Report - s.sloffer1.com/75077/8184/28194/?aff_sub4=_bucket&aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&bo=2753,2754,2755,2756&aff_sub5=_test_r565&aff_sub4=ALGO_bucket&source=55609_test

Report Overview

Submitted URL
s.sloffer1.com/75077/8184/28194/?aff_sub4=_bucket&aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&bo=2753,2754,2755,2756&aff_sub5=_test_r565&aff_sub4=ALGO_bucket&source=55609_test_r565
IP
3.218.135.42
ASN
#14618 AMAZON-AES
Submitted
2023-02-03 12:41:05
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	755 B	458 B	216.239.34.36
t.bbwafx.com	unknown	2020-02-16T13:56:28Z	2023-03-12T10:03:34Z	732 B	2.5 kB	52.207.71.232
a.vfgtf.com	unknown	2020-02-06T08:47:32Z	2023-03-13T06:26:49Z	777 B	1.0 kB	18.192.108.151
tracking.t0r4.com	unknown	2022-05-18T22:26:48Z	2023-03-13T06:42:41Z	578 B	1.0 kB	172.67.190.127
zzotrack.com	470411	2021-01-12T07:31:38Z	2023-03-13T06:42:54Z	586 B	899 B	18.184.38.55
www.xn--vtedrmmer-52a7s.com	unknown	2020-11-10T16:52:01Z	2023-03-12T23:07:32Z	3.5 kB	2.5 kB	143.204.55.68
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	395 B	78 kB	142.250.74.40
s.sloffer1.com	unknown	2022-03-23T08:52:34Z	2023-03-13T05:42:13Z	1.3 kB	3.3 kB	3.218.135.42
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.161.100.71
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686 B	1.4 kB	142.250.74.131
media.xn--vtedrmmer-52a7s.com	unknown	2021-02-24T13:41:44Z	2023-03-12T23:07:33Z	4.4 kB	664 kB	54.230.111.76
a.vfgtc.com	unknown	2019-09-27T14:31:23Z	2023-03-13T05:42:00Z	706 B	1.0 kB	18.192.108.151
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	676 B	1.5 kB	95.101.11.115
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.8 kB	4.8 kB	54.230.245.118
www.ntr4x.com	unknown	2020-02-24T17:36:01Z	2023-03-12T23:07:32Z	574 B	2.2 kB	52.212.63.104
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	67 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-03 12:41:26	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	www.xn--vtedrmmer-52a7s.com/lp/lp20	242 B	2023-03-10	2023-06-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:52:11 Last Seen2023-06-26 20:36:00 Times Seen20 Hash 5907ecd44b1b7b34becc76db32ad778a d37f3639231322f7a1c4110266383b2469835ca1 113ef47ca0bb39409c7971531c25e7276183fe1bf1e2fa62727f8d74d7b72d58 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp20	365 B	2023-03-12	2023-08-06
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-08-06 06:43:54 Times Seen17 Hash 43d2bd45e416c5d6f06bfbbd740e789c 0b302783e23f14680d765d059ceacd657ff6c6a4 1ae5465b40522dd929c79e57679588f5a864e88506b37dc9bc5561625283b93d Loading...

	media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826	1.5 kB	2023-03-12	2023-05-21
Pretty URL media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826 IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-05-21 17:23:12 Times Seen19 Hash bc543a1964dc1e607103b069492122d3 2d9eb85249f431c91e45f913559b629a7077a491 8eadedc31df40d3cb3bf8884be6019c7b162c771aacb527d1fa6d439c6ff7190 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp20	186 B	2023-03-08	2023-08-06
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-08-06 06:43:54 Times Seen23 Hash 7a5a3c253fb8c0109d401d2a12282f69 03af452f7952d33c9b33de0b60c5228faa845918 1fddad8a6e43ab09d0f93c476f2c471f38a3f7caac143c55c796bb067f3f8ec1 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp20	897 B	2023-03-08	2023-09-23
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-09-23 13:25:43 Times Seen24 Hash a8c2afcd07eaab8c73baa0970701607c e3977b16e5bc014a13619c133695f5ca71325a48 347a88053808fd1b963a4f0d51bdb251fe5d8f39a3f4dd322e0077544fb28ffc Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp20	27 B	2023-03-08	2023-08-06
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-08-06 06:43:54 Times Seen23 Hash 02caf34b7fca4b024541d3eda5298f6f 7b1a634b0c2cdda07816012f54d9b6e71ad52617 f5099ea6d725322450a99e12157cc73fbb1124412a13829f9cc77a8b51ea4c56 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp20	1.1 kB	2023-03-12	2023-03-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-03-26 04:31:23 Times Seen16 Hash 3cf802570312177563e6e605b3da30ff db089637f08db256643c16e5dc26ffe67a66e8c1 e9bf205f3934c182dc6b07c2177ea594674d1422ad271b8d497bb38d3fb77e45 Loading...

	www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E	220 kB	2023-03-13	2024-02-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:48:47 Last Seen2024-02-11 09:14:24 Times Seen1 Hash bd06db654d7000572ed0eaf7c2555b61 e994773e202b3d155362d222378d4afd3d7fec6c 8558ed4c1ba058554c9ddc8c33a7d77cb4f0925f4a881d2222b2d8bcc314a886 Loading...

	media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826	124 kB	2023-03-12	2023-05-21
Pretty URL media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826 IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-05-21 17:23:12 Times Seen19 Hash 7c30cc5b8d4d77bbf157492394e54334 002c4cff4f2bffb5e5242f9ed96ddc065f3197f9 3e563415edb9228a8aaf1d90757762ca9406b0d73c544bbb1f5ae2ea3d59a67f Loading...

	www.xn--vtedrmmer-52a7s.com/lp/blank.html	211 B	2023-03-12	2023-05-21
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/blank.html IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-05-21 17:23:12 Times Seen17 Hash 68c2046c1838da555f9324367c6abaf7 a85fabf0943051d754f533497136eda298df85c1 02a1bfcb1da314cb3d780a031f401940761375fb8a2318980f1070cd84fc70f6 Loading...

	media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826	273 kB	2023-03-12	2023-06-26
Pretty URL media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826 IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-06-26 20:36:00 Times Seen16 Hash 2fceca9c9c3a844bebbd26dabfb3ab88 8d701f2ba8caa71d80c86d91cfec71feddb519fe 04d1d1916ce115057f37990dc90a883df8d6ad4a0164e4328e7e93b0b3779766 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp20	153 B	2023-03-12	2023-06-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-06-26 20:36:00 Times Seen18 Hash a626e19587a0e8b7771a6e4e8b99a5c2 68e4b1996fe44a89bd0697055ab12c2717148d18 630decdccd2c4f9d7ea6962ef81da9024ceb80eb06647d1a26408a64e18e73f5 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp20	220 B	2023-03-12	2023-06-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-06-26 20:36:00 Times Seen18 Hash 20a943567cdc62cc1d2c90810094471d 706f4a3f2947e24a865790fca833c86f907bfe80 5793384b26fd765c81ae3a2ae92d9dd598f57b963d0f76531abb0585d8e10242 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp20	1.5 kB	2023-03-12	2023-06-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:14:24 Last Seen2023-06-26 20:36:00 Times Seen12 Hash 01ab41634e51a4453c73b86345b9dfe5 d83a3b91d4409691fbaf634e2804bec1980cc9d8 1a6b4c6158be6e569e2fa944f8741994aabb121c2a0cac673a2a037766812f21 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp20	123 B	2023-03-08	2023-08-06
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-08-06 06:43:54 Times Seen27 Hash af597a259741a5bcca3e0455a9f75043 f9ddc0c4be7a54147cab433df839bcd68faf099d ab9368d8ee07df0c6b127f9a7b7d2e7a80cfd590cb5d3c63adcdb0ee96c76562 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp20	119 B	2023-03-10	2023-06-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:52:11 Last Seen2023-06-26 20:36:00 Times Seen20 Hash b89ad792871f95eec4ecf1d78003a741 8c8b8b70e32a8ab4be57cf714955c4245f7496b0 d081cefdde20725fc6244726e7fbb808c9d4c8ba15fa35142b5c7f1442f17ded Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp20	2.2 kB	2023-03-13	2024-02-11
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:48:47 Last Seen2024-02-11 09:14:24 Times Seen1 Hash ea1f37863393af0c26d8d7ad3f3b373c 05b94f7a6ffcb5a2a340447675d88f2cb3446f61 8226b76e5d1cffd8ff2d70b9a1f88681a08353a09d8b8ff01d0245d767529b8a Loading...

	media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826	852 kB	2023-03-12	2023-05-21
Pretty URL media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826 IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-05-21 17:23:12 Times Seen19 Hash 5ccd56010145fbf60deadcc15088a84a cf4c53164caa8db2a4cf04c0dab1f07769ca4ffa 3b7f647519c927e4b45563a990b749544903607daf1f703ebc39f6f66d190207 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp20	2.5 kB	2023-03-08	2023-09-23
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-09-23 13:25:43 Times Seen24 Hash 8a3075a7a7a13fda2fb4449130d1c28e 2213eb26e4febab7ff3ae870f691ed6441e506f0 8686cd0c3d5909495cf9881688031d69c1dccc307807dfad4730e7ee1f256c56 Loading...

		Size	First Seen	Last Seen
	#1 Write - 9c6d421d65ea127b09a2d05a1d3232a1	133 B	2023-03-07	2024-03-08
Pretty Observations First Seen2023-03-07 01:03:02 Last Seen2024-03-08 19:28:03 Times Seen73 Hash 9c6d421d65ea127b09a2d05a1d3232a1 cec9cdbc38e5bd9a83e9db038342e650e22af326 41836613083ad8b4578d6fd56c1a0ceab44924d3739f40cc935d11daf2279fb5 Loading...

HTTP Transactions (56)

	URL	IP	Response	Size
	s.sloffer1.com/75077/8184/28194/?aff_sub4=_bucket&aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&bo=2753,2754,2755,2756&aff_sub5=_test_r565&aff_sub4=ALGO_bucket&source=55609_test_r565	3.218.135.42	303 See Other	766 B
URL HTTP/1.1 s.sloffer1.com/75077/8184/28194/?aff_sub4=_bucket&aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&bo=2753,2754,2755,2756&aff_sub5=_test_r565&aff_sub4=ALGO_bucket&source=55609_test_r565 IP 3.218.135.42:0 ASN #14618 AMAZON-AES File type HTML document, ASCII text, with very long lines (766), with no line terminators Size 766 B (766 bytes) Hash 218a2b576b60639071fa7b142ecb33ad b93a391c5675c61896e7954f6125bfbb432f594f 2f61d98dab2f84d33c717a0be170b61f4ce2281658533359f4e249d3706193e4 HTTP Headers GET /75077/8184/28194/?aff_sub4=_bucket&aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&bo=2753,2754,2755,2756&aff_sub5=_test_r565&aff_sub4=ALGO_bucket&source=55609_test_r565 HTTP/1.1 Host: s.sloffer1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 HTTP/1.1 303 See Other Server: nginx/1.19.0 Date: Fri, 03 Feb 2023 12:40:53 GMT Content-Type: text/html; charset=utf-8 Content-Length: 766 Connection: keep-alive set-cookie: aff_ran_url_8184=28194; Path=/; Expires=Sat, 04 Feb 2023 12:40:53 GMT; Secure tracking_id: 10271ed0e82bf2737f657c38121748 location: https://t.bbwafx.com/c8e030ow01/75077/584/?aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_sub4=ALGO_bucket&aff_sub5=_test_r565&aff_unique1=&aff_unique2=&aff_unique3=&aff_unique4=&aff_unique5=&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&source=55609_test_r565&bo=2753%2C2754%2C2755%2C2756 vary: Accept

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d4e95d0d8982bcd07804baf6fc88231c 5027abda0875bd2529dd4d6691784c74da71a9ee 373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F" Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5298 Expires: Fri, 03 Feb 2023 14:09:11 GMT Date: Fri, 03 Feb 2023 12:40:53 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash e935ea42be4feaed61a824b0b903913e f966cfa80d65a805cb9d7c6a53b3340865d7c51a eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815" Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3933 Expires: Fri, 03 Feb 2023 13:46:26 GMT Date: Fri, 03 Feb 2023 12:40:53 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7d2222d41721947297aaeb5a6e3d0714 04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065 de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C" Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18679 Expires: Fri, 03 Feb 2023 17:52:12 GMT Date: Fri, 03 Feb 2023 12:40:53 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash ff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 03 Feb 2023 12:36:10 GMT content-type: application/json age: 283 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: /iEeH9LZXbZcRy8QPnq6wjIMIZkAzJtl8nfIkJlpXn2ZL44MeKGDeZOcFbPp7Crsr/7Tcgp78A8= x-amz-request-id: D15VXANWMENQE0MN content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 03 Feb 2023 12:23:32 GMT age: 1041 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Fri, 03 Feb 2023 12:40:53 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c1572392a68c93345bc1925ac290cf12 f8d36b68bcb7864d9b7798c24263de0af5ca615f 36a52e3cf1934fe95c142cb49c0d82f1543e5fffde136573815e53825e6b0548 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "36A52E3CF1934FE95C142CB49C0D82F1543E5FFFDE136573815E53825E6B0548" Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10628 Expires: Fri, 03 Feb 2023 15:38:02 GMT Date: Fri, 03 Feb 2023 12:40:54 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 03 Feb 2023 11:49:06 GMT age: 3108 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	t.bbwafx.com/c8e030ow01/75077/584/?aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_sub4=ALGO_bucket&aff_sub5=_test_r565&aff_unique1=&aff_unique2=&aff_unique3=&aff_unique4=&aff_unique5=&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&source=55609_test_r565&bo=2753%2C2754%2C2755%2C2756	52.207.71.232	303 See Other	848 B
URL HTTP/2 t.bbwafx.com/c8e030ow01/75077/584/?aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_sub4=ALGO_bucket&aff_sub5=_test_r565&aff_unique1=&aff_unique2=&aff_unique3=&aff_unique4=&aff_unique5=&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&source=55609_test_r565&bo=2753%2C2754%2C2755%2C2756 IP 52.207.71.232:0 ASN #14618 AMAZON-AES File type HTML document, ASCII text, with very long lines (848), with no line terminators Size 848 B (848 bytes) Hash 39e79328205426a92522bd715dbd4b32 c44952ed1681811effc032258c284ede0bae077e 93d3be24e605bcc8b617fba264a38ba313bdc2d13fd239c7ab7ca597abf4d492 HTTP Headers GET /c8e030ow01/75077/584/?aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_sub4=ALGO_bucket&aff_sub5=_test_r565&aff_unique1=&aff_unique2=&aff_unique3=&aff_unique4=&aff_unique5=&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&source=55609_test_r565&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 Host: t.bbwafx.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 303 See Other server: nginx/1.17.10 date: Fri, 03 Feb 2023 12:40:54 GMT content-type: text/html; charset=utf-8 content-length: 848 location: https://a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_r565%3B55609_test_r565&affiliateID=44542&source=1029389a8fc1df86ba6eb839214196&subID2=75077&s2=1029389a8fc1df86ba6eb839214196&s3=test_r565%3B55609_test_r565&s4=75077&url=1&affsub=test_r565&affsource=55609_test_r565&aff_click_id=1029389a8fc1df86ba6eb839214196&bo=2753%2C2754%2C2755%2C2756 set-cookie: enc_aff_session_3785=ENC03074224bb2581acad291dee783389aa6ce874ac7c16617b98beb697f3e7f731652cb6e9b8682fcab04de44d03fb496030fd5fa05f902462c45b62c5916dabd08d13a4d1291a84f4600e57b840dbc0f6439b50af17ffb2130d12b5de9c9ddbe2961ab4f1550337b6e95e423d7ef6ea25572d49edf0eb53969f3f78cf6dcd161e61aa530c95d4a501d26e7435121d893927fa2204b3aeed9149cb11bfdc4840c293382c5f5c5d0057ed51ae6e14aaef4e7fdac8375b79c1b8804576e3d6857fb8512e8ee127; Path=/; Expires=Sun, 02 Feb 2025 12:40:54 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Sun, 28 Dec 2025 23:20:54 GMT; Secure tracking_id: 1029389a8fc1df86ba6eb839214196 vary: Accept strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_r565%3B55609_test_r565&affiliateID=44542&source=1029389a8fc1df86ba6eb839214196&subID2=75077&s2=1029389a8fc1df86ba6eb839214196&s3=test_r565%3B55609_test_r565&s4=75077&url=1&affsub=test_r565&affsource=55609_test_r565&aff_click_id=1029389a8fc1df86ba6eb839214196&bo=2753%2C2754%2C2755%2C2756	18.192.108.151	302 Found	0 B
URL HTTP/2 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_r565%3B55609_test_r565&affiliateID=44542&source=1029389a8fc1df86ba6eb839214196&subID2=75077&s2=1029389a8fc1df86ba6eb839214196&s3=test_r565%3B55609_test_r565&s4=75077&url=1&affsub=test_r565&affsource=55609_test_r565&aff_click_id=1029389a8fc1df86ba6eb839214196&bo=2753%2C2754%2C2755%2C2756 IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_r565%3B55609_test_r565&affiliateID=44542&source=1029389a8fc1df86ba6eb839214196&subID2=75077&s2=1029389a8fc1df86ba6eb839214196&s3=test_r565%3B55609_test_r565&s4=75077&url=1&affsub=test_r565&affsource=55609_test_r565&aff_click_id=1029389a8fc1df86ba6eb839214196&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 Host: a.vfgtf.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Fri, 03 Feb 2023 12:40:54 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_r565%3B55609_test_r565&affiliateID=170910&source=1029389a8fc1df86ba6eb839214196&subID2=75077&target=&Site=&Bnr=ALGO&cid=waor0adms9qln4cmihnev9d0&affsource=55609_test_r565&source=75077_55609_test_r565 pragma: no-cache set-cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=5pPnrPLkHZrb95qMOeQY3kJPp8_xEos5RcLU1AoMB18; Max-Age=86400; Expires=Sat, 04-Feb-2023 12:40:54 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=X%2BL81Gu2K9OQMOCRLpMh1v3FZSWyekrAtM6WppZ%2BhY3T9LbeAqXOJECrfphWx0b7WiHuUtRqIecaqcrJxb%2BXJI9SVO4j0ZJjwr%2BmqoxC6AsR8yCxAKrMyhfHeCS2oOLYv%2BHL6wR1mlN1bnadBIoOoA%3D%3D; Max-Age=31536000; Expires=Sat, 03-Feb-2024 12:40:54 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 8913af0be619500295008bb91f506660 a7b8068ba9aa506205a295b24458c2616997a0d1 6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A" Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16209 Expires: Fri, 03 Feb 2023 17:11:03 GMT Date: Fri, 03 Feb 2023 12:40:54 GMT Connection: keep-alive`

	a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_r565%3B55609_test_r565&affiliateID=170910&source=1029389a8fc1df86ba6eb839214196&subID2=75077&target=&Site=&Bnr=ALGO&cid=waor0adms9qln4cmihnev9d0&affsource=55609_test_r565&source=75077_55609_test_r565	18.192.108.151	302 Found	0 B
URL HTTP/2 a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_r565%3B55609_test_r565&affiliateID=170910&source=1029389a8fc1df86ba6eb839214196&subID2=75077&target=&Site=&Bnr=ALGO&cid=waor0adms9qln4cmihnev9d0&affsource=55609_test_r565&source=75077_55609_test_r565 IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_r565%3B55609_test_r565&affiliateID=170910&source=1029389a8fc1df86ba6eb839214196&subID2=75077&target=&Site=&Bnr=ALGO&cid=waor0adms9qln4cmihnev9d0&affsource=55609_test_r565&source=75077_55609_test_r565 HTTP/1.1 Host: a.vfgtc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Fri, 03 Feb 2023 12:40:54 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=test_r565%3B55609_test_r565&aff_sub2=75077&aff_sub3=waor0adms9qln4cmingfi47u&aff_click_id=1029389a8fc1df86ba6eb839214196&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_55609_test_r565&aff_sub4=ALGO_bucket&source=75077_55609_test_r565 pragma: no-cache set-cookie: 2d2fb929-79a5-4a1c-840d-3f370da182b6-v4=B6KIhQXVoz0aA56y8CEkCn8zld5Frj5DOvaV-MVR6Rg; Max-Age=86400; Expires=Sat, 04-Feb-2023 12:40:54 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=kUaeAna%2FduL41k%2BSBysdIOSY92VszVFslwmvsGZ670jMw2Q5jOW63%2FvEb5o9uG3wsbd5dlDLaEbzQIfXtzuTlFDmo2d8q6jkMX5HNFEcsT%2BnlBcqwTr9W3bFIrNPACbvyIs%2F6Q1Zdhb4eC0a8Wtlcw%3D%3D; Max-Age=31536000; Expires=Sat, 03-Feb-2024 12:40:54 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	push.services.mozilla.com/	35.161.100.71	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.161.100.71:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 8qsjKhyOPNAW309Y0O6cEQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 96co+u9Ej69pQzo67NbP3vdNlP0=`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 06cd769ce330c814fbe5c4bc6d48dd3c 0b5a317543d2e30f6d727fb13995cfd3f7431a9c b8435b75edf31f703a8e2c3bc47cb374f32c6ed6ff7674b7b311c0834f55c688 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B8435B75EDF31F703A8E2C3BC47CB374F32C6ED6FF7674B7B311C0834F55C688" Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7922 Expires: Fri, 03 Feb 2023 14:52:56 GMT Date: Fri, 03 Feb 2023 12:40:54 GMT Connection: keep-alive`

	s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=test_r565%3B55609_test_r565&aff_sub2=75077&aff_sub3=waor0adms9qln4cmingfi47u&aff_click_id=1029389a8fc1df86ba6eb839214196&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_55609_test_r565&aff_sub4=ALGO_bucket&source=75077_55609_test_r565	3.218.135.42	303 See Other	402 B
URL HTTP/2 s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=test_r565%3B55609_test_r565&aff_sub2=75077&aff_sub3=waor0adms9qln4cmingfi47u&aff_click_id=1029389a8fc1df86ba6eb839214196&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_55609_test_r565&aff_sub4=ALGO_bucket&source=75077_55609_test_r565 IP 3.218.135.42:0 ASN #14618 AMAZON-AES File type HTML document, ASCII text, with very long lines (402), with no line terminators Size 402 B (402 bytes) Hash 800c74e7e3832f8691469c5b14010b6c 742676c08d1846093c0e1caafaf04a6009f40a4e cd02983afcccbb451e633393b924a54d8b9701b0743bfd8c27ae786dc9b383fa HTTP Headers GET /170910/8373/0/?aff_sub4=_bucket&aff_sub=test_r565%3B55609_test_r565&aff_sub2=75077&aff_sub3=waor0adms9qln4cmingfi47u&aff_click_id=1029389a8fc1df86ba6eb839214196&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_55609_test_r565&aff_sub4=ALGO_bucket&source=75077_55609_test_r565 HTTP/1.1 Host: s.sloffer1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 303 See Other server: nginx/1.19.0 date: Fri, 03 Feb 2023 12:40:54 GMT content-type: text/html; charset=utf-8 content-length: 402 location: https://tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_55609_test_r565&sub3=1022b92898b055a3f1f824cf538b14&bo=2753%2C2754%2C2755%2C2756 set-cookie: enc_aff_session_8373=ENC031d28a91ce1baa92508724c6a99e353cbcc17d45ce4c0406ac89d39e3289aaf3215e4970f0db5dbdc692f5c30f76cb39e69979f94750d96ed6febd7d95adb0da348f68d896756de96bd62d8790c2f78ee3a46b71d5f418dd4188b213adf76f441e59b64a4b62d3e2b0d95cd6152d9ccdc95634f678db59ef0e73e15608cb5c247fb992f392ae383e17c8a9173d9aac056e3535a1e99a2c1a022de8d83c429d204b61cfaaed7756ac9f35612b833b14fe984dcc11e84f7d3ec6f543aa84796f2fad279471fbb7d348f903d7d68aad8b0673f767e5d855611487ad5daf2adf32bb4354332b8; Path=/; Expires=Sun, 02 Feb 2025 12:40:54 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Sun, 28 Dec 2025 23:20:54 GMT; Secure tracking_id: 1022b92898b055a3f1f824cf538b14 vary: Accept strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	e1.o.lencr.org/	95.101.11.115	200 OK	345 B
URL HTTP/1.1 e1.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 345 B (345 bytes) Hash a3cc1e8705d8244938067b06e7af82d2 a2f2681f6dc591e3bededf35c65e77f5342d83a1 3c1a402752b7dfd6d9d711dae0eea296dce82b39e43eca8ec905fef8bf1d89a0 HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 345 ETag: "3C1A402752B7DFD6D9D711DAE0EEA296DCE82B39E43ECA8EC905FEF8BF1D89A0" Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8243 Expires: Fri, 03 Feb 2023 14:58:18 GMT Date: Fri, 03 Feb 2023 12:40:55 GMT Connection: keep-alive`

	tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_55609_test_r565&sub3=1022b92898b055a3f1f824cf538b14&bo=2753%2C2754%2C2755%2C2756	172.67.190.127	302 Found	0 B
URL HTTP/2 tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_55609_test_r565&sub3=1022b92898b055a3f1f824cf538b14&bo=2753%2C2754%2C2755%2C2756 IP 172.67.190.127:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /click?pid=781&offer_id=1085&sub1=170910&sub2=75077_55609_test_r565&sub3=1022b92898b055a3f1f824cf538b14&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 Host: tracking.t0r4.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found date: Fri, 03 Feb 2023 12:40:55 GMT content-length: 0 location: https://zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_55609_test_r565&campaign=&sum=&clickid=63dd00d7b7aed300016243b9 x-adjust-use-original-forwarded-for: 1 set-cookie: afclick=63dd00d7b7aed300016243b9; expires=Sat, 03 Feb 2024 12:40:55 GMT; secure; SameSite=None afoffers={"1085":1675428055}; expires=Sat, 03 Feb 2024 12:40:55 GMT; secure; SameSite=None access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wi9QSV%2FL1KcpqJ0VRYI%2F%2BKpFP%2FfQxgGpmUayzB0x8KjZOLNEz69MVpumeXjxPJngiSzetX61Oh6XgD8Eg83yYzsxiUUdseR%2FJjXQ4APJKRbN5x9mq%2FL0C6mPn6sWbPjrTWf5EQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 793b3ce0bed50afa-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	e1.o.lencr.org/	95.101.11.115	200 OK	345 B
URL HTTP/1.1 e1.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 345 B (345 bytes) Hash a3cc1e8705d8244938067b06e7af82d2 a2f2681f6dc591e3bededf35c65e77f5342d83a1 3c1a402752b7dfd6d9d711dae0eea296dce82b39e43eca8ec905fef8bf1d89a0 HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 345 ETag: "3C1A402752B7DFD6D9D711DAE0EEA296DCE82B39E43ECA8EC905FEF8BF1D89A0" Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8243 Expires: Fri, 03 Feb 2023 14:58:18 GMT Date: Fri, 03 Feb 2023 12:40:55 GMT Connection: keep-alive`

	zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_55609_test_r565&campaign=&sum=&clickid=63dd00d7b7aed300016243b9	18.184.38.55	302 Found	0 B
URL HTTP/2 zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_55609_test_r565&campaign=&sum=&clickid=63dd00d7b7aed300016243b9 IP 18.184.38.55:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_55609_test_r565&campaign=&sum=&clickid=63dd00d7b7aed300016243b9 HTTP/1.1 Host: zzotrack.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Fri, 03 Feb 2023 12:40:55 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=ws08ncu7m3omh4cmioi586cm&aff_sub3=170910 pragma: no-cache set-cookie: 381f1b1b-7ced-4eef-857b-418b4c176094-v4=9abyVLJrk5euwhWRg5UISKOZyxhixrvdG6-MkTK4c-s; Max-Age=86400; Expires=Sat, 04-Feb-2023 12:40:55 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=YEDSxPtv2KK68NKaeNNZnU53mWQF6Mfnss1RkqYaJYKwirlpkNW%2BvSBeBKlcmPBRe8nBWIDhbb42W%2FoPNu%2FstXxC365eUWViHpvYjd28mP9bvtGepYSCbNsbKIZOdSXAkd%2FTDEMaPe%2BbRFL%2BSFApaw%3D%3D; Max-Age=31536000; Expires=Sat, 03-Feb-2024 12:40:55 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 23c5cd6943f470546f464f9778d06d0c 4e218413b9c3b0d6bb2920e50d82fff97304358d a9ac5c494782482b03f5f82990ac06b41c1119982deadba88862f3b9388147ef HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=148053 Date: Fri, 03 Feb 2023 12:40:55 GMT Etag: "63dca02c-1d7" Expires: Sun, 05 Feb 2023 05:48:28 GMT Last-Modified: Fri, 03 Feb 2023 05:48:28 GMT Server: nginx X-Cache: Miss from cloudfront Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: eNgMxRT1zzn78ke_6u2nOPxbj7oZWe5Wzj2LLaEm3bJ_NIjRcYHtnQ==`

	www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=ws08ncu7m3omh4cmioi586cm&aff_sub3=170910	52.212.63.104	302 Found	403 B
URL HTTP/1.1 www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=ws08ncu7m3omh4cmioi586cm&aff_sub3=170910 IP 52.212.63.104:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text Size 403 B (403 bytes) Hash b0785a006f631f784f4defac9d2a441f 9deedaa82c9b00b3f4e8c02eaff50d34d0666854 055e18007a5fbe2fbe607671656d3cefb6df5cc32d7e9d16eedccaa68004d4df HTTP Headers GET /aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=ws08ncu7m3omh4cmioi586cm&aff_sub3=170910 HTTP/1.1 Host: www.ntr4x.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/1.1 302 Found Server: nginx Date: Fri, 03 Feb 2023 12:40:55 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 403 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Sat, 26 Jul 1997 05:00:00 GMT Location: https://www.våtedrømmer.com/campaign?utm_campaign=6535&utm_term=102776e78c92f471ec3173d75ca013&utm_source=170910&utm_content=ws08ncu7m3omh4cmioi586cm&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781 P3p: CP="NOI CUR OUR NOR INT" Pragma: no-cache Set-Cookie: enc_aff_session_1672=ENC03b7515f375e09651c6521db27cfdea4725b54fcc67b9935abdafe99453204570e26e44e4bffa08c4dd66457d9a57228352e4e218c6664847304b5220e0343dc0a4190a43c44eb83be0cf545586a7c9187f25bed897cbb579b8ce911c2c3318762469d25370bb93011d4c9775259b5bb2c392ef91c0e34040cd6a8bf74f74df932c5309d49225bd22b2343995956116de6c31d9041b2b5b58a1de3da6a9941e31594af5255a4eb86a2135b699e514d8340552b11d262ebc0c3a74c5356bb0106272032094d; expires=Sat, 04 Feb 2023 12:40:55 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sun, 28 Dec 2025 23:20:55 GMT; path=/; SameSite=None; Secure Tracking_id: 102776e78c92f471ec3173d75ca013 X-Robots-Tag: noindex, nofollow Access-Control-Allow-Origin: * X-Request-Id: 3e67cca61e8c1a8a1de283bc3eddd111 Access-Control-Allow-Headers: Tune-SDK-Version

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302" Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2589 Expires: Fri, 03 Feb 2023 13:24:04 GMT Date: Fri, 03 Feb 2023 12:40:55 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302" Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2589 Expires: Fri, 03 Feb 2023 13:24:04 GMT Date: Fri, 03 Feb 2023 12:40:55 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302" Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2589 Expires: Fri, 03 Feb 2023 13:24:04 GMT Date: Fri, 03 Feb 2023 12:40:55 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302" Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2589 Expires: Fri, 03 Feb 2023 13:24:04 GMT Date: Fri, 03 Feb 2023 12:40:55 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11565 bytes) Hash e366b32074025aaf60bbae8bdb08d330 a52c2883bad98fa20333aa639a5dd3a5bf544c8e 9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11565 x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fboIrFGboAMFyyQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0 x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA== via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 04:53:21 GMT age: 28054 etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5641 bytes) Hash d4041f3b5316bc84c9e6d88ddbc85b89 4978a4a20836b6f5d863d331bcedad782b7b4ac6 549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5641 x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fuvzpHsXoAMFsuw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0 x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google date: Thu, 02 Feb 2023 22:28:50 GMT age: 51125 etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10796 bytes) Hash 3490571dd2de0a747987b9a0e18cccc8 18e9f8f160d3515f1cb31fc7538ac762a6cab344 1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10796 x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fi0XKG93oAMFtsA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg== via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 00:25:04 GMT age: 44151 etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg	34.120.237.76	200 OK	7.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.2 kB (7159 bytes) Hash ae0083daa88e6b26c6525c51348d266c 676f55b22fdeee4f7737a48cb2b89d86aa371aae 89f6903260704061faf849549fd95e6f9cbbfcbbf93eaa17d32b96c5e4244d53 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7159 x-amzn-requestid: 1d159649-0d8c-4806-8f42-585b985972ea x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fuwSKF61IAMF5qg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dc2da7-18fc268c5a719c1d19079001;Sampled=0 x-amzn-remapped-date: Thu, 02 Feb 2023 21:39:51 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: VyQrwAb5tjqPPPQbxf9Ee_zB1UvrnMPGjOHeRKEzyH6BBDazPUkXSA== via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Thu, 02 Feb 2023 21:47:02 GMT age: 53633 etag: "676f55b22fdeee4f7737a48cb2b89d86aa371aae" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg	34.120.237.76	200 OK	6.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.4 kB (6398 bytes) Hash 4a92e881554205ebbe3721a7bbaeab40 b620fc82bd15b55b581bd8c3a699e1b16563ad2e ff753b8411bfa0df54938a5f829ce25acbad863a2a3540b3bacca02baf9a2c7d HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6398 x-amzn-requestid: 843fefd3-8cf4-44ee-bb7c-a010d4149442 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fuv1XFXQoAMFe5Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dc2cee-76739fd87b4c0d203eca4114;Sampled=0 x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:46 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: EUE3i8Lccx5p9GVN4Dv3DOhFmG_4byC3LrD7SLrk4A5Zbone-NJwVA== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google date: Thu, 02 Feb 2023 21:52:34 GMT age: 53301 etag: "b620fc82bd15b55b581bd8c3a699e1b16563ad2e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10166 bytes) Hash 2a6aaf87a867f93dc9268a8b27973b97 f52ccbe6cbced1994acb13a00b05436553b6813e 3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10166 x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fY_4zHEcoAMF1iA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA== via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Thu, 02 Feb 2023 22:27:53 GMT age: 51182 etag: "f52ccbe6cbced1994acb13a00b05436553b6813e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 8aba168301e23db7d24c982030307a3a cd8269a97072ae9c933e3da52f98ec051d400302 40a8f9fa7b6a097858fe0d3bd6f6351562bb4162f851e483b99c8f8ef057f0c0 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: 'max-age=158059' Date: Fri, 03 Feb 2023 12:40:56 GMT Server: ECS (dcb/7EEB) X-Cache: Miss from cloudfront Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: CGtNOf2bwhMqg1JI1owFSXtj3FP2qWSph6ueHTyX0xhSqcTSQVRbJQ==`

	www.xn--vtedrmmer-52a7s.com/campaign?utm_campaign=6535&utm_term=102776e78c92f471ec3173d75ca013&utm_source=170910&utm_content=ws08ncu7m3omh4cmioi586cm&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781	143.204.55.68	302 Found	0 B
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/campaign?utm_campaign=6535&utm_term=102776e78c92f471ec3173d75ca013&utm_source=170910&utm_content=ws08ncu7m3omh4cmioi586cm&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781 IP 143.204.55.68:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /campaign?utm_campaign=6535&utm_term=102776e78c92f471ec3173d75ca013&utm_source=170910&utm_content=ws08ncu7m3omh4cmioi586cm&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781 HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found content-type: text/html; charset=UTF-8 content-length: 0 cache-control: no-store, no-cache, must-revalidate, no-cache="set-cookie" date: Fri, 03 Feb 2023 12:40:56 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT location: /landingpage pragma: no-cache server: nginx/1.22.0 set-cookie: PHPSESSID=s728kfec4c683gpl5ef36c46l8; path=/ AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B67732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF;PATH=/ x-cache: Miss from cloudfront via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: L0IjBOK24pVkf0CrewwL0B5PueXF_DQ4tfMXOrK-hFZQ0UVaN-Zwcg== X-Firefox-Spdy: h2

	www.xn--vtedrmmer-52a7s.com/landingpage	143.204.55.68	302 Found	0 B
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/landingpage IP 143.204.55.68:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /landingpage HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: PHPSESSID=s728kfec4c683gpl5ef36c46l8; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B67732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers `HTTP/2 302 Found content-type: text/html; charset=UTF-8 content-length: 0 cache-control: no-store, no-cache, must-revalidate date: Fri, 03 Feb 2023 12:40:56 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT location: /lp/lp20 pragma: no-cache server: nginx/1.22.0 x-cache: Miss from cloudfront via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: obG48CwEgOKSppKtaePHb3EHoWB60aj1TlbdvW8h6tFH60z2Wivopg== X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 9c45ea25709afbea416f215ee34611b0 117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed 7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 03 Feb 2023 12:40:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E	142.250.74.40	200 OK	77 kB
URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E IP 142.250.74.40:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (19467) Size 77 kB (77058 bytes) Hash 7b6d66b97467a4ca703167639a4be6ff db874849e6ca10796d306d01fe9ec01ca6292ab3 f6a447c5aa3d653a68a14a830e526909d58cb75602bbf40c31775c88ce46b993 HTTP Headers `GET /gtag/js?id=G-NVWF78EY0E HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 03 Feb 2023 12:40:57 GMT expires: Fri, 03 Feb 2023 12:40:57 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 77058 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 9c45ea25709afbea416f215ee34611b0 117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed 7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 03 Feb 2023 12:40:57 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash e81e0b633d5908a1fda1df241fe67fe0 f87952502bf1dae5fb7376ecce31d051f7f39c07 ed3f26de7e26468fb7f8ff23b6aed7c8c71b94898fb068b233fc0eedfa283a61 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=170367 Date: Fri, 03 Feb 2023 12:40:57 GMT Etag: "63dcf758-1d7" Expires: Sun, 05 Feb 2023 12:00:24 GMT Last-Modified: Fri, 03 Feb 2023 12:00:24 GMT Server: nginx X-Cache: Miss from cloudfront Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: JY3KyctXbN46Cy0TGyMxqP3RgJ_zk23ZvCFOOPVXKpVipvmZ7Zdfpw==`

	media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826	54.230.111.76	200 OK	84 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type Unicode text, UTF-8 text, with very long lines (65426) Size 84 kB (83821 bytes) Hash ce3ccb44a305193a7ab00bfdb69b4e23 c33ded560d8928ee37892bcab8398fac77e2ed07 7f2f658ecf4bd097d730ab77a8513fb1b8b6ca6032b919d6abb0e3be6be210c9 HTTP Headers `GET /js/landingpage/script.js?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` HTTP/2 200 OK content-type: text/javascript content-length: 83821 date: Wed, 01 Feb 2023 08:21:59 GMT last-modified: Mon, 15 Aug 2022 09:38:18 GMT etag: "ce3ccb44a305193a7ab00bfdb69b4e23" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: zfAWngo-mBOS06lTiqmn7R5Gl6x3RI0m1QhLVmRTv4zHBw9-nC5nCg== age: 188339 vary: Origin X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/project/489/logo_dark.png?config=7826	54.230.111.76	200 OK	10 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project/489/logo_dark.png?config=7826 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type PNG image data, 320 x 71, 8-bit/color RGBA, non-interlaced\012- data Size 10 kB (10042 bytes) Hash dea19df8bf5758e2af9921e166e1420d 4f4610c28f3bad69e8b72d7f6379dcf61f50bd39 2cac0168f0a0c24154662208ee88cfe4213a26fe64c18211fcfcea31f6338b78 HTTP Headers `GET /project/489/logo_dark.png?config=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/png content-length: 10042 date: Wed, 01 Feb 2023 08:21:59 GMT last-modified: Fri, 13 Nov 2020 10:55:08 GMT etag: "dea19df8bf5758e2af9921e166e1420d" cache-control: max-age=3153600 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: PMkzkwMisKdytJLNekJ39e_MxPCYL9aeMOM310KMQ3PxRe6QuHZq6Q== age: 188339 vary: Origin X-Firefox-Spdy: h2`

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash e81e0b633d5908a1fda1df241fe67fe0 f87952502bf1dae5fb7376ecce31d051f7f39c07 ed3f26de7e26468fb7f8ff23b6aed7c8c71b94898fb068b233fc0eedfa283a61 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=170367 Date: Fri, 03 Feb 2023 12:40:57 GMT Etag: "63dcf758-1d7" Expires: Sun, 05 Feb 2023 12:00:24 GMT Last-Modified: Fri, 03 Feb 2023 12:00:24 GMT Server: nginx X-Cache: Miss from cloudfront Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: JYyLwotJPTMNNkPW3hetqkyxzJZ55Sq4pf22001z9PxfcRA22uS1xA==`

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash e81e0b633d5908a1fda1df241fe67fe0 f87952502bf1dae5fb7376ecce31d051f7f39c07 ed3f26de7e26468fb7f8ff23b6aed7c8c71b94898fb068b233fc0eedfa283a61 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=170367 Date: Fri, 03 Feb 2023 12:40:57 GMT Etag: "63dcf758-1d7" Expires: Sun, 05 Feb 2023 12:00:24 GMT Last-Modified: Fri, 03 Feb 2023 12:00:24 GMT Server: nginx X-Cache: Miss from cloudfront Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: GPsOKby4A_sXdCvMr9SO5cUhL7u4e2y4mHy1TSEnonn5pIs1_mewPw==`

	media.xn--vtedrmmer-52a7s.com/css/landingpage/matchm/style.css?version=7826	54.230.111.76	200 OK	84 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/css/landingpage/matchm/style.css?version=7826 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (50442) Size 84 kB (83844 bytes) Hash 88fc9f004fb667d33f56de0d9e011e49 fbcbbf3c4437b699b26a27ee7059db7fec6cb8bb 2e091e8c984974a9ec9deee6081500857519d245f60d16faa4b15504e6701cb8 HTTP Headers `GET /css/landingpage/matchm/style.css?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` HTTP/2 200 OK content-type: text/css content-length: 83844 date: Wed, 01 Feb 2023 08:21:59 GMT last-modified: Mon, 21 Nov 2022 10:58:28 GMT etag: "88fc9f004fb667d33f56de0d9e011e49" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: pvaF0v2MUic86EJaJ9zcdZV4A_KBr8F4hW33hcqp4qe1GgyBKKDpEg== age: 188339 vary: Origin X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/images/landingpage/lp20/dating.jpg	54.230.111.76	200 OK	105 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/images/landingpage/lp20/dating.jpg IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 790x882, components 3\012- data Size 105 kB (105401 bytes) Hash e3e9897556a5683d4955c17b2976c76d 65bdfdc61f841a98406f99ae6a8e1bd6a88bfaff 2c908556342f9d4b976a4d1afdcbc101b9c732ebb01d789e4aebadf17ec1094b HTTP Headers `GET /images/landingpage/lp20/dating.jpg HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/jpeg content-length: 105401 date: Wed, 04 Jan 2023 10:14:02 GMT last-modified: Fri, 01 Feb 2019 09:29:01 GMT etag: "e3e9897556a5683d4955c17b2976c76d" cache-control: max-age=3153600 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 5Sm8nYk_m6KitFc1aOb7WQb8UDmOMlCSG118-ByQSSbn6wzw01SvlQ== age: 2600816 vary: Origin X-Firefox-Spdy: h2`

	media.xn--vtedrmmer-52a7s.com/project/489/favicon.ico?config=7826	54.230.111.76	200 OK	4.3 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project/489/favicon.ico?config=7826 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size 4.3 kB (4286 bytes) Hash 56283d52626ba639ee4fc7c0a6c84324 b150126aede65c06da7573ac4488ff0043da0431 9b5bd7e7398519bf0f9dd7e52e05194f2f2d64fc549265400484d98e4b6f4281 HTTP Headers `GET /project/489/favicon.ico?config=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/x-icon content-length: 4286 date: Wed, 01 Feb 2023 08:23:50 GMT last-modified: Fri, 13 Nov 2020 10:55:42 GMT etag: "56283d52626ba639ee4fc7c0a6c84324" cache-control: max-age=3153600 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: rtHYyoQTWvY1V5CJHqaO-EESSFf2fPOywnh0MSVXrOPT1xhhOQl25A== age: 188228 vary: Origin X-Firefox-Spdy: h2`

	media.xn--vtedrmmer-52a7s.com/css/project/matchm/style.css?version=7826	54.230.111.76	200 OK	98 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/css/project/matchm/style.css?version=7826 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (53333) Size 98 kB (97544 bytes) Hash 064699c25e405c0e166d7662c3561761 27fb9b6c67c5a1c09276a71047ab2fbab7ce69d7 1eaa6a6a7e75e343e5fe9f779b7f6502b3b72e5f799bcb01c26f5c5c19a1b52a HTTP Headers `GET /css/project/matchm/style.css?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK content-type: text/css content-length: 97544 date: Wed, 01 Feb 2023 08:23:48 GMT last-modified: Mon, 21 Nov 2022 10:58:32 GMT etag: "064699c25e405c0e166d7662c3561761" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: CNxBLelF_akb3tCtcnGThWdjfmKjQcIBWDthPQsAs4KbV-VQMsJ3YA== age: 188230 vary: Origin X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826	54.230.111.76	200 OK	757 B
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (1532), with no line terminators Size 757 B (757 bytes) Hash 69b7363b2a1c3b6ca1d79b403e0c6c1c d369fce98ab7c8750527c5c2f64130dda8729dbf e6e40f36330091e93b7e5a1661e132f5624d5622ddd56c8941f4027101c36067 HTTP Headers `GET /js/manifest/script.js?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK content-type: text/javascript content-length: 757 date: Wed, 01 Feb 2023 08:23:48 GMT last-modified: Thu, 08 Oct 2020 13:26:42 GMT etag: "69b7363b2a1c3b6ca1d79b403e0c6c1c" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: O88HSk2VrDuxU63cCjPg1wU4rgDweLGVVpD78XiTH7pZ2LzKysdANQ== age: 188230 vary: Origin X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826	54.230.111.76	200 OK	236 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65433) Size 236 kB (236255 bytes) Hash f5ef8833e788ec24ffaac4864a1a9fb6 c4fbc75d56f0269014baf42d5de92ce35f9371f9 9947197e08fb77b400bb6e3294799a442828cb004532c9b7d9872bda9ab16cea HTTP Headers `GET /js/vendor/script.js?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK content-type: text/javascript content-length: 236255 date: Wed, 01 Feb 2023 08:23:48 GMT last-modified: Mon, 15 Aug 2022 09:38:09 GMT etag: "f5ef8833e788ec24ffaac4864a1a9fb6" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: rCfLr46_5Wr7aAe2e4SDjiT1WLR7X-F1f-_FqNcEP_mHYsAREAQTcg== age: 188230 vary: Origin X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826	54.230.111.76	200 OK	37 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65435) Size 37 kB (36974 bytes) Hash f1e681a0bb4eb99a76e4fc67ca697e89 c0be4bbc6827461c7b7b4cbf059b160e914fd65a 67e1168eb449f8e436786e6234a78121c4cd500e8b7e445bff775d731a16eeb9 HTTP Headers `GET /js/main/script.js?version=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK content-type: text/javascript content-length: 36974 date: Wed, 01 Feb 2023 08:23:48 GMT last-modified: Mon, 15 Aug 2022 09:38:12 GMT etag: "f1e681a0bb4eb99a76e4fc67ca697e89" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: Tmu-KzRN6Oeavc0-wrcqJibWkRhC8CiRoExs4vjyn4KnwMQ5RmmQAA== age: 188230 vary: Origin X-Firefox-Spdy: h2

	region1.google-analytics.com/g/collect?v=2&tid=G-NVWF78EY0E&gtm=45je3210&_p=1644383615&cid=1453515958.1675428089&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675428088&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp20&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1	216.239.34.36	204 No Content	0 B
URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-NVWF78EY0E&gtm=45je3210&_p=1644383615&cid=1453515958.1675428089&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675428088&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp20&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP 216.239.34.36:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-NVWF78EY0E&gtm=45je3210&_p=1644383615&cid=1453515958.1675428089&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675428088&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp20&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.xn--vtedrmmer-52a7s.com Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://www.xn--vtedrmmer-52a7s.com date: Fri, 03 Feb 2023 12:40:58 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg	34.120.237.76	200 OK	8.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.2 kB (8211 bytes) Hash 114e345e134986d7451148fcea31b29d 541e878afee68c8802bb52b0cbbe5a5a0a185392 5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx content-length: 8211 x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fmKLVHwroAMF72Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ZZXEXszbtmGh7kLfhabCGd41rZRnSmQvdcySUQRTDtJRBqZVUK3LaQ== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 07:19:27 GMT age: 19295 etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	www.xn--vtedrmmer-52a7s.com/lp/blank.html?HistoryLoad	143.204.55.68	404 Not Found	0 B
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/blank.html?HistoryLoad IP 143.204.55.68:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /lp/blank.html?HistoryLoad HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/lp/lp20 Cookie: PHPSESSID=s728kfec4c683gpl5ef36c46l8; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B67732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF; cookies_marketing=1; cookies_analytic=1; _ga_NVWF78EY0E=GS1.1.1675428088.1.1.1675428088.0.0.0; _ga=GA1.1.1453515958.1675428089 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 404 Not Found content-type: text/html; charset=UTF-8 cache-control: no-store, no-cache, must-revalidate date: Fri, 03 Feb 2023 12:40:58 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT pragma: no-cache server: nginx/1.22.0 x-cache: Error from cloudfront via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: WU7gcFP4W9hOzLYtG6Zox3zp_9aYrj2r5yGRgK12W90KSCFfljV_1w== X-Firefox-Spdy: h2`

	media.xn--vtedrmmer-52a7s.com/project//logo_dark.png?config=7826	54.230.111.76	403 Forbidden	0 B
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project//logo_dark.png?config=7826 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /project//logo_dark.png?config=7826 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Cookie: _ga_NVWF78EY0E=GS1.1.1675428088.1.1.1675428088.0.0.0; _ga=GA1.1.1453515958.1675428089 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers `HTTP/2 403 Forbidden content-type: application/xml date: Fri, 03 Feb 2023 12:40:58 GMT server: AmazonS3 x-cache: Error from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: U267WmU6RPhtJpOd4EhM7oeumF7u71FoonccBoycuEV3GRWlZZr6AA== vary: Origin X-Firefox-Spdy: h2`

	www.xn--vtedrmmer-52a7s.com/lp/lp20	143.204.55.68	200 OK	0 B
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/lp20 IP 143.204.55.68:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /lp/lp20 HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: PHPSESSID=s728kfec4c683gpl5ef36c46l8; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B67732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers `HTTP/2 200 OK content-type: text/html; charset=UTF-8 cache-control: no-store, no-cache, must-revalidate date: Fri, 03 Feb 2023 12:40:56 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT pragma: no-cache server: nginx/1.22.0 x-cache: Miss from cloudfront via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 1CDJ2sw8dboSrIDPY9hY19nIiDocrx5va_HLzNv9BLoT3_L_IWDwRg== X-Firefox-Spdy: h2`

	www.xn--vtedrmmer-52a7s.com/lp/blank.html	143.204.55.68	404 Not Found	0 B
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/blank.html IP 143.204.55.68:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /lp/blank.html HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/lp/lp20 Cookie: PHPSESSID=s728kfec4c683gpl5ef36c46l8; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B67732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 404 Not Found content-type: text/html; charset=UTF-8 cache-control: no-store, no-cache, must-revalidate date: Fri, 03 Feb 2023 12:40:57 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT pragma: no-cache server: nginx/1.22.0 x-cache: Error from cloudfront via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: E8WJYHDMBAhjdmAi_NqTsn8WLKMzixJzbt5Nu4s1W9LplS4oiBJXCQ== X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML