cd16ff10948740fd87519
GET /NP_1872_UK_0722/img/image_lps.jpg HTTP/1.1
Host: sme-bizzdeals.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sme-bizzdeals.co.uk/NP_1872_UK_0722/?qcp=NP_1872_UK_0722&tduid=8fbef3524b08d05b1978919724c057af
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 07:03:10 GMT
content-type: image/jpeg
content-length: 56759
last-modified: Mon, 10 Oct 2022 10:49:59 GMT
etag: "ddb7-5eaabebc2dc10"
accept-ranges: bytes
X-Firefox-Spdy: h2
sme-bizzdeals.co.uk/NP_1872_UK_0722/css/styles.css
87.98.186.190200 OK 1.7 kB URL HTTP/2 sme-bizzdeals.co.uk/NP_1872_UK_0722/css/styles.css
IP 87.98.186.190:0
File type ASCII text, with CRLF line terminators
Hash 07ad2e08a91e75bfaf55cdc6086a4a8b
45ce6a5ec955515417330bed08e0a241d56051d1
f2b06198d9f758ed8ce8e5c4b0ba4d48b918ebcdaeeb05990345d2b239b3c818
GET /NP_1872_UK_0722/css/styles.css HTTP/1.1
Host: sme-bizzdeals.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sme-bizzdeals.co.uk/NP_1872_UK_0722/?qcp=NP_1872_UK_0722&tduid=8fbef3524b08d05b1978919724c057af
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 07:03:10 GMT
content-type: text/css
content-length: 1716
last-modified: Mon, 10 Oct 2022 10:49:55 GMT
etag: "1d12-5eaabeb8f96f8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-K2LSTN
142.250.74.168200 OK 94 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K2LSTN
IP 142.250.74.168:0
File type ASCII text, with very long lines (65324)
Hash d79b1246dfd9d9d01a2c61cd7108efef
de3ae0a3de60340c1e8773609d2de22722afa080
1b9d93b06ab6e24d1c1a2618722c213beee980b20f24a75f0bd1ee6a6a4f2ccf
GET /gtm.js?id=GTM-K2LSTN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sme-bizzdeals.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 07:03:10 GMT
expires: Thu, 24 Nov 2022 07:03:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94176
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 54490e1b1ff7537f2e1f8762059c5028
c2e2901f34074e779ac788ae71450d0731e24685
c8c66d9614178a0b433d5bc1e1535b1430307548dfa176d1bd56f32833e64b6f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129126
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 07:03:10 GMT
Etag: "637e6c94-117"
Expires: Fri, 25 Nov 2022 18:55:16 GMT
Last-Modified: Wed, 23 Nov 2022 18:55:16 GMT
Server: nginx
Content-Length: 279
sdk.privacy-center.org/92502d09-0e0f-4b5a-8590-cad06e72159e/loader.js?target=sme-bizzdeals.co.uk
54.230.111.7200 OK 23 kB URL HTTP/2 sdk.privacy-center.org/92502d09-0e0f-4b5a-8590-cad06e72159e/loader.js?target=sme-bizzdeals.co.uk
IP 54.230.111.7:0
File type Unicode text, UTF-8 text, with very long lines (55776), with no line terminators
Hash 2b6a0a8800ad9ef5cd6b4c3a6b3260c0
79130583e1e6573206d0247b77d20ecf3bef8019
ca3fd15dde12e21de068b748e6c442eeec1f0e99fde1efb24088d62d0f5f21a1
GET /92502d09-0e0f-4b5a-8590-cad06e72159e/loader.js?target=sme-bizzdeals.co.uk HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sme-bizzdeals.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 22563
server: CloudFront
date: Thu, 24 Nov 2022 07:03:10 GMT
x-didomi-remote-config-source: Lambda
content-encoding: gzip
cache-control: max-age=7200, public
etag: "6538a5f2e8fed7e7aa90f93b6033d867"
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7VJnOejAS075cE6CjeVhhI2C0zKp37kH3-8bxAMg-adLTrLdaMkizw==
X-Firefox-Spdy: h2
sme-bizzdeals.co.uk/NP_1872_UK_0722/img/puce.jpg
87.98.186.190200 OK 439 B URL HTTP/2 sme-bizzdeals.co.uk/NP_1872_UK_0722/img/puce.jpg
IP 87.98.186.190:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 6x7, components 3\012- data
Hash fd92ec7a69ba1665e2c79d90ecabea17
743541e79bd0b262bf71328642f8c4fa22b2f5fd
5b9f095ee67f7b66024293931eb2ac7d50cff4c47e50c9134422f2ad04bfc1dc
GET /NP_1872_UK_0722/img/puce.jpg HTTP/1.1
Host: sme-bizzdeals.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sme-bizzdeals.co.uk/NP_1872_UK_0722/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 07:03:10 GMT
content-type: image/jpeg
content-length: 439
last-modified: Mon, 10 Oct 2022 10:49:59 GMT
etag: "1b7-5eaabebcb9674"
accept-ranges: bytes
X-Firefox-Spdy: h2
sme-bizzdeals.co.uk/NP_1872_UK_0722/img/bg-mas.jpg
87.98.186.190200 OK 7.8 kB URL HTTP/2 sme-bizzdeals.co.uk/NP_1872_UK_0722/img/bg-mas.jpg
IP 87.98.186.190:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=75, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1], baseline, precision 8, 1x100, components 3\012- data
Hash 060b34d63bcb756f234da37e2bc97722
0548dd9334c5ab1a8c4a976bf6c73e437ba09af7
7ec82924d8c50183bda9d4b5ad0077ea18720ef35342cef839f626195350a29c
GET /NP_1872_UK_0722/img/bg-mas.jpg HTTP/1.1
Host: sme-bizzdeals.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sme-bizzdeals.co.uk/NP_1872_UK_0722/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 07:03:10 GMT
content-type: image/jpeg
content-length: 7751
last-modified: Mon, 10 Oct 2022 10:49:58 GMT
etag: "1e47-5eaabebb82dab"
accept-ranges: bytes
X-Firefox-Spdy: h2
sme-bizzdeals.co.uk/favicon.ico
87.98.186.190404 Not Found 294 B URL HTTP/2 sme-bizzdeals.co.uk/favicon.ico
IP 87.98.186.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5d2fc641f8371c16d4d27365b3b1bcaa
f376dd113207b42a44bd4b58f2f5a058410981c0
7ea11c34582f60949d2767a7047771e63a2a2eaae62d302076143690546d172d
GET /favicon.ico HTTP/1.1
Host: sme-bizzdeals.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sme-bizzdeals.co.uk/NP_1872_UK_0722/?qcp=NP_1872_UK_0722&tduid=8fbef3524b08d05b1978919724c057af
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 24 Nov 2022 07:03:10 GMT
content-type: text/html; charset=iso-8859-1
content-length: 294
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3931
Expires: Thu, 24 Nov 2022 08:08:42 GMT
Date: Thu, 24 Nov 2022 07:03:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3931
Expires: Thu, 24 Nov 2022 08:08:42 GMT
Date: Thu, 24 Nov 2022 07:03:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3931
Expires: Thu, 24 Nov 2022 08:08:42 GMT
Date: Thu, 24 Nov 2022 07:03:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3931
Expires: Thu, 24 Nov 2022 08:08:42 GMT
Date: Thu, 24 Nov 2022 07:03:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3931
Expires: Thu, 24 Nov 2022 08:08:42 GMT
Date: Thu, 24 Nov 2022 07:03:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1404c6b865808ea73ca5b2062fefecc0
c66fd3a955cd81ab93474fb1aabc4c19d5775bcc
0a92ca52eff8baa4ba43bdb29008c59bcd37c55e78ac657de25819e980ea8e96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5545
x-amzn-requestid: 215b9f9b-4941-4c13-a1d4-6fdc5b453fad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtEkIIAMF3gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-27081b9e0dc1de6522299e4e;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SFO53-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xr183esurgfu-4jjQtCS5s_np_CtltrPx48zpq-NMwZbcGnAwTxtkg==
via: 1.1 68914922a694954838e87fc9b0aa10fe.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:52:56 GMT
age: 33015
etag: "c66fd3a955cd81ab93474fb1aabc4c19d5775bcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: _j5ykGwKHIQEFLyuJK_OMvs-CsCvkUQhZc_YD8gAtbyOECQ894zvjw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:46:02 GMT
age: 4629
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18708671-8ed1-458b-a0a3-fba50832ecb7.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18708671-8ed1-458b-a0a3-fba50832ecb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af618f978f520f4f15acd660f5e91ad4
fcbe3938574e2a3b0d303b7464ae6f414d7dc356
6f8c21090c99c98e8ae89f60b1cf1cd882194dc83db96808a0b5bd553ece8a56
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18708671-8ed1-458b-a0a3-fba50832ecb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9119
x-amzn-requestid: 0321de47-3dae-4ad5-86e7-fd766326c6c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvClGQWoAMFWqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9210-5bc883d93cedf8ec36517fe3;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gvEmzs6OvdD0s03wFTgS0RYBkikZ9VHk0eOArDVQwZ1vNSMBcJ97mQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:44:50 GMT
etag: "fcbe3938574e2a3b0d303b7464ae6f414d7dc356"
content-type: image/jpeg
age: 33501
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1234c13159d1531a698ece38a3bd7ff6
6bd60504d4450a090e6f82d15f2f28b371e4dfcc
488a827d4d2074371860dd556b3611c56a19502d3348e0a7d35c4f7556f63b3a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F65d6aa89-922d-4c2b-9601-956358f8ac22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11969
x-amzn-requestid: e7ab6bb2-9bc5-4862-901b-32f18322db46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwBJFkUoAMFRFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e93a0-56d902c0481eef0932dad57c;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:41:52 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zluh8EkvyvbxVT_lmb1uh3eLph9eMUrsuLlwPYAOmP9-sWAhGyxeMw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:44:50 GMT
age: 33501
etag: "6bd60504d4450a090e6f82d15f2f28b371e4dfcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8rbsN9OVJmneT9ov-Q7V4RB8DP5UWhhn-7cnukHiBpl06zmMM0zJTg==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 32751
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 33365
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.companeo.co.uk/fonts/roboto/roboto-v27-latin-regular.woff2
104.26.13.109200 OK 16 kB URL HTTP/2 www.companeo.co.uk/fonts/roboto/roboto-v27-latin-regular.woff2
IP 104.26.13.109:0
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0\012- data
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /fonts/roboto/roboto-v27-latin-regular.woff2 HTTP/1.1
Host: www.companeo.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sme-bizzdeals.co.uk
Connection: keep-alive
Referer: https://www.companeo.co.uk/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 07:03:11 GMT
content-type: application/octet-stream
content-length: 15688
last-modified: Tue, 20 Jul 2021 16:59:08 GMT
etag: "60f700dc-3d48"
access-control-allow-origin: *
accept-language: bytes
strict-transport-security: max-age=15552000
cache-control: private
cf-cache-status: BYPASS
set-cookie: SRVNAME=S1; path=/
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzwnvVdXXo%2Bx%2FTbJhE%2BsZLPxWqWup%2Fsulyw%2FnNP4vwSnYe5FElT37r2xOHZ8nSSOzMP0gRoh6Joejoh6Lkp84f9ytQw97Dmju3T5%2ByHiQvf2LOTKmpuNPp%2FHOiU83jkzrYJ%2B3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f048851fd61c0a-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 46928807c1eaa08c68b91da0c5b2bc8f
c09744c3f8318d9da4f5e0b8d79f0513fdb4fd8a
fa5a365f50e7f02e0ee8aa8853c56dbf4fd1936067a8a74ee75e259a74d89379
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:03:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 08:42:34 GMT
Expires: Mon, 28 Nov 2022 08:42:33 GMT
Etag: "c09744c3f8318d9da4f5e0b8d79f0513fdb4fd8a"
Cache-Control: max-age=350961,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f048875b0b0b65-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 46928807c1eaa08c68b91da0c5b2bc8f
c09744c3f8318d9da4f5e0b8d79f0513fdb4fd8a
fa5a365f50e7f02e0ee8aa8853c56dbf4fd1936067a8a74ee75e259a74d89379
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 07:03:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 08:42:34 GMT
Expires: Mon, 28 Nov 2022 08:42:33 GMT
Etag: "c09744c3f8318d9da4f5e0b8d79f0513fdb4fd8a"
Cache-Control: max-age=350961,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f048875b03b4f4-OSL
www.companeo.co.uk/fonts/iconfont/iconfont-surveyslider.ttf?uo3di4
104.26.13.109200 OK 4.0 kB URL HTTP/2 www.companeo.co.uk/fonts/iconfont/iconfont-surveyslider.ttf?uo3di4
IP 104.26.13.109:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, iconfont-surveyslider\012- data
Hash 52ee5fd9fa03e129abe263cafcfd1936
43776691f1926c3242d25044ff32970560a9e84f
937ee60f7679c859a7368485f42c23852e33f4933d02373402bce9b2ac7f3257
GET /fonts/iconfont/iconfont-surveyslider.ttf?uo3di4 HTTP/1.1
Host: www.companeo.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sme-bizzdeals.co.uk
Connection: keep-alive
Referer: https://www.companeo.co.uk/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 07:03:11 GMT
content-type: application/octet-stream
content-length: 4040
last-modified: Tue, 20 Jul 2021 16:59:08 GMT
etag: "60f700dc-fc8"
access-control-allow-origin: *
accept-language: bytes
strict-transport-security: max-age=15552000
cache-control: private
cf-cache-status: BYPASS
set-cookie: SRVNAME=S2; path=/
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS6txQla1YBhe3NGV2j213gYwmM%2FszHla6Ozh47nTsPNaYtV3znAXS2T6fMCk1Ywc4egJaNT5xtiwxmdo4u63UXOnrzj1e0ywqy1gNa4AIDOalPf%2BvHGBD2n7bSPv9vFizmUTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f048899b7a1c0a-OSL
X-Firefox-Spdy: h2
www.companeo.co.uk/fonts/roboto/roboto-v27-latin-700.woff2
104.26.13.109200 OK 16 kB URL HTTP/2 www.companeo.co.uk/fonts/roboto/roboto-v27-latin-700.woff2
IP 104.26.13.109:0
File type Web Open Font Format (Version 2), TrueType, length 15828, version 1.0\012- data
Hash bf28241e67511184c14dbd0ef7d39f91
c706e0a4122ab727645b744c21667390e8898a4d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
GET /fonts/roboto/roboto-v27-latin-700.woff2 HTTP/1.1
Host: www.companeo.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sme-bizzdeals.co.uk
Connection: keep-alive
Referer: https://www.companeo.co.uk/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 07:03:11 GMT
content-type: application/octet-stream
content-length: 15828
last-modified: Tue, 20 Jul 2021 16:59:08 GMT
etag: "60f700dc-3dd4"
access-control-allow-origin: *
accept-language: bytes
strict-transport-security: max-age=15552000
cache-control: private
cf-cache-status: BYPASS
set-cookie: SRVNAME=S1; path=/
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0CngIfkPn2GPuM5RHiE56SDyfzDAbMc1jTsgh2KYI4om4DQ7y4Pmc2ZFXAI8JF6yaPlRc0DjsfS%2B3csFrtETd%2B%2BQrhzEwwSn4tDBNPR3ow2ZFXi8Ao0GBRp9aT8n0SDU5k%2FPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f048897b3f1c0a-OSL
X-Firefox-Spdy: h2
analytics.tradedoubler.com/
188.165.150.178200 OK 0 B URL HTTP/2 analytics.tradedoubler.com/
IP 188.165.150.178:0
POST / HTTP/1.1
Host: analytics.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 228
Origin: https://clk.tradedoubler.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 07:03:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-via-popn: primary
content-encoding: gzip
x-via-poph: replica1
X-Firefox-Spdy: h2
sdk.privacy-center.org/sdk.187343a5c798729769461ea222a55e61abe12d19.js
54.230.111.7200 OK 0 B URL HTTP/2 sdk.privacy-center.org/sdk.187343a5c798729769461ea222a55e61abe12d19.js
IP 54.230.111.7:0
GET /sdk.187343a5c798729769461ea222a55e61abe12d19.js HTTP/1.1
Host: sdk.privacy-center.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sme-bizzdeals.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 21 Nov 2022 08:42:47 GMT
last-modified: Mon, 21 Nov 2022 08:38:17 GMT
etag: W/"51b085f4d388aa63d9d111fee4bef3bd"
x-amz-server-side-encryption: AES256
x-amz-meta-s3cmd-attrs: atime:1669019569/ctime:1669019569/gid:0/gname:root/md5:51b085f4d388aa63d9d111fee4bef3bd/mode:33188/mtime:1669019569/uid:0/uname:root
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eMBtpRV07lMHvmI0zgTmbyweqMGca2ubT9IpvMxE0z9IX94zwABLKg==
age: 253224
X-Firefox-Spdy: h2
www.companeo.co.uk/api_campaign_get_confirmation_page
104.26.13.109200 OK 0 B URL HTTP/2 www.companeo.co.uk/api_campaign_get_confirmation_page
IP 104.26.13.109:0
GET /api_campaign_get_confirmation_page HTTP/1.1
Host: www.companeo.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sme-bizzdeals.co.uk
Connection: keep-alive
Referer: https://sme-bizzdeals.co.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 07:03:11 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.20
cache-control: no-cache, private
access-control-allow-origin: *
set-cookie: phoenix_front_session=L5GTE5NCPmtEer33R19fzuua6QKxxXzzcAz8AwU8; expires=Thu, 24-Nov-2022 09:03:11 GMT; Max-Age=7200; path=/; httponly; samesite=lax
SRVNAME=S2; path=/
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whv6GN56e%2FuRu4sEbPs14nhgT6azKQqWKTHASSwJ9yblEeUYz7w2I3k10AdTvTBuJkDrFQR8fqXyvxbuMeL3H1nBOwiWV1tV5VBRqZN0kJVsPLlkpH4YrjCpDtGCoikMxyfm5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f04886a9331c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.takemyquote.com/rdr/YWE9ODQ5NDAzNjE4JnNlaT0xMDEzNjgwNiZ0az1uNzlnUlBvNlYxeVoxUFdYS0w4OSZ0PTImYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=
172.67.179.30302 Found 0 B URL HTTP/2 cdn.takemyquote.com/rdr/YWE9ODQ5NDAzNjE4JnNlaT0xMDEzNjgwNiZ0az1uNzlnUlBvNlYxeVoxUFdYS0w4OSZ0PTImYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM=
IP 172.67.179.30:0
Analyzer Verdict Alert fortinet Phishing
GET /rdr/YWE9ODQ5NDAzNjE4JnNlaT0xMDEzNjgwNiZ0az1uNzlnUlBvNlYxeVoxUFdYS0w4OSZ0PTImYz05MGFzODc2ZmQ4OWFzNWZnOGEwOXM= HTTP/1.1
Host: cdn.takemyquote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 24 Nov 2022 07:03:08 GMT
content-type: text/html; charset=UTF-8
location: https://fashionslabs.com/traffic.php?Location=aHR0cHM6Ly9jbGsudHJhZGVkb3VibGVyLmNvbS9jbGljaz9wPTI3ODA4MiZhPTI5MzM0MjAmZz0yNTMwNDE5OCZ1cmw9aHR0cHM6Ly9zbWUtYml6emRlYWxzLmNvLnVrL05QXzE4NzJfVUtfMDcyMi8/cWNwPU5QXzE4NzJfVUtfMDcyMg==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hX4Szf5M8zDoQM37NwDw2nvTMF4m%2B%2BhVnLduCrInbrEal2dyAl8l8kASTAFldVitLGLuJjoe4xA8uO%2F6PUB%2FuokGRukWU4EXJgquG6T3%2FcAvJrviY9k%2B8%2BcLKaK8fbQ7GR3edgpi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f048776b4cb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.companeo.co.uk/api.php?lang=en_GB&key=ed7f8fc2e212cddcc3de223e54b736d0
104.26.13.109200 OK 0 B URL HTTP/2 www.companeo.co.uk/api.php?lang=en_GB&key=ed7f8fc2e212cddcc3de223e54b736d0
IP 104.26.13.109:0
GET /api.php?lang=en_GB&key=ed7f8fc2e212cddcc3de223e54b736d0 HTTP/1.1
Host: www.companeo.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sme-bizzdeals.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 07:03:10 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.20
cache-control: no-cache, private
access-control-allow-origin: *
strict-transport-security: max-age=15552000
set-cookie: SRVNAME=S1; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A21auhciBvBKVaFM88AvNBMrx0nH%2FVPwVSdesw5%2Bux6RtelILsgQDAS3kLvyYawx8Y8ymoLuU1p2AUrAPCU0TfsfJMHlfpkGhs3Co0YOhWbSxN2aLVsQX7yM1cwMj3FdqhYifw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f048817c971c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.companeo.co.uk/js/survey.js
104.26.13.109200 OK 0 B URL HTTP/2 www.companeo.co.uk/js/survey.js
IP 104.26.13.109:0
GET /js/survey.js HTTP/1.1
Host: www.companeo.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sme-bizzdeals.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 07:03:10 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2022 13:52:17 GMT
etag: W/"6335a311-163c0"
accept-language: bytes
strict-transport-security: max-age=15552000
cache-control: private
cf-cache-status: BYPASS
set-cookie: SRVNAME=S1; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKvaO%2FU0S5wCkfB4fa805wc3c8yn7urLfzn2NTKt9a7FZdEljpV8IDrAEbdG76VnyTAB7UzkJYccB%2Fxi0xU0sMd9UE50fXvL06qaYRWb%2FNZ5PPQeujtAmidI%2F80xVFN32hrROw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f04883de741c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.companeo.com/api/v1/survey/1872/en_GB/?cc=1872&forcetpl=2&isLanding=true&force_lang=en_GB&cid=null&email=null
54.36.212.233200 OK 0 B URL HTTP/2 api.companeo.com/api/v1/survey/1872/en_GB/?cc=1872&forcetpl=2&isLanding=true&force_lang=en_GB&cid=null&email=null
IP 54.36.212.233:0
OPTIONS /api/v1/survey/1872/en_GB/?cc=1872&forcetpl=2&isLanding=true&force_lang=en_GB&cid=null&email=null HTTP/1.1
Host: api.companeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sme-bizzdeals.co.uk/
Origin: https://sme-bizzdeals.co.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 07:03:11 GMT
content-type: application/json
x-powered-by: PHP/8.0.20
access-control-allow-origin: https://sme-bizzdeals.co.uk
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT
content-encoding: gzip
strict-transport-security: max-age=15768000
set-cookie: SRVNAME=S1; path=/
cache-control: private
X-Firefox-Spdy: h2
api.companeo.com/api/v1/survey/1872/en_GB/?cc=1872&forcetpl=2&isLanding=true&force_lang=en_GB&cid=null&email=null
54.36.212.233200 OK 0 B URL HTTP/2 api.companeo.com/api/v1/survey/1872/en_GB/?cc=1872&forcetpl=2&isLanding=true&force_lang=en_GB&cid=null&email=null
IP 54.36.212.233:0
GET /api/v1/survey/1872/en_GB/?cc=1872&forcetpl=2&isLanding=true&force_lang=en_GB&cid=null&email=null HTTP/1.1
Host: api.companeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sme-bizzdeals.co.uk
Connection: keep-alive
Referer: https://sme-bizzdeals.co.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 07:03:11 GMT
content-type: application/json
x-powered-by: PHP/8.0.20
access-control-allow-origin: https://sme-bizzdeals.co.uk
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT
content-encoding: gzip
strict-transport-security: max-age=15768000
set-cookie: SRVNAME=S1; path=/
cache-control: private
X-Firefox-Spdy: h2