Report - makeyourwet.com/yrbPvQjh?s1=3mlfvks77ei5g&tag=16401&s2=frd

Report Overview

Submitted URL
makeyourwet.com/yrbPvQjh?s1=3mlfvks77ei5g&tag=16401&s2=frd
IP
104.21.17.109
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-22 22:51:14
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	607 B	708 B	142.250.150.155
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	800 B	563 B	216.239.34.36
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	424 B	746 B	142.250.74.10
tracking.t0r4.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	517 B	981 B	172.67.190.127
zzotrack.com	470411	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	564 B	872 B	18.184.38.55
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	64 kB	34.120.237.76
static.trafficjunky.com	13961	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	291 B	4.0 kB	205.185.208.79
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	21 kB	142.250.74.174
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	31 kB	69.16.175.42
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	48 kB	142.250.74.168
guard.cdtbox.rocks	240008	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	597 B	249 B	54.164.22.60
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.189.139.67
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
cdn.smrt-assets.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	95 kB	23.36.76.144
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	490 B	32 kB	216.58.207.195
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	143.204.42.88
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
datify.g2afse.com	639853	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	573 B	354 B	34.90.14.205
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.77.32
ocsp.r2m01.amazontrust.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	54.230.80.227
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	774 B	21 kB	142.250.74.163
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.2 kB	93.184.220.29
m.luvmenow.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	591 B	791 B	104.21.11.83
v2.trckguardlnk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.7 kB	18.195.157.163
tsyndicate.com	13042	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	675 B	168.119.1.208
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
statisticresearch.com	584767	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	652 B	52.204.249.38
makeyourwet.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	1.5 kB	104.21.17.109
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.3 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-22	medium	trckguardlnk.com	Sinkholed
2022-11-22	medium	trckguardlnk.com	Sinkholed
2022-11-22	medium	trckguardlnk.com	Sinkholed

JavaScript (19)

	URL	Size	First Seen	Last Seen
	cdn.smrt-assets.com/prod/push-subscriber.js	18 kB	2023-03-07	2024-04-11
Pretty URL cdn.smrt-assets.com/prod/push-subscriber.js IP 23.36.76.144 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-11 18:11:38 Times Seen1417 Hash 6b5bccad39f7057909ad0660f33cc2fa a7995e45d98a311f94c3f6f096a7e414b5a34407 765f676a53b5275cb0bf0835962b72accd340101ac2e32d8a215f8b1047b0941 Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-app.js	25 kB	2023-03-07	2024-04-11
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-app.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-11 18:11:38 Times Seen10984 Hash 9164d0e8a317eceb870cca88c9683127 4617c910005f7100b4ff26a458a8b4463e33cdc6 15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931 Loading...

	www.googletagmanager.com/gtag/js?id=G-C3EPRPS8FB&l=dataLayer&cx=c	217 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-C3EPRPS8FB&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:57:26 Last Seen2023-03-11 15:57:40 Times Seen1 Hash ac9eb19abb22c41cab3b2f6527b5fcf7 fbb1d0cbd135154aee97925e6590e85317d3680d a5db7ca0a344934bfd70c502e0f46f368c0774a3bef920b8adbbbd836eb0905b Loading...

	statisticresearch.com/user-segments/?pid=TH	62 B	2023-03-07	2024-04-03
Pretty URL statisticresearch.com/user-segments/?pid=TH IP 52.204.249.38 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-03 19:35:28 Times Seen1269 Hash ac0b622721bcfcdc85cdebb98ad03bf9 f1981b6dff8ad407bbb760ac6cfd57ae7c921fa0 7b2a79e668b985367b96ed97f0b5544d66cfd8fc78dc1d09110aa62dc1586179 Loading...

	smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=f5a657f42c340f86ac6d46b37b079cfc&s3=558	680 B	2023-03-11	2023-03-11
Pretty URL smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=f5a657f42c340f86ac6d46b37b079cfc&s3=558 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:57:40 Last Seen2023-03-11 15:57:40 Times Seen1 Hash 6f1354e8fb380a5656b6a26ad067ed98 2a42fa21a509a98e2cf8373b5e32fa5887f32740 91ca565c4eec82abf0ca9af194787454982944af623223d681f9e7339a034a4e Loading...

	v2.trckguardlnk.com/click?a=558&sub_id1=wk5p6vsmfh5kpmlk21k2f450&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&o=2219	189 B	2023-03-11	2023-03-11
Pretty URL v2.trckguardlnk.com/click?a=558&sub_id1=wk5p6vsmfh5kpmlk21k2f450&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&o=2219 IP 18.195.157.163 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:57:40 Last Seen2023-03-11 15:57:40 Times Seen1 Hash ad78488f5f10519a02ee3bf32bd693e1 9afda311ae27e3542bc9a56efb0dcc6d7ca52f26 c094764d045af90ef8b5a79021260f6e43e18fac845ef33998160afe1e399858 Loading...

	cdn.smrt-assets.com/prod/push-lang-config.js	7.9 kB	2023-03-07	2024-04-11
Pretty URL cdn.smrt-assets.com/prod/push-lang-config.js IP 23.36.76.144 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-11 18:11:38 Times Seen1385 Hash 7152525f63649929a736f6efb78b58a5 5bf8138b39eaeebdf4681ad31fac3a02075e36ad f1f5518e39341d6f4189be101a85c496add2a43b569a809bd3193d52f3e61de1 Loading...

	smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=f5a657f42c340f86ac6d46b37b079cfc&s3=558	359 B	2023-03-07	2024-03-14
Pretty URL smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=f5a657f42c340f86ac6d46b37b079cfc&s3=558 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-03-14 10:41:49 Times Seen312 Hash a27922be47c10f7e88bc78b25d444fb3 4fb5516a26f5267486c053fcd45ea0d2d8c31d9d 78fd58dd69b97f29340e98fe5b9300293127d27c5617f3ee519db43a38fbdbda Loading...

	static.trafficjunky.com/js/mp.min.js	11 kB	2023-03-07	2023-05-03
Pretty URL static.trafficjunky.com/js/mp.min.js IP 205.185.208.79 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2023-05-03 22:48:13 Times Seen370 Hash 3f66e62e547a7c432eb587b81a5864c5 b0da6be4eb15b99f7fdb3a45168de09e0aa2a66c ddddeb6d56c1ab493971fcce9f231318ab1c73a613b5eb53549cfa89dd4b1632 Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js	36 kB	2023-03-07	2024-04-11
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-11 18:11:38 Times Seen11060 Hash 0cb7a0eb328ea70ab360f861314c8820 e3e20eb50dae36f4cbcef1890b1cc7878acb537a 4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9 Loading...

	smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=f5a657f42c340f86ac6d46b37b079cfc&s3=558	335 B	2023-03-07	2024-04-03
Pretty URL smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=f5a657f42c340f86ac6d46b37b079cfc&s3=558 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-03 19:35:27 Times Seen774 Hash 256cdb11ca1f336f8622fb1a3cf066ff 7ea74f8f152c55c902c906d25e05269afa6182ce 829be72b7bae1d4ee42b2a4fdf96eafb3ea702fd50aa661a6ddac9cb045ff334 Loading...

	smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=f5a657f42c340f86ac6d46b37b079cfc&s3=558	695 B	2023-03-11	2023-03-11
Pretty URL smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=f5a657f42c340f86ac6d46b37b079cfc&s3=558 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:57:40 Last Seen2023-03-11 15:57:40 Times Seen1 Hash 078274f26a2a29ad608ded1f9bd2fbb7 ff7fc8f418e17657b44c1792b8e9798dd0a57382 f7091afb99323bd7eed82264ee6f751415bf729862030ab3d696632ef4180070 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX	122 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:44:21 Last Seen2023-03-11 16:02:41 Times Seen1 Hash 6869ae53bd4328f1e176651df32a6af7 f443cda796769f0c85cd426eeeac0bd1a861bac7 309d42e7102f65fb89bc2c4c91a27de58c161ca675b61ce2cdc2c7edaec4948f Loading...

	smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=f5a657f42c340f86ac6d46b37b079cfc&s3=558	51 B	2023-03-07	2024-04-03
Pretty URL smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=f5a657f42c340f86ac6d46b37b079cfc&s3=558 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-03 19:35:27 Times Seen772 Hash 7619d426b402631cef50bacfd7ececf9 55afc2b0b31bbde89f60b5e7e4ed62118795a18f d357aefce563a1557da1cdda0ff556bb3189b49b9256d231fbd50a4d4320ec64 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-15 19:32:36 Times Seen1507 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 07:59:02 Times Seen36931118 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.smrt-assets.com/assets/1822/js/translate.js	57 kB	2023-03-07	2023-08-15
Pretty URL cdn.smrt-assets.com/assets/1822/js/translate.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:20 Last Seen2023-08-15 21:22:26 Times Seen98 Hash a1d6d5af3b1a2d56f82f449b5c734a83 eafec4cec83de48c33caa76daa2813c22fea6fc6 e1fc8352104f294a81544839ebf87afca5b152ffd9fe2ebfb9f05cb45a79ed52 Loading...

	cdn.smrt-assets.com/assets/1387/js/backoffer.js	660 B	2023-03-07	2024-04-11
Pretty URL cdn.smrt-assets.com/assets/1387/js/backoffer.js IP 23.36.76.144 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-11 18:11:38 Times Seen1438 Hash e7e1dc07852a36f89e4be03aa3787316 0dc3f8e7eb943af093cf8f4600fcf0e421891025 33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 444bcb3a3fcf8389296c49467f27e1d6	2 B	2023-03-08	2024-04-18
Pretty Observations First Seen2023-03-08 02:32:37 Last Seen2024-04-18 07:54:12 Times Seen106499 Hash 444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Loading...

HTTP Transactions (63)

URL IP Response Size

makeyourwet.com/yrbPvQjh?s1=3mlfvks77ei5g&tag=16401&s2=frd

104.21.17.109

302 Found

0 B

URL HTTP/1.1
makeyourwet.com/yrbPvQjh?s1=3mlfvks77ei5g&tag=16401&s2=frd
IP
104.21.17.109:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /yrbPvQjh?s1=3mlfvks77ei5g&tag=16401&s2=frd HTTP/1.1
Host: makeyourwet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Tue, 22 Nov 2022 22:51:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Tue, 22 Nov 2022 22:51:02 GMT
Location: https://m.luvmenow.com/click?offer_id=5683&pid=31423&ref_id=s8hnpa77ei7h&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa77ei7h&sub4=3mlfvks77ei5g&sub5=frd&sub6=&sub7=&sub8=16401
Pragma: no-cache
Set-Cookie: _subid=s8hnpa77ei7h;Expires=Friday, 23-Dec-2022 22:51:02 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpa77ei7h_s8hnpa77ei7h637d5256e87ca1.52376504;Expires=Friday, 23-Dec-2022 22:51:02 GMT;Max-Age=2678400;Path=/
9bf24=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI5MDk1MFwiOjE2NjkxNTc0NjJ9LFwiY2FtcGFpZ25zXCI6e1wiMjg1NzVcIjoxNjY5MTU3NDYyfSxcInRpbWVcIjoxNjY5MTU3NDYyfSJ9.VcpD8ES-HVtNT7latwnVgnF-A3khLXUCl2xeZvF0A0g;Expires=Tuesday, 15-Oct-2075 21:42:04 GMT;Max-Age=1669243862;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhjqlS%2BqyxMPfHvq4%2BoHncP7jXazS04lUnf7%2FPRvJm1%2BNC97Vzm%2Baxb7kLjx0h2F6UtS3yHNraH0v4nAu6zkZyw49oSFtn7FrV7XIgY6jXge5YBQz4wL0nvXZ%2FNgtR%2Bi7jY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76e53a3ef8910b45-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13281
Expires: Wed, 23 Nov 2022 02:32:24 GMT
Date: Tue, 22 Nov 2022 22:51:03 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5882
Cache-Control: max-age=134294
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 22:51:03 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 12:09:17 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 22:09:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2499
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16363
Expires: Wed, 23 Nov 2022 03:23:46 GMT
Date: Tue, 22 Nov 2022 22:51:03 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 5XNIfkZOUK5Ynxtcp/fko/rkMkaM68ULcwrsvHyvhBEjWkzDmkyRWNSf66Kf3fyS+SjcBwc7olw=
x-amz-request-id: 9SV8BZKGRQYQBAKF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 22:42:45 GMT
age: 498
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

m.luvmenow.com/click?offer_id=5683&pid=31423&ref_id=s8hnpa77ei7h&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa77ei7h&sub4=3mlfvks77ei5g&sub5=frd&sub6=&sub7=&sub8=16401

104.21.11.83

302 Found

0 B

URL HTTP/2
m.luvmenow.com/click?offer_id=5683&pid=31423&ref_id=s8hnpa77ei7h&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa77ei7h&sub4=3mlfvks77ei5g&sub5=frd&sub6=&sub7=&sub8=16401
IP
104.21.11.83:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?offer_id=5683&pid=31423&ref_id=s8hnpa77ei7h&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa77ei7h&sub4=3mlfvks77ei5g&sub5=frd&sub6=&sub7=&sub8=16401 HTTP/1.1
Host: m.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Tue, 22 Nov 2022 22:51:03 GMT
content-length: 0
location: https://datify.g2afse.com/click?pid=31423&offer_id=783&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa77ei7h&sub4=3mlfvks77ei5g&sub5=frd&sub6=&sub7=&sub8=16401
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AK6QRkYmXrBhSDS0Q5ep1f2q%2BPZUL2T%2BJh3%2F6dXm37c7ZjjJSUQbN2VxhpjX8gqR5izBstWYnO%2Fm2nPGCDFqpmVUuIvVvQE8Jq2TNq5AKLxJw7OfXN%2BEFcQO4sQ049tbgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e53a40ff3ab4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 22:51:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
72bdf02d3fa87e5818490d5c5b59a7c7
ceae9c2d95320a685d7f32c605d2a53f5cd33929
b68ec7c11619b9224dc8152220c9451e87c8a7ea0295da5e4d43e02f7f17849e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3859
Cache-Control: max-age=93768
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 22:51:03 GMT
Etag: "637c0e8c-13a"
Expires: Thu, 24 Nov 2022 00:53:51 GMT
Last-Modified: Mon, 21 Nov 2022 23:49:32 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 314

datify.g2afse.com/click?pid=31423&offer_id=783&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa77ei7h&sub4=3mlfvks77ei5g&sub5=frd&sub6=&sub7=&sub8=16401

34.90.14.205

302 Found

0 B

URL HTTP/2
datify.g2afse.com/click?pid=31423&offer_id=783&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa77ei7h&sub4=3mlfvks77ei5g&sub5=frd&sub6=&sub7=&sub8=16401
IP
34.90.14.205:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=31423&offer_id=783&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa77ei7h&sub4=3mlfvks77ei5g&sub5=frd&sub6=&sub7=&sub8=16401 HTTP/1.1
Host: datify.g2afse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Tue, 22 Nov 2022 22:51:03 GMT
content-length: 0
location: https://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=31423&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa77ei7h&sub4=3mlfvks77ei5g&sub5=frd&sub6=&sub7=&sub8=16401
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
796036e215d4f7d371f3306b098dfb80
b5c26eb62b3039c4bc221e469ece94ff7d627c99
717e0a4436dfdec4b89d61f65df34fc58c9b6dda3ac9e5e08e33240383132aff

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "717E0A4436DFDEC4B89D61F65DF34FC58C9B6DDA3AC9E5E08E33240383132AFF"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6952
Expires: Wed, 23 Nov 2022 00:46:55 GMT
Date: Tue, 22 Nov 2022 22:51:03 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 22:11:10 GMT
cache-control: public,max-age=3600
age: 2393
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

tracking.t0r4.com/click?pid=740&offer_id=1072&sub1=31423&sub3=a_637d52571c3a1300014e4a10

172.67.190.127

302 Found

0 B

URL HTTP/2
tracking.t0r4.com/click?pid=740&offer_id=1072&sub1=31423&sub3=a_637d52571c3a1300014e4a10
IP
172.67.190.127:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=740&offer_id=1072&sub1=31423&sub3=a_637d52571c3a1300014e4a10 HTTP/1.1
Host: tracking.t0r4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Tue, 22 Nov 2022 22:51:03 GMT
content-length: 0
location: https://zzotrack.com/86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=31423&sub2=&campaign=&sum=&clickid=637d525748e70a00019523ac
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=637d525748e70a00019523ac; expires=Wed, 22 Nov 2023 22:51:03 GMT; secure; SameSite=None
afoffers={"1072":1669157463}; expires=Wed, 22 Nov 2023 22:51:03 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGRQRMqrArggiMPjtIGwpQwTxzPXyCzHEhNGEg6alT7WSvKSmTKWCVEAls4s91bCep9t2t1sZDdKLNCF5lF%2BB0fp2Z3l8HISpY74IN%2FrIVngxrTwbhMdM6MZjAbUFPP0ptGO%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e53a4359bc0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
796036e215d4f7d371f3306b098dfb80
b5c26eb62b3039c4bc221e469ece94ff7d627c99
717e0a4436dfdec4b89d61f65df34fc58c9b6dda3ac9e5e08e33240383132aff

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "717E0A4436DFDEC4B89D61F65DF34FC58C9B6DDA3AC9E5E08E33240383132AFF"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6952
Expires: Wed, 23 Nov 2022 00:46:55 GMT
Date: Tue, 22 Nov 2022 22:51:03 GMT
Connection: keep-alive

zzotrack.com/86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=31423&sub2=&campaign=&sum=&clickid=637d525748e70a00019523ac

18.184.38.55

302 Found

0 B

URL HTTP/2
zzotrack.com/86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=31423&sub2=&campaign=&sum=&clickid=637d525748e70a00019523ac
IP
18.184.38.55:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=31423&sub2=&campaign=&sum=&clickid=637d525748e70a00019523ac HTTP/1.1
Host: zzotrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Tue, 22 Nov 2022 22:51:03 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wk5p6vsmfh5kpmlk21k2f450&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740
pragma: no-cache
set-cookie: 86f47e59-27d7-4e44-bd9c-5042398e42a9-v4=m2xShBaDHrEXSLV31mUoHS_Bsyu9qyfbLhFtXL2LlcU; Max-Age=86400; Expires=Wed, 23-Nov-2022 22:51:03 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=Jyycz1VOPOA7i%2B%2B3zglOHc9mhNJwEDV8IoFGiRZCQ%2BjS2poVMWXhoGJBtl1rpKssTkL7bfx8Vs6g6pXBpb3CLjdkdqsGnlvRd0ifSJGSe3%2BN0el1IRk42wXkxod%2BHqRb4kUuXvSjGvnaf6eGwTZxTA%3D%3D; Max-Age=31536000; Expires=Wed, 22-Nov-2023 22:51:03 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4366
Cache-Control: max-age=127718
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 22:51:03 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:19:41 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
14b9d2a1e788b00902e4935b0d3c221f
c4cc06212de0c4930a87cd06430578ec9567e25c
a99cf023ab61e2512335edad58e35f163b76221e71e5d3087dd6e6e06c424d64

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131355
Date: Tue, 22 Nov 2022 22:51:04 GMT
Etag: "637c9dd7-1d7"
Expires: Thu, 24 Nov 2022 11:20:19 GMT
Last-Modified: Tue, 22 Nov 2022 10:00:55 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aRIkraEH4nTiLsoreOONVpL2wndfMDeE9OUtsH-lS02bTBIMHijZ3A==
Age: 4764

push.services.mozilla.com/

54.189.139.67

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.189.139.67:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kmcYg2Con/szNBKb7o80Jw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8+JMWusF+Nzse9PUvXAbymYQzDg=

v2.trckguardlnk.com/favicon.ico

18.195.157.163

200 OK

318 B

URL HTTP/2
v2.trckguardlnk.com/favicon.ico
IP
18.195.157.163:0
ASN
#16509 AMAZON-02

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Size
318 B (318 bytes)
Hash
a976d227e5d1dcf62f5f7e623211dd1b
a2a9dc1abdd3d888484678663928cb024c359ee6
66332859bd8e3441a019e073a318b62a47014ba244121301034b510dc7532271

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: v2.trckguardlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; U-13111c20aee51aeb480ecbd988cd8cc9=unique; o_13111c20aee51aeb480ecbd988cd8cc9=825120e7-c548-4bd5-876d-8d48201201c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 22 Nov 2022 22:51:04 GMT
content-type: image/x-icon
content-length: 318
server: nginx/1.20.0
last-modified: Tue, 04 May 2021 06:35:26 GMT
etag: "6090eb2e-13e"
accept-ranges: bytes
X-Firefox-Spdy: h2

v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wk5p6vsmfh5kpmlk21k2f450&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740

18.195.157.163

302 Found

2.2 kB

URL HTTP/2
v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wk5p6vsmfh5kpmlk21k2f450&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740
IP
18.195.157.163:0
ASN
#16509 AMAZON-02

File type
gzip compressed data, from Unix\012- data
Size
2.2 kB (2225 bytes)
Hash
dd3887ad6d50eff5293dc3c3e5500454
c6c671836210a5483a3f47e45d3c491de64d5796
b67af4a470b30e1e097db969b19f0e5b0138c85a5a60f844b14def1ca39eed91

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /click?a=558&o=2892&sub_id1=wk5p6vsmfh5kpmlk21k2f450&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740 HTTP/1.1
Host: v2.trckguardlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Tue, 22 Nov 2022 22:51:04 GMT
content-type: text/html; charset=UTF-8
location: https://v2.trckguardlnk.com/click?a=558&sub_id1=wk5p6vsmfh5kpmlk21k2f450&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&o=2219
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; expires=Thu, 22-Dec-2022 22:51:04 GMT; Max-Age=2592000; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cf3ba284e473229cda6b5abb1c75b853
2350f980c40b97123e8eaecb48cd06f485b0bc16
1e145a8b9a4fb0078632b2220db5db9463e6d6016209e7e1d2365b97de99e08c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E145A8B9A4FB0078632B2220DB5DB9463E6D6016209E7E1D2365B97DE99E08C"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12386
Expires: Wed, 23 Nov 2022 02:17:30 GMT
Date: Tue, 22 Nov 2022 22:51:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cf3ba284e473229cda6b5abb1c75b853
2350f980c40b97123e8eaecb48cd06f485b0bc16
1e145a8b9a4fb0078632b2220db5db9463e6d6016209e7e1d2365b97de99e08c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E145A8B9A4FB0078632B2220DB5DB9463E6D6016209E7E1D2365B97DE99E08C"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12386
Expires: Wed, 23 Nov 2022 02:17:30 GMT
Date: Tue, 22 Nov 2022 22:51:04 GMT
Connection: keep-alive

cdn.smrt-assets.com/assets/1822/css/main.css

23.36.76.144

200 OK

2.2 kB

URL HTTP/1.1
cdn.smrt-assets.com/assets/1822/css/main.css
IP
23.36.76.144:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with CRLF line terminators
Size
2.2 kB (2221 bytes)
Hash
411953469b0a9e8f0b6550f4dea2c818
9a0e1f0eb9f7b6c9c9fb7875b4cc1cd147c24657
30629fcbd365777a4383c8467ca905da7e8bab1ec81c16626b0288851c6182ec

HTTP Headers

GET /assets/1822/css/main.css HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Mon, 18 Oct 2021 09:00:11 GMT
ETag: "eac3e7e5cab4c729a0345ea8d8286b96"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C3
X-Amz-Cf-Id: q_UBeUIDLZnXbSq82J9lbCPc1yO-z1tZMXhEuy8URr2iohM75sUesg==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 22:51:04 GMT
Content-Length: 2221
Connection: keep-alive

code.jquery.com/jquery-3.6.0.min.js

69.16.175.42

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 22 Nov 2022 22:51:04 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669157464.dop020.sk1.t,1669157464.cds253.sk1.hn,1669157464.cds210.sk1.c
X-Firefox-Spdy: h2

cdn.smrt-assets.com/prod/push-lang-config.js

23.36.76.144

200 OK

2.4 kB

URL HTTP/1.1
cdn.smrt-assets.com/prod/push-lang-config.js
IP
23.36.76.144:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (7658), with no line terminators
Size
2.4 kB (2366 bytes)
Hash
86caa25373c28e4a962df5e15f4c160f
7a992cdd21a4074c155ccc7016e7cf836a66dd85
fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11

HTTP Headers

GET /prod/push-lang-config.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT
ETag: "7152525f63649929a736f6efb78b58a5"
x-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: PlzHg_kpLQKC63Gp9E61K1OBX5ibTIl975NYZyc2dmovD1t05XIN0Q==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 22:51:05 GMT
Content-Length: 2366
Connection: keep-alive

cdn.smrt-assets.com/prod/push-subscriber.js

23.36.76.144

200 OK

4.4 kB

URL HTTP/1.1
cdn.smrt-assets.com/prod/push-subscriber.js
IP
23.36.76.144:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
4.4 kB (4395 bytes)
Hash
d87a44d0aa0b54e75b2eb54c76bcf152
f765110fd22c73d181d9a2ea1b20de424b3d9e35
6ec5fc6e201f4cf0ba2754f2510363cad0ea29076f9775cc25a06ff71763c0f7

HTTP Headers

GET /prod/push-subscriber.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 29 Mar 2022 15:19:51 GMT
ETag: "6b5bccad39f7057909ad0660f33cc2fa"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: 35kqMJuJ1u5RjAKtxbnFwd5U4zZZCXGXjyOLiAvqNh6C3w79fp8VLA==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 22 Nov 2022 22:51:05 GMT
Content-Length: 4395
Connection: keep-alive

cdn.smrt-assets.com/assets/1387/js/backoffer.js

23.36.76.144

200 OK

660 B

URL HTTP/1.1
cdn.smrt-assets.com/assets/1387/js/backoffer.js
IP
23.36.76.144:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with CRLF line terminators
Size
660 B (660 bytes)
Hash
e7e1dc07852a36f89e4be03aa3787316
0dc3f8e7eb943af093cf8f4600fcf0e421891025
33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388

HTTP Headers

GET /assets/1387/js/backoffer.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 660
Last-Modified: Thu, 06 May 2021 12:38:04 GMT
ETag: "e7e1dc07852a36f89e4be03aa3787316"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P2
X-Amz-Cf-Id: wMlw0DS_2cpDlmt-hXkUlzPF3cZyUBp0ipiQ_g-kkKca6KpQvvKboA==
Date: Tue, 22 Nov 2022 22:51:05 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 22:51:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 22:51:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/firebasejs/5.0.2/firebase-app.js

142.250.74.163

200 OK

8.6 kB

URL HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (25088)
Size
8.6 kB (8604 bytes)
Hash
73069e532b7039778d3a7128c997c61a
c523bbf1ac7f4e612c8ade75434c42fbca885adc
b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5

HTTP Headers

GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:32:45 GMT
expires: Thu, 16 Nov 2023 18:32:45 GMT
cache-control: public, max-age=31536000
age: 533900
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js

142.250.74.163

200 OK

10 kB

URL HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (35547)
Size
10 kB (10017 bytes)
Hash
fa9987a23f5a9d865766e952511baa30
f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7

HTTP Headers

GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:29:53 GMT
expires: Tue, 21 Nov 2023 18:29:53 GMT
cache-control: public, max-age=31536000
age: 102072
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 22:51:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 22:51:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.smrt-assets.com/assets/1822/images/1.jpg

23.36.76.144

200 OK

82 kB

URL HTTP/1.1
cdn.smrt-assets.com/assets/1822/images/1.jpg
IP
23.36.76.144:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 550x688, components 3\012- data
Size
82 kB (81950 bytes)
Hash
f037eaba33b30e1703ae889b76eaf03d
dbde86f818e5a6d28f226f419f1312cc98b991d7
2b1fe86a1a057b8b2e8c85325b39344be743f15c2bec3b2b6c614e7c2295b30f

HTTP Headers

GET /assets/1822/images/1.jpg HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.smrt-assets.com/assets/1822/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 81950
Last-Modified: Mon, 18 Oct 2021 08:55:42 GMT
ETag: "f037eaba33b30e1703ae889b76eaf03d"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C3
X-Amz-Cf-Id: otzLy1Q4A_qWkwok8xQ5OMLOUaKJk9fNWCe4I4pWMosUJJSRX-IFVA==
Date: Tue, 22 Nov 2022 22:51:05 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 22:51:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 22:51:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 16:40:18 GMT
expires: Fri, 17 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 454247
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX

142.250.74.168

200 OK

47 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
47 kB (47292 bytes)
Hash
5ba397cf09fbcb1cee5e037445f87671
e0a01a41f2224ed7f46efac55c2cab038e07240e
db489f4530a0715a5a6b8c7660163c833a6f76e540d5f787e5d961853fb42f72

HTTP Headers

GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 22 Nov 2022 22:51:05 GMT
expires: Tue, 22 Nov 2022 22:51:05 GMT
cache-control: private, max-age=900
last-modified: Tue, 22 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 22:51:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b7e776092ab32e0f65110f9519fd6518
4e453aae321a7070acc2466f45ba2262d0374d59
9a7e1ab51dbc2c5bb18f46f9a4e0ac9df4afdd7c20187110ac0a774eda0543d2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96845
Date: Tue, 22 Nov 2022 22:51:05 GMT
Etag: "637c1400-1d7"
Expires: Thu, 24 Nov 2022 01:45:10 GMT
Last-Modified: Tue, 22 Nov 2022 00:12:48 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rk4y4i3yzXniwwnChq1cnPPwuq70WgIr5oJnkd69CKLHrIuSYZ3EhQ==
Age: 5542

tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}

168.119.1.208

200 OK

35 B

URL HTTP/1.1
tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}
IP
168.119.1.208:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead} HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://smartsecuredt.com/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 22:51:05 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 35
Connection: keep-alive
Pragma: no-cache
Expires: 0
Vary: *
X-Api-Version: 1
X-Request-Id: b484a95edf2a5987
Set-Cookie: ts_rt_3f949dfe-3372-4caa-baf0-047f88323cfa=ANmUCUOmR4kbQgQSPEjEBJwwZ8rYSVPmThmDCB9GnFixDMOA; expires=Wed, 22 Nov 2023 22:51:05 GMT; path=/; HttpOnly; secure; SameSite=None
Cache-Control: no-cache, no-store, no-transform, must-revalidate, no-transform
X-Robots-Tag: none, noindex, nofollow
Report-To: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11344
Expires: Wed, 23 Nov 2022 02:00:09 GMT
Date: Tue, 22 Nov 2022 22:51:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11344
Expires: Wed, 23 Nov 2022 02:00:09 GMT
Date: Tue, 22 Nov 2022 22:51:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11344
Expires: Wed, 23 Nov 2022 02:00:09 GMT
Date: Tue, 22 Nov 2022 22:51:05 GMT
Connection: keep-alive

statisticresearch.com/user-segments/?pid=TH

52.204.249.38

200 OK

565 B

URL HTTP/2
statisticresearch.com/user-segments/?pid=TH
IP
52.204.249.38:0
ASN
#14618 AMAZON-AES

File type
data
Size
565 B (565 bytes)
Hash
ecf1f8c3f6b5a0b3ec0b0a96160640b0
37a34620c27486e571aa81a3e77c9ec58d99e5e4
e2e65fca10626caab4c4b92a1d90c61fe652edb5d12ac531a0e4cea01b571d90

HTTP Headers

GET /user-segments/?pid=TH HTTP/1.1
Host: statisticresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 22 Nov 2022 22:51:05 GMT
server: nginx
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12898 bytes)
Hash
820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: f8d7ec52-de2e-4f7d-91d6-7c6746b2e986
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBb_DG9wIAMF-Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4060-136352774dc38263271f61ca;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: y77tcNOOUhQplSdStzH1ECyjWeYcUUT9IrgTx8cqH4ZnmFaAy0FsEg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:51:25 GMT
age: 3580
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4977 bytes)
Hash
0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Or1B6k7o4cYqVXfndjJsKLOV-aYKX8bfHCQIUqNzvofjQSnIf8f04A==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:52:42 GMT
age: 3503
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F719df867-6e3b-42ad-bb29-bacd6908c756.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5721 bytes)
Hash
858121146f13af8b53e7bfb9d143490c
2a0aa4d6e3d648b23e15db38559fa9be9ca2cdd8
5c79f7d9479cdaca6fca1abc2af768f8dbe2e7df70959a6620c676a4a4060b9e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F719df867-6e3b-42ad-bb29-bacd6908c756.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5721
x-amzn-requestid: d6a84920-e8e5-4160-aea1-ccabce26d36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bvCq5EH4IAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375e4ab-7835c4341c7b2fb700784aa2;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 07:37:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: GNC4xBSK_U7lio4ixC17K0ZzJDw1ilvVkUdjN4QpVk2Po7jReYKq7Q==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 03:31:46 GMT
age: 69559
etag: "2a0aa4d6e3d648b23e15db38559fa9be9ca2cdd8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8089 bytes)
Hash
c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ngJvyUydpRDSiYy9kfeh8JmydmR_K8mjfZtGLgT0qeE2JaABbDMSaQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:28 GMT
age: 3277
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8000 bytes)
Hash
448adf31ef3a09f7d8a45e1c038fe1d8
88e9613f90c14dca0b2c0b60103d0c8e4d859cc8
cedf0f3bd94dfde56b90f130fc960fe73d0131594b9b4ff0e8dbbe27d76b0926

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8000
x-amzn-requestid: 9761ee4c-6da2-4b57-8fab-4d94ec810717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bn1pXGrCIAMFe3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63730308-7628d58a621de956205e1f9c;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 03:10:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pRbkuC0HMmZTAId5hWCbgs763wEzKLsxSo7iVWlSla5RYqhGxnzMrQ==
via: 1.1 100e7eca600d702a8613a94cb0899fe8.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:46:20 GMT
age: 3885
etag: "88e9613f90c14dca0b2c0b60103d0c8e4d859cc8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9766 bytes)
Hash
3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gtzOoH3--VR9BQTHvU5vInc6yhBcK0-O1oBbVJpAhpRRqqKY8vAf_g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:45:48 GMT
age: 3917
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.smrt-assets.com/assets/1373/other/favicon.ico

23.36.76.144

200 OK

1.2 kB

URL HTTP/1.1
cdn.smrt-assets.com/assets/1373/other/favicon.ico
IP
23.36.76.144:0
ASN
#20940 Akamai International B.V.

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
38722a803b73dd1871a3d8a19db44d2f
3379960a2c6611bfefcb39e662198d6df322e12d
314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97

HTTP Headers

GET /assets/1373/other/favicon.ico HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Wed, 28 Apr 2021 11:28:55 GMT
ETag: "38722a803b73dd1871a3d8a19db44d2f"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: IAD66-C1
X-Amz-Cf-Id: JbGE-qPp-rz1sjNie-YOUT5WYN1nceHRFWqeEDCyU1T8VI4fT_WTxA==
Date: Tue, 22 Nov 2022 22:51:05 GMT
Connection: keep-alive

static.trafficjunky.com/js/mp.min.js

205.185.208.79

200 OK

3.6 kB

URL HTTP/1.1
static.trafficjunky.com/js/mp.min.js
IP
205.185.208.79:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (10690), with no line terminators
Size
3.6 kB (3628 bytes)
Hash
044c370813dc1ea880f32a5be81384e7
53b0733cfc26f2bc7e83d1da0c087d5513fcf548
2acb7fa7d04e9c94971b02b9f67140f2bcc9fb51ee361096c735e7f81518c94c

HTTP Headers

GET /js/mp.min.js HTTP/1.1
Host: static.trafficjunky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://smartsecuredt.com/

HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 22:51:05 GMT
Connection: Keep-Alive
ETag: "1652721327"
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 3628
Content-Type: application/javascript
Last-Modified: Mon, 16 May 2022 17:15:27 GMT
Accept-Ranges: bytes
X-HW: 1669157465.dop014.sk1.t,1669157465.cds003.sk1.c
Access-Control-Allow-Origin: *

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 22 Nov 2022 22:41:08 GMT
expires: Wed, 23 Nov 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 597
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 22:51:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6b2ae7abd7edcc80b3414297b6ca804e
256f24eac2f7bd700767ab04771d84235badfcbc
34349c1fb84be8ba69019b589e36f223052727870f18592938d9aaa456c28c6f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99972
Date: Tue, 22 Nov 2022 22:51:05 GMT
Etag: "637c24dd-1d7"
Expires: Thu, 24 Nov 2022 02:37:17 GMT
Last-Modified: Tue, 22 Nov 2022 01:24:45 GMT
Server: ECS (dcb/7F13)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sMvo3Jq2C389e4SnIh04WYbPT3hqraKXmBQt4bov145gX1EgAYb5Zg==
Age: 4352

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=703471990.1669157465&jid=234941350&gjid=1807145987&_gid=553103804.1669157465&_u=YADAAEAAAAAAACAAI~&z=1904219108

142.250.150.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=703471990.1669157465&jid=234941350&gjid=1807145987&_gid=553103804.1669157465&_u=YADAAEAAAAAAACAAI~&z=1904219108
IP
142.250.150.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=703471990.1669157465&jid=234941350&gjid=1807145987&_gid=553103804.1669157465&_u=YADAAEAAAAAAACAAI~&z=1904219108 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://smartsecuredt.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 22 Nov 2022 22:51:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
461760f30678f8aa3ad801eb88dc59d9
7b3c33ec99c429ad19918895014e309ca947f31a
fe8c62f7c90fa17a3d286b4abc0c8d7aa338d26aa4724d0d5dbaaab7b889b382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 22:51:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

guard.cdtbox.rocks/color?x=1&forScheme=aHR0cDovL3NtYXJ0c2VjdXJlZHQuY29tL3NtYXJ0bGluay8/YT04OTA3MiZzbT05NDc0Jm10PTImczE9ODZmNDdlNTktMjdkNy00ZTQ0LWJkOWMtNTA0MjM5OGU0MmE5Xzc0MCZzMj1mNWE2NTdmNDJjMzQwZjg2YWM2ZDQ2YjM3YjA3OWNmYyZzMz01NTg=

54.164.22.60

200 OK

2 B

URL HTTP/2
guard.cdtbox.rocks/color?x=1&forScheme=aHR0cDovL3NtYXJ0c2VjdXJlZHQuY29tL3NtYXJ0bGluay8/YT04OTA3MiZzbT05NDc0Jm10PTImczE9ODZmNDdlNTktMjdkNy00ZTQ0LWJkOWMtNTA0MjM5OGU0MmE5Xzc0MCZzMj1mNWE2NTdmNDJjMzQwZjg2YWM2ZDQ2YjM3YjA3OWNmYyZzMz01NTg=
IP
54.164.22.60:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

GET /color?x=1&forScheme=aHR0cDovL3NtYXJ0c2VjdXJlZHQuY29tL3NtYXJ0bGluay8/YT04OTA3MiZzbT05NDc0Jm10PTImczE9ODZmNDdlNTktMjdkNy00ZTQ0LWJkOWMtNTA0MjM5OGU0MmE5Xzc0MCZzMj1mNWE2NTdmNDJjMzQwZjg2YWM2ZDQ2YjM3YjA3OWNmYyZzMz01NTg= HTTP/1.1
Host: guard.cdtbox.rocks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 22 Nov 2022 22:51:05 GMT
content-type: application/json
content-length: 2
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRPS8FB&gtm=2oeb90&_p=450068728&cid=703471990.1669157465&ul=en-us&sr=1280x1024&_s=1&sid=1669157465&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D86f47e59-27d7-4e44-bd9c-5042398e42a9_740%26s2%3Df5a657f42c340f86ac6d46b37b079cfc%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRPS8FB&gtm=2oeb90&_p=450068728&cid=703471990.1669157465&ul=en-us&sr=1280x1024&_s=1&sid=1669157465&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D86f47e59-27d7-4e44-bd9c-5042398e42a9_740%26s2%3Df5a657f42c340f86ac6d46b37b079cfc%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-C3EPRPS8FB&gtm=2oeb90&_p=450068728&cid=703471990.1669157465&ul=en-us&sr=1280x1024&_s=1&sid=1669157465&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D86f47e59-27d7-4e44-bd9c-5042398e42a9_740%26s2%3Df5a657f42c340f86ac6d46b37b079cfc%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://smartsecuredt.com
date: Tue, 22 Nov 2022 22:51:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6378ed5-9377-4686-98bd-f799fa2d276b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7627 bytes)
Hash
73d326a472c49597186498283399b596
5f61c5e418f95e10e5b1260aac63a226dc26ab0b
143bef27d23a287bfa99421c33f28a4c8d37ad50d6b75d93ce4a3a167b9b5401

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6378ed5-9377-4686-98bd-f799fa2d276b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7627
x-amzn-requestid: 14fa1fb6-1af2-485d-ae6e-3c05baaf6944
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1eJnHTXoAMFryQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6378770a-738012af5c6313191ca29f38;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 06:26:18 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Lj2WKFWupspDwkhlsfhyvf3p2tabXaZNMQGnxQ4qLq5VU1JT1DSi0w==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 d15b6a95f7c8298444f59a99d8027cec.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:54:17 GMT
age: 3415
etag: "5f61c5e418f95e10e5b1260aac63a226dc26ab0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat:400,500,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.smrt-assets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 22:51:05 GMT
date: Tue, 22 Nov 2022 22:51:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

v2.trckguardlnk.com/click?a=558&sub_id1=wk5p6vsmfh5kpmlk21k2f450&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&o=2219

18.195.157.163

200 OK

0 B

URL HTTP/2
v2.trckguardlnk.com/click?a=558&sub_id1=wk5p6vsmfh5kpmlk21k2f450&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&o=2219
IP
18.195.157.163:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /click?a=558&sub_id1=wk5p6vsmfh5kpmlk21k2f450&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&o=2219 HTTP/1.1
Host: v2.trckguardlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Tue, 22 Nov 2022 22:51:04 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-13111c20aee51aeb480ecbd988cd8cc9=unique; expires=Thu, 22-Dec-2022 22:51:04 GMT; Max-Age=2592000; path=/; secure; SameSite=None
o_13111c20aee51aeb480ecbd988cd8cc9=825120e7-c548-4bd5-876d-8d48201201c5; expires=Tue, 29-Nov-2022 22:51:04 GMT; Max-Age=604800; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations