Overview

URLa.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=75&affiliateID=75077&source=102c2ae0ac2619ca9ffcf5927a0060&subID2=55609&target=&Site=&Bnr=ALGO&cid=wnusvi3evfl21opkighujs4i&affsource=75
IP 18.192.108.151 (Germany)
ASN#16509 AMAZON-02
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-28 08:06:32 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (31)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
smartsecuredt.com (1) 0 2022-06-03 01:48:10 UTC 2022-11-28 06:57:30 UTC 45.91.67.98 Unknown ranking
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-28 05:48:59 UTC 142.250.74.10
ocsp.sca1b.amazontrust.com (3) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.88
s.anadm.link (1) 0 2022-04-08 20:37:13 UTC 2022-11-27 17:27:26 UTC 54.230.111.123 Unknown ranking
ocsp.r2m01.amazontrust.com (1) 0 2022-10-12 20:43:53 UTC 2022-11-28 05:20:32 UTC 54.230.80.227 Domain (amazontrust.com) ranked at: 581
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-28 05:50:24 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-28 05:55:58 UTC 34.102.187.140
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-28 06:20:04 UTC 216.239.38.178
guard.cdtbox.rocks (1) 240008 2020-08-11 05:30:44 UTC 2022-11-28 05:09:52 UTC 54.164.22.60
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-28 05:46:10 UTC 34.117.237.239
zzotrack.com (1) 470411 No data No data 18.184.38.55
cdn.smrt-assets.com (8) 0 No data No data 23.36.76.144 Unknown ranking
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-28 05:49:11 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
v2.trckguardlnk.com (3) 0 No data No data 3.66.74.238 Unknown ranking
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-28 06:09:03 UTC 142.250.74.168
a.vfgtc.com (2) 0 2019-09-27 12:31:23 UTC 2019-09-27 12:31:23 UTC 18.192.108.151 Unknown ranking
r3.o.lencr.org (8) 344 No data No data 23.36.76.226
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
a.vfgtf.com (1) 0 No data No data 18.192.108.151 Unknown ranking
static.trafficjunky.com (1) 13961 2015-03-25 11:36:27 UTC 2020-05-04 07:52:25 UTC 205.185.208.79
t.anmdr.link (1) 0 2022-07-07 15:35:25 UTC 2022-11-28 05:31:29 UTC 54.230.111.117 Unknown ranking
e1.o.lencr.org (2) 6159 No data No data 23.36.76.226
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
www.gstatic.com (2) 0 2016-07-26 09:37:06 UTC 2022-11-28 05:52:04 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
tracking.t0r4.com (1) 0 2022-05-18 20:26:48 UTC 2022-11-27 20:59:29 UTC 104.21.19.241 Unknown ranking
statisticresearch.com (1) 584767 2019-05-28 07:17:54 UTC 2022-11-28 05:09:51 UTC 52.1.249.203
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.216.88.5
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
tsyndicate.com (1) 13042 2017-03-16 09:04:54 UTC 2022-11-28 06:16:59 UTC 162.55.130.248
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-28 05:50:48 UTC 142.251.1.155

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-28 2 trckguardlnk.com Sinkholed
2022-11-28 2 trckguardlnk.com Sinkholed
2022-11-28 2 trckguardlnk.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 18.192.108.151
Date UQ / IDS / BL URL IP
2023-02-03 22:54:34 +0000 0 - 0 - 1 track.supercosmo.xyz/2a03a440-038a-4b7c-a202- (...) 18.192.108.151
2023-02-03 22:23:23 +0000 0 - 1 - 0 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52 (...) 18.192.108.151
2023-02-03 22:06:45 +0000 1 - 0 - 11 track.supercosmo.xyz/963288b6-b222-4a89-a769- (...) 18.192.108.151
2023-02-03 20:04:05 +0000 1 - 0 - 11 track.supercosmo.xyz/4bd19aab-77c8-4585-aa49- (...) 18.192.108.151
2023-02-03 19:11:28 +0000 0 - 1 - 0 prolleted-flogyprus.icu/4721da3d-ce9d-4466-bb (...) 18.192.108.151


Last 5 reports on ASN: AMAZON-02
Date UQ / IDS / BL URL IP
2023-02-04 03:06:31 +0000 0 - 3 - 2 www.stockfootageonline.com/website.php?url=co (...) 54.194.44.236
2023-02-04 03:05:47 +0000 0 - 2 - 1 tdalpacafarm.com/files/kr/contents/Vkggy0.hta 52.213.114.86
2023-02-04 03:02:17 +0000 0 - 3 - 4 ww38.letsmakeparty3.ga/step?2/wp-login.php 76.223.26.96
2023-02-04 03:02:05 +0000 0 - 0 - 1 se.northshoreweed.com/0200.bin 3.130.253.23
2023-02-04 02:55:56 +0000 0 - 0 - 2 www.midstaffsinquiry.com/assets/docs/Report-p (...) 75.2.115.196


Last 5 reports on domain: vfgtc.com
Date UQ / IDS / BL URL IP
2023-02-03 22:23:23 +0000 0 - 1 - 0 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52 (...) 18.192.108.151
2023-02-03 08:51:08 +0000 0 - 2 - 23 a.vfgtc.com/90bfa31c-3b87-4244-8c8c-f7716ecf9 (...) 18.192.108.151
2023-02-02 12:38:55 +0000 0 - 1 - 0 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52 (...) 18.192.108.151
2023-02-01 20:16:34 +0000 0 - 1 - 0 a.vfgtc.com/d88e86d7-9ecc-4c29-a870-c27a15811 (...) 18.192.108.151
2023-02-01 20:16:30 +0000 0 - 1 - 0 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52 (...) 18.192.108.151


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-03 09:26:04 +0000 0 - 0 - 2 t63lf.hp1001.com/show/8_0584.html 72.52.179.174
2023-02-03 01:58:59 +0000 0 - 1 - 3 ikbg97fpm23j3o.pics/ 162.255.119.21
2023-02-02 10:26:40 +0000 0 - 0 - 1 www.bigdoqq.com/ 67.227.226.240
2023-01-31 03:43:28 +0000 0 - 0 - 9 mkkuei4kdsz.com/966/863.html 64.225.91.73
2023-01-25 11:53:39 +0000 0 - 0 - 1 15thjdepretrial.com/ 81.17.18.198

JavaScript

Executed Scripts (18)

Executed Evals (1)
#1 JavaScript::Eval (size: 2) - SHA256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
ok

Executed Writes (0)


HTTP Transactions (68)


Request Response
                                        
                                            GET /cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=75&affiliateID=75077&source=102c2ae0ac2619ca9ffcf5927a0060&subID2=55609&target=&Site=&Bnr=ALGO&cid=wnusvi3evfl21opkighujs4i&affsource=75 HTTP/1.1 
Host: a.vfgtc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         18.192.108.151
HTTP/1.1 302
                                        
Server: nginx
Date: Mon, 28 Nov 2022 08:06:20 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://t.anmdr.link/75077/3785/26412/?aff_sub4=_bucket&aff_sub=75&aff_sub2=55609&aff_sub3=wfstp984n87gaopk281vtsm4&source=102c2ae0ac2619ca9ffcf5927a0060&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756
Pragma: no-cache
Set-Cookie: cb5cb9a8-26a4-42ae-946b-aae4b3e52909-v4=lT6Ju6M5jUaKtIEap9-yEq34jRYaPLybgGoaACtARSw; Max-Age=86400; Expires=Tue, 29-Nov-2022 08:06:20 GMT; Domain=a.vfgtc.com; Path=/; HttpOnly cc-v4=wgkDSzdzMBq%2F40KIbwYZqapMF3%2FAdc%2FaA6CoVvN89eFnUVgievjdY8gCAUyom6HOloB28q3%2BHLbmKZubJCvW%2BdQ3Ak8VQHcndZXfbWkhU2XcSM0xDbVctxC4g6wB8CCPEnRGS7CHRlSZK1U3a6%2BqGw%3D%3D; Max-Age=31536000; Expires=Tue, 28-Nov-2023 08:06:20 GMT; Domain=a.vfgtc.com; Path=/; HttpOnly

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15372
Expires: Mon, 28 Nov 2022 12:22:32 GMT
Date: Mon, 28 Nov 2022 08:06:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5831
Cache-Control: max-age=100923
Date: Mon, 28 Nov 2022 08:06:21 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 12:08:24 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2767
Expires: Mon, 28 Nov 2022 08:52:28 GMT
Date: Mon, 28 Nov 2022 08:06:21 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 07:17:45 GMT
cache-control: public,max-age=3600
age: 2916
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: SNDV/U0wHBaw1FsSL1VbVSBhX+ZIVRE7XI/tchBd7amXGb3PlCCKYa2GWEQ96sSVokBoLVPNFA0=
x-amz-request-id: PGA2HRR63VNZQRRT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 07:44:57 GMT
age: 1284
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128135
Date: Mon, 28 Nov 2022 08:06:21 GMT
Etag: "6383b69a-1d7"
Expires: Tue, 29 Nov 2022 19:41:56 GMT
Last-Modified: Sun, 27 Nov 2022 19:12:26 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bemIBYf8Nh4VUnklsXWFDguTmXjcCx-o7YxspWzwF7K8asaJfFd4aQ==
Age: 1770

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 28 Nov 2022 08:06:21 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 07:08:55 GMT
cache-control: public,max-age=3600
age: 3446
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /75077/3785/26412/?aff_sub4=_bucket&aff_sub=75&aff_sub2=55609&aff_sub3=wfstp984n87gaopk281vtsm4&source=102c2ae0ac2619ca9ffcf5927a0060&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756 HTTP/1.1 
Host: t.anmdr.link
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: enc_aff_session_4204=ENC03f2d21b4210eb957e5d4406dc8f3df1968433faf310b06bd0793773eb2e9fd6eb8e0450dfd361f7b749182013f6381a7e5302064190ab008a1899f0f01dfbf3b54842e5e0bd44f7bdd0a7373de8897f6438a77be15721a1f679773e2685f70bbb6c2eae3ed120d2a29d201c354f19caa37347f7b325f88f26a743cb9f9c20b13b8e1c0bef9814d10569a751259e5991621406f28566b96fb4ce7d0e34fe9bc474532c82de44d02159bffcb6fcc35d15bfa4e26769171313d405c03798fdd2c0a9870835d40d0f33182a416ec622f832cf4e476e197f7fc2b0cc8bae9745820469021994d1; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         54.230.111.117
HTTP/2 303 See Other
content-type: text/html; charset=utf-8
                                        
content-length: 1020
location: https://a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=75%3B102c2ae0ac2619ca9ffcf5927a0060&affiliateID=44542&source=1029b4797cbe96fb4263ceda44f598&subID2=75077&s2=1029b4797cbe96fb4263ceda44f598&s3=75%3B102c2ae0ac2619ca9ffcf5927a0060&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=75&affsource=75&aff_click_id=1029b4797cbe96fb4263ceda44f598&affsource=102c2ae0ac2619ca9ffcf5927a0060&bo=2753%2C2754%2C2755%2C2756
server: nginx/1.19.0
date: Mon, 28 Nov 2022 08:06:21 GMT
set-cookie: aff_ran_url_3785=26412; Path=/; Expires=Tue, 29 Nov 2022 08:06:21 GMT; Secure enc_aff_session_3785=ENC038e82b33d8d5124c24ea2625fbb85a5d3affda03c3425513d1b8b8c9831352605faefee7186c4a875eeb09ba7bf5921927abae2ef679cfd7cc390d7dff599fb1791317a7d21b2defe9209d0d5454e6ea4f3e5051ec723846b3ca9906f4306da5f2731b41d405babcc72a93b91e6b31558680515f4b5a9bb3270149f17cfefa7abfc22aa93e80381947a59b5348cad4e15ef9003d68ff4e8cfbcb037d076c137a93e9bef6c7b4acdb62a63a58fe0ddbab140c6e28e79f953f71f3cc027246790091d4e0b46; Path=/; Expires=Wed, 27 Nov 2024 08:06:21 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Wed, 22 Oct 2025 18:46:21 GMT; Secure
tracking_id: 1029b4797cbe96fb4263ceda44f598
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fRs1ZCv0iEaxOAK2cb-z3i8OpGnvaFe9mFc1YPmpAnznq-MCcdArpg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (1020), with no line terminators
Size:   1020
Md5:    662199f9d7324f5ea010d3712e383940
Sha1:   ebec3dccaf356f0affff7d57f60c51e4c6a8be0a
Sha256: bcf20bc500d1b9aa0171c8c420538e7744f8c9dcc42151d3852318d95a27ec48
                                        
                                            GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=75%3B102c2ae0ac2619ca9ffcf5927a0060&affiliateID=44542&source=1029b4797cbe96fb4263ceda44f598&subID2=75077&s2=1029b4797cbe96fb4263ceda44f598&s3=75%3B102c2ae0ac2619ca9ffcf5927a0060&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=75&affsource=75&aff_click_id=1029b4797cbe96fb4263ceda44f598&affsource=102c2ae0ac2619ca9ffcf5927a0060&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 
Host: a.vfgtf.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         18.192.108.151
HTTP/2 302 Found
                                        
server: nginx
date: Mon, 28 Nov 2022 08:06:21 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=75%3B102c2ae0ac2619ca9ffcf5927a0060&affiliateID=170910&source=1029b4797cbe96fb4263ceda44f598&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=wkafj7eg257vjopk2bbuib3q&affsource=75
pragma: no-cache
set-cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=qixygMwdYt5WfSAx20zFDh6-a8AZgMjp015sQHE3NrU; Max-Age=86400; Expires=Tue, 29-Nov-2022 08:06:21 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=Pt5nHcncgOd5qATqBK6sjGhS7ZT3q%2B9eOV069XTb52c4U3Fvb%2FeBSiAnEec9edZ59k5%2FnPV0oj4aqBvyzSSnosPB8Mtxco9bk8hC2dUsVDYJFHqmB67%2FzDI4CiNqVjwblAeZ9qn2E2CotWcRBeWSMw%3D%3D; Max-Age=31536000; Expires=Tue, 28-Nov-2023 08:06:21 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3473
Cache-Control: max-age=93503
Date: Mon, 28 Nov 2022 08:06:21 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:04:44 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=75%3B102c2ae0ac2619ca9ffcf5927a0060&affiliateID=170910&source=1029b4797cbe96fb4263ceda44f598&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=wkafj7eg257vjopk2bbuib3q&affsource=75 HTTP/1.1 
Host: a.vfgtc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: 90bfa31c-3b87-4244-8c8c-f7716ecf9fd4-v4=WRhsop1Co9rBPoqvWUJ85XuoZHhIJbDC4zEHuFhMyEQ; cc-v4=sG1sxurzo0To42asxWCL49XbeAb%2FH2RY9kM7mAzqVgo58pJ%2FE2cXGnygLi%2B0vYvOySaB%2FiBt%2FMEaKYjWy6OAn1BdC%2Br4SoDoDzHhsqr9QBvBuij%2FrlP1MFeqwV%2BctyJIZWqslsspWKQ4iLRVNrHUyA%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         18.192.108.151
HTTP/2 302 Found
                                        
server: nginx
date: Mon, 28 Nov 2022 08:06:21 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.anadm.link/170910/8373/0/?aff_sub=75%3B102c2ae0ac2619ca9ffcf5927a0060&aff_sub2=75077&aff_sub3=wgvn1b3rpslbqopkih451ca4&source=1029b4797cbe96fb4263ceda44f598&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_75
pragma: no-cache
set-cookie: 2d2fb929-79a5-4a1c-840d-3f370da182b6-v4=3DjSNcZJRCLD-OhzRXgNePv0xDGtZiWF0YL5QcJ2Ryg; Max-Age=86400; Expires=Tue, 29-Nov-2022 08:06:21 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=1M1JoCqJGYFxSQAaZmdzWpGHA9PgWxt7A4uAuONqEeIusBjVQEo9xpB2vZa0hlW1wTIuGxF4bcYRmyuNMmmwhNHaSEwgS%2BvQOzQq%2BuzVnrkkkpgUavJzzYM7RCsh7hYkhS1oUo278UO23EnEQcSI3Q%3D%3D; Max-Age=31536000; Expires=Tue, 28-Nov-2023 08:06:21 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: setlKtXdRx5sbt3fvZUhqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.216.88.5
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TntuNUwsU6TLvUohGCTuZ7J6cKs=

                                        
                                            GET /170910/8373/0/?aff_sub=75%3B102c2ae0ac2619ca9ffcf5927a0060&aff_sub2=75077&aff_sub3=wgvn1b3rpslbqopkih451ca4&source=1029b4797cbe96fb4263ceda44f598&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_75 HTTP/1.1 
Host: s.anadm.link
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         54.230.111.123
HTTP/2 303 See Other
content-type: text/html; charset=utf-8
                                        
content-length: 420
location: https://tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=1029b4797cbe96fb4263ceda44f598&sub3=10281f9d3fd14c4fae3dfb41392393&bo=2753%2C2754%2C2755%2C2756
server: nginx/1.19.0
date: Mon, 28 Nov 2022 08:06:22 GMT
set-cookie: enc_aff_session_8373=ENC03227ae8be14081b268759ea779fd4b387a5d5bdfbd8540b865d7237ccd5d69ebd0302eeefd4a1857845555a2c1ef23bf0c45f17d477adb489285475f8e6f61e3fcc9fcf8ffbe78cb337a086404e3740d9e7fabaf802b382caeb0b08b884bdaea674923b895ceff2ada498b92856d4332461c9769a79cf34bc82dc0b770254afc63358933cb111c8d7f3f80ec66202f330e93ee7c1f4d2e73ad4f00277d015286404f3a8de6dd392124b0710bd8639014af44170b6007c2ac3ecc6878b4f8e2dbe889bdc0d99c87a449d0947917f8226080a46b04ede9a237a38f551091d6dbd83231d4b51; Path=/; Expires=Wed, 27 Nov 2024 08:06:22 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Wed, 22 Oct 2025 18:46:22 GMT; Secure
tracking_id: 10281f9d3fd14c4fae3dfb41392393
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uSSAOaMXlkHPT__d7SueE3y3DJhQLK5RiMfwBzIOh6y_yGaa3_Jqog==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (420), with no line terminators
Size:   420
Md5:    c88ebb633ad1e375bbf09e9b40a32ab3
Sha1:   c47289ed8bb88039e6b2c830628dd2d3aeedb59f
Sha256: 02ee72ecede139b519f66dd083ec078fd02c275dfddc9b380fff0c57ac214cc2
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "52DD901F4BA52369BFE3FF9922B6BD271005002CFBC026CEAF9F236F26D8790E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1846
Expires: Mon, 28 Nov 2022 08:37:08 GMT
Date: Mon, 28 Nov 2022 08:06:22 GMT
Connection: keep-alive

                                        
                                            GET /click?pid=781&offer_id=1085&sub1=170910&sub2=1029b4797cbe96fb4263ceda44f598&sub3=10281f9d3fd14c4fae3dfb41392393&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 
Host: tracking.t0r4.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.21.19.241
HTTP/2 302 Found
                                        
date: Mon, 28 Nov 2022 08:06:22 GMT
content-length: 0
location: https://zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=1029b4797cbe96fb4263ceda44f598&campaign=&sum=&clickid=63846bfeae2cdb0001e7b28f
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63846bfeae2cdb0001e7b28f; expires=Tue, 28 Nov 2023 08:06:22 GMT; secure; SameSite=None afoffers={"1085":1669622782}; expires=Tue, 28 Nov 2023 08:06:22 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRmjWEVvDNc98dp3hz9DEtRNQ4OI2Vj2KhYf7hvTWq1UlCq1JrzSDjHKIfSTeXTZ4B3U35jsohAH7M7%2FZvrIipnU99hq3iIPHTSdLtWJO7s4asP5k7DaVRyDriqatr4oTPq9EA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77119a95ce2a0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "6D11506056F599B5097FEC0F9063644E600BC04DA43A1D2485506DDE81FEF0A6"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4269
Expires: Mon, 28 Nov 2022 09:17:31 GMT
Date: Mon, 28 Nov 2022 08:06:22 GMT
Connection: keep-alive

                                        
                                            GET /381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=1029b4797cbe96fb4263ceda44f598&campaign=&sum=&clickid=63846bfeae2cdb0001e7b28f HTTP/1.1 
Host: zzotrack.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         18.184.38.55
HTTP/2 302 Found
                                        
server: nginx
date: Mon, 28 Nov 2022 08:06:22 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wkafj7eg257vjopk2osnpgak&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781
pragma: no-cache
set-cookie: 381f1b1b-7ced-4eef-857b-418b4c176094-v4=OfNMtNgve1yKGn0LtYax91cYZezCTumhoFhbNsO5WiA; Max-Age=86400; Expires=Tue, 29-Nov-2022 08:06:22 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=StgACe0CyUhMjVd61PbODgy0Yf7AaqHZarIOTkIR9IQZ%2FqmZngxhLoc7oFE39wYak8fia3oJdpnKR1BO5PWzmPkax1Wwksh5SheH%2BQOI93M1j0Yv%2B8GRqviTg%2FnJx3nT%2FQBULv7nNzLl7%2FBXCXxPzw%3D%3D; Max-Age=31536000; Expires=Tue, 28-Nov-2023 08:06:22 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.r2m01.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.80.227
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 08:06:22 GMT
Etag: "6383355a-1d7"
Last-Modified: Mon, 28 Nov 2022 06:24:13 GMT
Server: ECS (dcb/7EA6)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: en7oTbnbibhRVuNqzVy_to4Teb2fK8YokMpVb7dgEWbN-2r7A4J-Ag==
Age: 6129

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6021
Expires: Mon, 28 Nov 2022 09:46:44 GMT
Date: Mon, 28 Nov 2022 08:06:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6021
Expires: Mon, 28 Nov 2022 09:46:44 GMT
Date: Mon, 28 Nov 2022 08:06:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6021
Expires: Mon, 28 Nov 2022 09:46:44 GMT
Date: Mon, 28 Nov 2022 08:06:23 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 36277
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9430
Md5:    1f434933b5bd6377d299ada22d1ae7ef
Sha1:   075531f525e625b117b2497f31139c9824d0e9c5
Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7556
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78KFTmoAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 70UuQl2XCoplrZYENrKleE2mcvB-xP9zZGs8Tuh21NidSiHvA97sXw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 36914
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7556
Md5:    7e5051d8c06f69e1842a9295ce256a36
Sha1:   1a542a53ba0b1cd0fb23257ebed8166555f16dfb
Sha256: a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8771
x-amzn-requestid: 995d3904-9be1-4b40-9813-ff47e60639ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MEAPoAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-3fdb7958064e0c4b1aed2136;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vrBB4JkuL3nbZnDWitQ4dvTruO9M6hSt8mw9NuJliCmcNOw8xvfWhw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:16:08 GMT
age: 35415
etag: "3da359b1ba09138a425094715b9f3a2f8d0257fe"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8771
Md5:    b0bd385532089b45a14e461abbecc1af
Sha1:   3da359b1ba09138a425094715b9f3a2f8d0257fe
Sha256: 803001528f2aefc1ea90e585d48de435975862861a1cbe8d898e5cd7ebd297dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6263
x-amzn-requestid: 5c3da401-eb9e-4904-a7e9-5e74648b8b77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KFfWoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3110d65625e883502a5078a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X6t2ucU4VTXi5XIRLVpmTMxEW3MtinOQs3mIHIhgeW6aK6kN53dWEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:18 GMT
age: 36905
etag: "c033d1ecdb9e7640f3df044e39053bed8292fcbc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6263
Md5:    b24e349e9d22fb30fbc80497b512cead
Sha1:   c033d1ecdb9e7640f3df044e39053bed8292fcbc
Sha256: 2d77e3c39c60a3563613b1ba97ec0b1a256f41ad09936ba49b23d8cf22f8a7a8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4708
x-amzn-requestid: 6efd15cd-c944-42e7-8142-01360fbe4a25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JFbXIAMFc_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3c7d91eb7a2f3a9669f89d88;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6FSZ3Zw-s95LlrU3skAr5_g6m36c9SQ9_6vA3HFbMKYTTFzJRBJ76w==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:26:43 GMT
age: 34780
etag: "a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4708
Md5:    4060284252d32701c42e2df4a83970a0
Sha1:   a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da
Sha256: 53eca0f8435d6e2e62962ef80d4597afad2773a582746d523f7f5d30c3e07b8e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5989
x-amzn-requestid: db10fcc5-80ab-4650-af49-d5afe36706f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78LHQqIAMF9_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-4cbd19e3227894844807742c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A5n6y1-hpgr4vynnRXkEZNvCvjlNGH6brl7eYMsdN1MST7YoD2BPgA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:13 GMT
age: 36910
etag: "21aa6418f3a0d2b64925b66d5fb9079b7e84a11c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5989
Md5:    fa848cb85e85df184b078fe7aa95ae52
Sha1:   21aa6418f3a0d2b64925b66d5fb9079b7e84a11c
Sha256: 37d299c166e3350dee6dee647e98a86f8bd916d186bae12c42764ed0a3177085
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: v2.trckguardlnk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; U-13111c20aee51aeb480ecbd988cd8cc9=unique; o_13111c20aee51aeb480ecbd988cd8cc9=e68d09c4-8fad-4bfb-868f-bd9f50503893
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         3.66.74.238
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Mon, 28 Nov 2022 08:06:23 GMT
content-length: 318
server: nginx/1.20.0
last-modified: Tue, 04 May 2021 06:35:26 GMT
etag: "6090eb2e-13e"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Size:   318
Md5:    a976d227e5d1dcf62f5f7e623211dd1b
Sha1:   a2a9dc1abdd3d888484678663928cb024c359ee6
Sha256: 66332859bd8e3441a019e073a318b62a47014ba244121301034b510dc7532271

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /smartlink/?a=89072&sm=9474&mt=2&s1=381f1b1b-7ced-4eef-857b-418b4c176094_781&s2=f02ad13bf0c2c864de6b87eb224b74d4&s3=558 HTTP/1.1 
Host: smartsecuredt.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         45.91.67.98
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Mon, 28 Nov 2022 08:06:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Set-Cookie: v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5fZYZfp45s9WouApIX1qGRg=; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 08:06:23 GMT; Path=/; Secure; SameSite=None gdm_uid_v2_1_001=yjiZhc7k8igF8xy0yAwVQRWXsuH2FlCo9FYgwfcbEFQmRVcC0/zq2gI0HcIZE+CC; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 08:06:23 GMT; Path=/; Secure; SameSite=None gdm_visit_freq_v1_1_001=gJLhXJbXqrGXm/hn4dYEDVmhYlv+mSJE9MSvGd5VpkaxP36rjSFyFpjDuFUTIfFz; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 08:06:23 GMT; Path=/ gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 08:06:23 GMT; Path=/ gdm_uid_v1_1_001=yjiZhc7k8igF8xy0yAwVQRWXsuH2FlCo9FYgwfcbEFQmRVcC0/zq2gI0HcIZE+CC; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 08:06:23 GMT; Path=/ gdm_visit_freq_v2_1_001=gJLhXJbXqrGXm/hn4dYEDVmhYlv+mSJE9MSvGd5VpkaxP36rjSFyFpjDuFUTIfFz; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 08:06:23 GMT; Path=/; Secure; SameSite=None gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 08:06:23 GMT; Path=/; Secure; SameSite=None v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5fZYZfp45s9WouApIX1qGRg=; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 08:06:23 GMT; Path=/
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: Sat, 1 May 2020 12:00:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (599), with CRLF line terminators
Size:   2151
Md5:    e5f720ea96f577fdd487d487963f8762
Sha1:   3640742252f21d975c54c28dc3925c041f52ce17
Sha256: e30c4529a02a3865846d71a582bad942318d878c7fef40bb75bcd9d383165207
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "30DD144636B30BE86619E27E761D4B0238BD43CFA726778C6E5615C9F4BF68D8"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8178
Expires: Mon, 28 Nov 2022 10:22:41 GMT
Date: Mon, 28 Nov 2022 08:06:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "30DD144636B30BE86619E27E761D4B0238BD43CFA726778C6E5615C9F4BF68D8"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8178
Expires: Mon, 28 Nov 2022 10:22:41 GMT
Date: Mon, 28 Nov 2022 08:06:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "30DD144636B30BE86619E27E761D4B0238BD43CFA726778C6E5615C9F4BF68D8"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8178
Expires: Mon, 28 Nov 2022 10:22:41 GMT
Date: Mon, 28 Nov 2022 08:06:23 GMT
Connection: keep-alive

                                        
                                            GET /assets/1387/js/backoffer.js HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Content-Length: 660
Last-Modified: Thu, 06 May 2021 12:38:04 GMT
ETag: "e7e1dc07852a36f89e4be03aa3787316"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P2
X-Amz-Cf-Id: wMlw0DS_2cpDlmt-hXkUlzPF3cZyUBp0ipiQ_g-kkKca6KpQvvKboA==
Date: Mon, 28 Nov 2022 08:06:23 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   660
Md5:    e7e1dc07852a36f89e4be03aa3787316
Sha1:   0dc3f8e7eb943af093cf8f4600fcf0e421891025
Sha256: 33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388
                                        
                                            GET /assets/1144/js/jquery.min.js HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Last-Modified: Tue, 02 Feb 2021 11:29:28 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: rNAVYdmHMAMpMHYv4HPJBhrAtesAUrOBckV9PxD5uVlG8zkUkRY0ng==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 08:06:23 GMT
Content-Length: 29855
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   29855
Md5:    2fa28552f1ee4e1382ee43930b53afb8
Sha1:   803670da6a35378bf4eb73acc8e72fe4feb5ca30
Sha256: ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
                                        
                                            GET /prod/push-lang-config.js HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT
ETag: "7152525f63649929a736f6efb78b58a5"
x-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: PlzHg_kpLQKC63Gp9E61K1OBX5ibTIl975NYZyc2dmovD1t05XIN0Q==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 08:06:23 GMT
Content-Length: 2366
Connection: keep-alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (7658), with no line terminators
Size:   2366
Md5:    86caa25373c28e4a962df5e15f4c160f
Sha1:   7a992cdd21a4074c155ccc7016e7cf836a66dd85
Sha256: fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11
                                        
                                            GET /assets/1144/css/main.css HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Last-Modified: Tue, 02 Feb 2021 11:39:55 GMT
ETag: "fb41dc3d2a4826c0dd868c64bae7c77c"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: 6T72l0QFrSOjNpG37gHCrWR4JlltkKRjMcmj4QL5H4DRr0wvRi4Ylg==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 08:06:23 GMT
Content-Length: 2061
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2061
Md5:    977c6a0b5a9ea85f1861a0e9089a05c1
Sha1:   6a8155cda967fda2a16fc759deca252634aa0c78
Sha256: 2c1a4fed0126274ac848bade732edac2023c6389486e5c02cdc0be77548cd093
                                        
                                            GET /assets/1144/js/translatesrules.js HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Last-Modified: Tue, 02 Feb 2021 11:29:28 GMT
ETag: "f889c7341bca7408551f0da6879237a9"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: o0JI-D14FY46mUFaOurcdIXuAiNK9FRy0hlR2hHzIjPPV_ulUFWuSA==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 08:06:23 GMT
Content-Length: 9749
Connection: keep-alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   9749
Md5:    f09a391ba297c3912759882db1a9e38a
Sha1:   a7866e21b4febbf58a635613ec30608a9dfda386
Sha256: 2a734d2af14f59cdad75b60742d94cef667bb3271d2a8a2557be99796a840d3e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 08:06:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /prod/push-subscriber.js HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Tue, 29 Mar 2022 15:19:51 GMT
ETag: "6b5bccad39f7057909ad0660f33cc2fa"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: 35kqMJuJ1u5RjAKtxbnFwd5U4zZZCXGXjyOLiAvqNh6C3w79fp8VLA==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 08:06:23 GMT
Content-Length: 4395
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text
Size:   4395
Md5:    d87a44d0aa0b54e75b2eb54c76bcf152
Sha1:   f765110fd22c73d181d9a2ea1b20de424b3d9e35
Sha256: 6ec5fc6e201f4cf0ba2754f2510363cad0ea29076f9775cc25a06ff71763c0f7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 08:06:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:32:45 GMT
expires: Thu, 23 Nov 2023 18:32:45 GMT
cache-control: public, max-age=31536000
age: 394418
last-modified: Thu, 10 May 2018 20:35:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25088)
Size:   8604
Md5:    73069e532b7039778d3a7128c997c61a
Sha1:   c523bbf1ac7f4e612c8ade75434c42fbca885adc
Sha256: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
                                        
                                            GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:29:53 GMT
expires: Tue, 21 Nov 2023 18:29:53 GMT
cache-control: public, max-age=31536000
age: 567390
last-modified: Thu, 10 May 2018 20:35:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35547)
Size:   10017
Md5:    fa9987a23f5a9d865766e952511baa30
Sha1:   f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
Sha256: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 08:06:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 08:06:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/1144/images/17477724.png HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.smrt-assets.com/assets/1144/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 127399
Last-Modified: Tue, 02 Feb 2021 11:30:11 GMT
ETag: "48b5cf504b501519436d17763f4b52bd"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: oY9muSQRdUKiS1F6QjLdA1C6zzPiT-jc42BDhY7vd-qOiB1Nizbi5A==
Date: Mon, 28 Nov 2022 08:06:24 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image data, 540 x 614, 8-bit colormap, non-interlaced\012- data
Size:   127399
Md5:    48b5cf504b501519436d17763f4b52bd
Sha1:   b3fe5b65f350ad10b103a0cbbc4e79952358803d
Sha256: 3def9cfd1107dc28c620d5442e44474e820f91e99011e3d9eebc5572f653b509
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 08:06:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 08:06:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:18 GMT
expires: Fri, 24 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 314766
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 08:06:24 GMT
expires: Mon, 28 Nov 2022 08:06:24 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47293
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   47293
Md5:    d1f081b9a51150c822338d7ab970e162
Sha1:   2c0bd5667455510efc14ac422e119b3615f9e60f
Sha256: ce37b4645efe00bf875303cce8543811d811aaac227c051af1b5b39fe621551f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 08:06:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146339
Date: Mon, 28 Nov 2022 08:06:24 GMT
Etag: "6383fd01-1d7"
Expires: Wed, 30 Nov 2022 00:45:23 GMT
Last-Modified: Mon, 28 Nov 2022 00:12:49 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: INaiZjKr342Bjydrbvjeu9XbEf-3-HA_P1dtlXZmeTzzd2ibD-WqHg==
Age: 1954

                                        
                                            GET /api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead} HTTP/1.1 
Host: tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://smartsecuredt.com/

search
                                         162.55.130.248
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx
Date: Mon, 28 Nov 2022 08:06:24 GMT
Content-Length: 35
Connection: keep-alive
Pragma: no-cache
Expires: 0
Vary: *
X-Api-Version: 1
X-Request-Id: 52503a05553f9c1f
Set-Cookie: ts_rt_3f949dfe-3372-4caa-baf0-047f88323cfa=ANmUCUOmR4kbQgQSPEjEBJwwZ8rYSVPmThmDCB9GnFixDMOA; expires=Tue, 28 Nov 2023 08:06:24 GMT; path=/; HttpOnly; secure; SameSite=None
Cache-Control: no-cache, no-store, no-transform, must-revalidate, no-transform
X-Robots-Tag: none, noindex, nofollow
Report-To: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            GET /assets/1373/other/favicon.ico HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Content-Length: 1150
Last-Modified: Wed, 28 Apr 2021 11:28:55 GMT
ETag: "38722a803b73dd1871a3d8a19db44d2f"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: IAD66-C1
X-Amz-Cf-Id: JbGE-qPp-rz1sjNie-YOUT5WYN1nceHRFWqeEDCyU1T8VI4fT_WTxA==
Date: Mon, 28 Nov 2022 08:06:24 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    38722a803b73dd1871a3d8a19db44d2f
Sha1:   3379960a2c6611bfefcb39e662198d6df322e12d
Sha256: 314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
                                        
                                            GET /js/mp.min.js HTTP/1.1 
Host: static.trafficjunky.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://smartsecuredt.com/

search
                                         205.185.208.79
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 28 Nov 2022 08:06:24 GMT
Connection: Keep-Alive
ETag: "1652721327"
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 3628
Last-Modified: Mon, 16 May 2022 17:15:27 GMT
Accept-Ranges: bytes
X-HW: 1669622784.dop023.sk1.t,1669622784.cds003.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (10690), with no line terminators
Size:   3628
Md5:    044c370813dc1ea880f32a5be81384e7
Sha1:   53b0733cfc26f2bc7e83d1da0c087d5513fcf548
Sha256: 2acb7fa7d04e9c94971b02b9f67140f2bcc9fb51ee361096c735e7f81518c94c
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.239.38.178
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 06:41:08 GMT
expires: Mon, 28 Nov 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 5116
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 08:06:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=1137786495.1669622784&jid=1798270984&gjid=51605723&_gid=29713007.1669622784&_u=YADAAEAAAAAAACAAI~&z=2087812165 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.251.1.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: http://smartsecuredt.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Nov 2022 08:06:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151797
Date: Mon, 28 Nov 2022 08:06:24 GMT
Etag: "63840dd4-1d7"
Expires: Wed, 30 Nov 2022 02:16:21 GMT
Last-Modified: Mon, 28 Nov 2022 01:24:36 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ahDFbM9RRtT3t45F5YcOLHIyBR85rJIRyK3VZpVry1oOhYhUEuFFUQ==
Age: 3105

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 08:06:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /color?x=1&forScheme=aHR0cDovL3NtYXJ0c2VjdXJlZHQuY29tL3NtYXJ0bGluay8/YT04OTA3MiZzbT05NDc0Jm10PTImczE9MzgxZjFiMWItN2NlZC00ZWVmLTg1N2ItNDE4YjRjMTc2MDk0Xzc4MSZzMj1mMDJhZDEzYmYwYzJjODY0ZGU2Yjg3ZWIyMjRiNzRkNCZzMz01NTg= HTTP/1.1 
Host: guard.cdtbox.rocks
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.164.22.60
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 28 Nov 2022 08:06:24 GMT
content-length: 2
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            POST /g/collect?v=2&tid=G-C3EPRPS8FB&gtm=2oeb90&_p=155398881&cid=1137786495.1669622784&ul=en-us&sr=1280x1024&_s=1&sid=1669622783&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D381f1b1b-7ced-4eef-857b-418b4c176094_781%26s2%3Df02ad13bf0c2c864de6b87eb224b74d4%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: http://smartsecuredt.com
date: Mon, 28 Nov 2022 08:06:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11255
x-amzn-requestid: ce06e0cc-3874-4a3d-a6c5-5cc1cb342138
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7w8EEOIAMF_6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99f-5ca652aa369ee1690b0d08cc;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6qKDE2jlIb8D2Mhg-OcsfU1haVtyGYfcMcs1NJT_HPlTv-O26tR60w==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:54:34 GMT
age: 36716
etag: "602e8ba5c6671ff947acfda757577ddc8ecec6ec"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11255
Md5:    6e240caa3153ea25c34d07185b47f8a5
Sha1:   602e8ba5c6671ff947acfda757577ddc8ecec6ec
Sha256: c2b37bf1ef003ceffaaf4612f2001b6f7998d5b95cd55b32c79fefcb24ccad7f
                                        
                                            GET /click?a=558&o=2892&sub_id1=wkafj7eg257vjopk2osnpgak&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781 HTTP/1.1 
Host: v2.trckguardlnk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         3.66.74.238
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Mon, 28 Nov 2022 08:06:22 GMT
location: https://v2.trckguardlnk.com/click?a=558&sub_id1=wkafj7eg257vjopk2osnpgak&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=2219
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; expires=Wed, 28-Dec-2022 08:06:22 GMT; Max-Age=2592000; path=/; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /click?a=558&sub_id1=wkafj7eg257vjopk2osnpgak&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=2219 HTTP/1.1 
Host: v2.trckguardlnk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         3.66.74.238
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 28 Nov 2022 08:06:23 GMT
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-13111c20aee51aeb480ecbd988cd8cc9=unique; expires=Wed, 28-Dec-2022 08:06:22 GMT; Max-Age=2592000; path=/; secure; SameSite=None o_13111c20aee51aeb480ecbd988cd8cc9=e68d09c4-8fad-4bfb-868f-bd9f50503893; expires=Mon, 05-Dec-2022 08:06:23 GMT; Max-Age=604800; path=/; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css?family=Montserrat:400,500,600,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.smrt-assets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 08:06:24 GMT
date: Mon, 28 Nov 2022 08:06:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /user-segments/?pid=TH HTTP/1.1 
Host: statisticresearch.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.1.249.203
HTTP/2 200 OK
                                        
date: Mon, 28 Nov 2022 08:06:24 GMT
server: nginx
X-Firefox-Spdy: h2


--- Additional Info ---