s.sloffer1.com/75077/8184/28194/?aff_sub4=_bucket&aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&bo=2753,2754,2755,2756&aff_sub5=_test_r565&aff_sub4=ALGO_bucket&source=55609_test_r565
3.218.135.42303 See Other 766 B URL HTTP/1.1 s.sloffer1.com/75077/8184/28194/?aff_sub4=_bucket&aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&bo=2753,2754,2755,2756&aff_sub5=_test_r565&aff_sub4=ALGO_bucket&source=55609_test_r565
IP 3.218.135.42:0
File type HTML document, ASCII text, with very long lines (766), with no line terminators
Hash 218a2b576b60639071fa7b142ecb33ad
b93a391c5675c61896e7954f6125bfbb432f594f
2f61d98dab2f84d33c717a0be170b61f4ce2281658533359f4e249d3706193e4
GET /75077/8184/28194/?aff_sub4=_bucket&aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&bo=2753,2754,2755,2756&aff_sub5=_test_r565&aff_sub4=ALGO_bucket&source=55609_test_r565 HTTP/1.1
Host: s.sloffer1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Server: nginx/1.19.0
Date: Fri, 03 Feb 2023 12:40:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 766
Connection: keep-alive
set-cookie: aff_ran_url_8184=28194; Path=/; Expires=Sat, 04 Feb 2023 12:40:53 GMT; Secure
tracking_id: 10271ed0e82bf2737f657c38121748
location: https://t.bbwafx.com/c8e030ow01/75077/584/?aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_sub4=ALGO_bucket&aff_sub5=_test_r565&aff_unique1=&aff_unique2=&aff_unique3=&aff_unique4=&aff_unique5=&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&source=55609_test_r565&bo=2753%2C2754%2C2755%2C2756
vary: Accept
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5298
Expires: Fri, 03 Feb 2023 14:09:11 GMT
Date: Fri, 03 Feb 2023 12:40:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3933
Expires: Fri, 03 Feb 2023 13:46:26 GMT
Date: Fri, 03 Feb 2023 12:40:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18679
Expires: Fri, 03 Feb 2023 17:52:12 GMT
Date: Fri, 03 Feb 2023 12:40:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 12:36:10 GMT
content-type: application/json
age: 283
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /iEeH9LZXbZcRy8QPnq6wjIMIZkAzJtl8nfIkJlpXn2ZL44MeKGDeZOcFbPp7Crsr/7Tcgp78A8=
x-amz-request-id: D15VXANWMENQE0MN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 12:23:32 GMT
age: 1041
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:40:53 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c1572392a68c93345bc1925ac290cf12
f8d36b68bcb7864d9b7798c24263de0af5ca615f
36a52e3cf1934fe95c142cb49c0d82f1543e5fffde136573815e53825e6b0548
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36A52E3CF1934FE95C142CB49C0D82F1543E5FFFDE136573815E53825E6B0548"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10628
Expires: Fri, 03 Feb 2023 15:38:02 GMT
Date: Fri, 03 Feb 2023 12:40:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 11:49:06 GMT
age: 3108
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
t.bbwafx.com/c8e030ow01/75077/584/?aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_sub4=ALGO_bucket&aff_sub5=_test_r565&aff_unique1=&aff_unique2=&aff_unique3=&aff_unique4=&aff_unique5=&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&source=55609_test_r565&bo=2753%2C2754%2C2755%2C2756
52.207.71.232303 See Other 848 B URL HTTP/2 t.bbwafx.com/c8e030ow01/75077/584/?aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_sub4=ALGO_bucket&aff_sub5=_test_r565&aff_unique1=&aff_unique2=&aff_unique3=&aff_unique4=&aff_unique5=&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&source=55609_test_r565&bo=2753%2C2754%2C2755%2C2756
IP 52.207.71.232:0
File type HTML document, ASCII text, with very long lines (848), with no line terminators
Hash 39e79328205426a92522bd715dbd4b32
c44952ed1681811effc032258c284ede0bae077e
93d3be24e605bcc8b617fba264a38ba313bdc2d13fd239c7ab7ca597abf4d492
GET /c8e030ow01/75077/584/?aff_sub=test_r565&aff_sub2=55609&aff_sub3=w703j2374omhg4cmiqdetbfg&aff_sub4=ALGO_bucket&aff_sub5=_test_r565&aff_unique1=&aff_unique2=&aff_unique3=&aff_unique4=&aff_unique5=&aff_click_id=1025dbdf4aedc5d3fddd25934f5da7&source=55609_test_r565&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: t.bbwafx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 303 See Other
server: nginx/1.17.10
date: Fri, 03 Feb 2023 12:40:54 GMT
content-type: text/html; charset=utf-8
content-length: 848
location: https://a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_r565%3B55609_test_r565&affiliateID=44542&source=1029389a8fc1df86ba6eb839214196&subID2=75077&s2=1029389a8fc1df86ba6eb839214196&s3=test_r565%3B55609_test_r565&s4=75077&url=1&affsub=test_r565&affsource=55609_test_r565&aff_click_id=1029389a8fc1df86ba6eb839214196&bo=2753%2C2754%2C2755%2C2756
set-cookie: enc_aff_session_3785=ENC03074224bb2581acad291dee783389aa6ce874ac7c16617b98beb697f3e7f731652cb6e9b8682fcab04de44d03fb496030fd5fa05f902462c45b62c5916dabd08d13a4d1291a84f4600e57b840dbc0f6439b50af17ffb2130d12b5de9c9ddbe2961ab4f1550337b6e95e423d7ef6ea25572d49edf0eb53969f3f78cf6dcd161e61aa530c95d4a501d26e7435121d893927fa2204b3aeed9149cb11bfdc4840c293382c5f5c5d0057ed51ae6e14aaef4e7fdac8375b79c1b8804576e3d6857fb8512e8ee127; Path=/; Expires=Sun, 02 Feb 2025 12:40:54 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Sun, 28 Dec 2025 23:20:54 GMT; Secure
tracking_id: 1029389a8fc1df86ba6eb839214196
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_r565%3B55609_test_r565&affiliateID=44542&source=1029389a8fc1df86ba6eb839214196&subID2=75077&s2=1029389a8fc1df86ba6eb839214196&s3=test_r565%3B55609_test_r565&s4=75077&url=1&affsub=test_r565&affsource=55609_test_r565&aff_click_id=1029389a8fc1df86ba6eb839214196&bo=2753%2C2754%2C2755%2C2756
18.192.108.151302 Found 0 B URL HTTP/2 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_r565%3B55609_test_r565&affiliateID=44542&source=1029389a8fc1df86ba6eb839214196&subID2=75077&s2=1029389a8fc1df86ba6eb839214196&s3=test_r565%3B55609_test_r565&s4=75077&url=1&affsub=test_r565&affsource=55609_test_r565&aff_click_id=1029389a8fc1df86ba6eb839214196&bo=2753%2C2754%2C2755%2C2756
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=test_r565%3B55609_test_r565&affiliateID=44542&source=1029389a8fc1df86ba6eb839214196&subID2=75077&s2=1029389a8fc1df86ba6eb839214196&s3=test_r565%3B55609_test_r565&s4=75077&url=1&affsub=test_r565&affsource=55609_test_r565&aff_click_id=1029389a8fc1df86ba6eb839214196&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: a.vfgtf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Fri, 03 Feb 2023 12:40:54 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_r565%3B55609_test_r565&affiliateID=170910&source=1029389a8fc1df86ba6eb839214196&subID2=75077&target=&Site=&Bnr=ALGO&cid=waor0adms9qln4cmihnev9d0&affsource=55609_test_r565&source=75077_55609_test_r565
pragma: no-cache
set-cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=5pPnrPLkHZrb95qMOeQY3kJPp8_xEos5RcLU1AoMB18; Max-Age=86400; Expires=Sat, 04-Feb-2023 12:40:54 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=X%2BL81Gu2K9OQMOCRLpMh1v3FZSWyekrAtM6WppZ%2BhY3T9LbeAqXOJECrfphWx0b7WiHuUtRqIecaqcrJxb%2BXJI9SVO4j0ZJjwr%2BmqoxC6AsR8yCxAKrMyhfHeCS2oOLYv%2BHL6wR1mlN1bnadBIoOoA%3D%3D; Max-Age=31536000; Expires=Sat, 03-Feb-2024 12:40:54 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16209
Expires: Fri, 03 Feb 2023 17:11:03 GMT
Date: Fri, 03 Feb 2023 12:40:54 GMT
Connection: keep-alive
a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_r565%3B55609_test_r565&affiliateID=170910&source=1029389a8fc1df86ba6eb839214196&subID2=75077&target=&Site=&Bnr=ALGO&cid=waor0adms9qln4cmihnev9d0&affsource=55609_test_r565&source=75077_55609_test_r565
18.192.108.151302 Found 0 B URL HTTP/2 a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_r565%3B55609_test_r565&affiliateID=170910&source=1029389a8fc1df86ba6eb839214196&subID2=75077&target=&Site=&Bnr=ALGO&cid=waor0adms9qln4cmihnev9d0&affsource=55609_test_r565&source=75077_55609_test_r565
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=test_r565%3B55609_test_r565&affiliateID=170910&source=1029389a8fc1df86ba6eb839214196&subID2=75077&target=&Site=&Bnr=ALGO&cid=waor0adms9qln4cmihnev9d0&affsource=55609_test_r565&source=75077_55609_test_r565 HTTP/1.1
Host: a.vfgtc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Fri, 03 Feb 2023 12:40:54 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=test_r565%3B55609_test_r565&aff_sub2=75077&aff_sub3=waor0adms9qln4cmingfi47u&aff_click_id=1029389a8fc1df86ba6eb839214196&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_55609_test_r565&aff_sub4=ALGO_bucket&source=75077_55609_test_r565
pragma: no-cache
set-cookie: 2d2fb929-79a5-4a1c-840d-3f370da182b6-v4=B6KIhQXVoz0aA56y8CEkCn8zld5Frj5DOvaV-MVR6Rg; Max-Age=86400; Expires=Sat, 04-Feb-2023 12:40:54 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=kUaeAna%2FduL41k%2BSBysdIOSY92VszVFslwmvsGZ670jMw2Q5jOW63%2FvEb5o9uG3wsbd5dlDLaEbzQIfXtzuTlFDmo2d8q6jkMX5HNFEcsT%2BnlBcqwTr9W3bFIrNPACbvyIs%2F6Q1Zdhb4eC0a8Wtlcw%3D%3D; Max-Age=31536000; Expires=Sat, 03-Feb-2024 12:40:54 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.161.100.71101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.100.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8qsjKhyOPNAW309Y0O6cEQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 96co+u9Ej69pQzo67NbP3vdNlP0=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 06cd769ce330c814fbe5c4bc6d48dd3c
0b5a317543d2e30f6d727fb13995cfd3f7431a9c
b8435b75edf31f703a8e2c3bc47cb374f32c6ed6ff7674b7b311c0834f55c688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8435B75EDF31F703A8E2C3BC47CB374F32C6ED6FF7674B7B311C0834F55C688"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7922
Expires: Fri, 03 Feb 2023 14:52:56 GMT
Date: Fri, 03 Feb 2023 12:40:54 GMT
Connection: keep-alive
s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=test_r565%3B55609_test_r565&aff_sub2=75077&aff_sub3=waor0adms9qln4cmingfi47u&aff_click_id=1029389a8fc1df86ba6eb839214196&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_55609_test_r565&aff_sub4=ALGO_bucket&source=75077_55609_test_r565
3.218.135.42303 See Other 402 B URL HTTP/2 s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=test_r565%3B55609_test_r565&aff_sub2=75077&aff_sub3=waor0adms9qln4cmingfi47u&aff_click_id=1029389a8fc1df86ba6eb839214196&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_55609_test_r565&aff_sub4=ALGO_bucket&source=75077_55609_test_r565
IP 3.218.135.42:0
File type HTML document, ASCII text, with very long lines (402), with no line terminators
Hash 800c74e7e3832f8691469c5b14010b6c
742676c08d1846093c0e1caafaf04a6009f40a4e
cd02983afcccbb451e633393b924a54d8b9701b0743bfd8c27ae786dc9b383fa
GET /170910/8373/0/?aff_sub4=_bucket&aff_sub=test_r565%3B55609_test_r565&aff_sub2=75077&aff_sub3=waor0adms9qln4cmingfi47u&aff_click_id=1029389a8fc1df86ba6eb839214196&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_55609_test_r565&aff_sub4=ALGO_bucket&source=75077_55609_test_r565 HTTP/1.1
Host: s.sloffer1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 303 See Other
server: nginx/1.19.0
date: Fri, 03 Feb 2023 12:40:54 GMT
content-type: text/html; charset=utf-8
content-length: 402
location: https://tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_55609_test_r565&sub3=1022b92898b055a3f1f824cf538b14&bo=2753%2C2754%2C2755%2C2756
set-cookie: enc_aff_session_8373=ENC031d28a91ce1baa92508724c6a99e353cbcc17d45ce4c0406ac89d39e3289aaf3215e4970f0db5dbdc692f5c30f76cb39e69979f94750d96ed6febd7d95adb0da348f68d896756de96bd62d8790c2f78ee3a46b71d5f418dd4188b213adf76f441e59b64a4b62d3e2b0d95cd6152d9ccdc95634f678db59ef0e73e15608cb5c247fb992f392ae383e17c8a9173d9aac056e3535a1e99a2c1a022de8d83c429d204b61cfaaed7756ac9f35612b833b14fe984dcc11e84f7d3ec6f543aa84796f2fad279471fbb7d348f903d7d68aad8b0673f767e5d855611487ad5daf2adf32bb4354332b8; Path=/; Expires=Sun, 02 Feb 2025 12:40:54 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Sun, 28 Dec 2025 23:20:54 GMT; Secure
tracking_id: 1022b92898b055a3f1f824cf538b14
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a3cc1e8705d8244938067b06e7af82d2
a2f2681f6dc591e3bededf35c65e77f5342d83a1
3c1a402752b7dfd6d9d711dae0eea296dce82b39e43eca8ec905fef8bf1d89a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3C1A402752B7DFD6D9D711DAE0EEA296DCE82B39E43ECA8EC905FEF8BF1D89A0"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8243
Expires: Fri, 03 Feb 2023 14:58:18 GMT
Date: Fri, 03 Feb 2023 12:40:55 GMT
Connection: keep-alive
tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_55609_test_r565&sub3=1022b92898b055a3f1f824cf538b14&bo=2753%2C2754%2C2755%2C2756
172.67.190.127302 Found 0 B URL HTTP/2 tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_55609_test_r565&sub3=1022b92898b055a3f1f824cf538b14&bo=2753%2C2754%2C2755%2C2756
IP 172.67.190.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=781&offer_id=1085&sub1=170910&sub2=75077_55609_test_r565&sub3=1022b92898b055a3f1f824cf538b14&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: tracking.t0r4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 03 Feb 2023 12:40:55 GMT
content-length: 0
location: https://zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_55609_test_r565&campaign=&sum=&clickid=63dd00d7b7aed300016243b9
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63dd00d7b7aed300016243b9; expires=Sat, 03 Feb 2024 12:40:55 GMT; secure; SameSite=None
afoffers={"1085":1675428055}; expires=Sat, 03 Feb 2024 12:40:55 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wi9QSV%2FL1KcpqJ0VRYI%2F%2BKpFP%2FfQxgGpmUayzB0x8KjZOLNEz69MVpumeXjxPJngiSzetX61Oh6XgD8Eg83yYzsxiUUdseR%2FJjXQ4APJKRbN5x9mq%2FL0C6mPn6sWbPjrTWf5EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793b3ce0bed50afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a3cc1e8705d8244938067b06e7af82d2
a2f2681f6dc591e3bededf35c65e77f5342d83a1
3c1a402752b7dfd6d9d711dae0eea296dce82b39e43eca8ec905fef8bf1d89a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3C1A402752B7DFD6D9D711DAE0EEA296DCE82B39E43ECA8EC905FEF8BF1D89A0"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8243
Expires: Fri, 03 Feb 2023 14:58:18 GMT
Date: Fri, 03 Feb 2023 12:40:55 GMT
Connection: keep-alive
zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_55609_test_r565&campaign=&sum=&clickid=63dd00d7b7aed300016243b9
18.184.38.55302 Found 0 B URL HTTP/2 zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_55609_test_r565&campaign=&sum=&clickid=63dd00d7b7aed300016243b9
IP 18.184.38.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_55609_test_r565&campaign=&sum=&clickid=63dd00d7b7aed300016243b9 HTTP/1.1
Host: zzotrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Fri, 03 Feb 2023 12:40:55 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=ws08ncu7m3omh4cmioi586cm&aff_sub3=170910
pragma: no-cache
set-cookie: 381f1b1b-7ced-4eef-857b-418b4c176094-v4=9abyVLJrk5euwhWRg5UISKOZyxhixrvdG6-MkTK4c-s; Max-Age=86400; Expires=Sat, 04-Feb-2023 12:40:55 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=YEDSxPtv2KK68NKaeNNZnU53mWQF6Mfnss1RkqYaJYKwirlpkNW%2BvSBeBKlcmPBRe8nBWIDhbb42W%2FoPNu%2FstXxC365eUWViHpvYjd28mP9bvtGepYSCbNsbKIZOdSXAkd%2FTDEMaPe%2BbRFL%2BSFApaw%3D%3D; Max-Age=31536000; Expires=Sat, 03-Feb-2024 12:40:55 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 23c5cd6943f470546f464f9778d06d0c
4e218413b9c3b0d6bb2920e50d82fff97304358d
a9ac5c494782482b03f5f82990ac06b41c1119982deadba88862f3b9388147ef
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148053
Date: Fri, 03 Feb 2023 12:40:55 GMT
Etag: "63dca02c-1d7"
Expires: Sun, 05 Feb 2023 05:48:28 GMT
Last-Modified: Fri, 03 Feb 2023 05:48:28 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eNgMxRT1zzn78ke_6u2nOPxbj7oZWe5Wzj2LLaEm3bJ_NIjRcYHtnQ==
www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=ws08ncu7m3omh4cmioi586cm&aff_sub3=170910
52.212.63.104302 Found 403 B URL HTTP/1.1 www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=ws08ncu7m3omh4cmioi586cm&aff_sub3=170910
IP 52.212.63.104:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash b0785a006f631f784f4defac9d2a441f
9deedaa82c9b00b3f4e8c02eaff50d34d0666854
055e18007a5fbe2fbe607671656d3cefb6df5cc32d7e9d16eedccaa68004d4df
GET /aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=ws08ncu7m3omh4cmioi586cm&aff_sub3=170910 HTTP/1.1
Host: www.ntr4x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 03 Feb 2023 12:40:55 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 403
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.våtedrømmer.com/campaign?utm_campaign=6535&utm_term=102776e78c92f471ec3173d75ca013&utm_source=170910&utm_content=ws08ncu7m3omh4cmioi586cm&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_1672=ENC03b7515f375e09651c6521db27cfdea4725b54fcc67b9935abdafe99453204570e26e44e4bffa08c4dd66457d9a57228352e4e218c6664847304b5220e0343dc0a4190a43c44eb83be0cf545586a7c9187f25bed897cbb579b8ce911c2c3318762469d25370bb93011d4c9775259b5bb2c392ef91c0e34040cd6a8bf74f74df932c5309d49225bd22b2343995956116de6c31d9041b2b5b58a1de3da6a9941e31594af5255a4eb86a2135b699e514d8340552b11d262ebc0c3a74c5356bb0106272032094d; expires=Sat, 04 Feb 2023 12:40:55 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sun, 28 Dec 2025 23:20:55 GMT; path=/; SameSite=None; Secure
Tracking_id: 102776e78c92f471ec3173d75ca013
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 3e67cca61e8c1a8a1de283bc3eddd111
Access-Control-Allow-Headers: Tune-SDK-Version
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2589
Expires: Fri, 03 Feb 2023 13:24:04 GMT
Date: Fri, 03 Feb 2023 12:40:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2589
Expires: Fri, 03 Feb 2023 13:24:04 GMT
Date: Fri, 03 Feb 2023 12:40:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2589
Expires: Fri, 03 Feb 2023 13:24:04 GMT
Date: Fri, 03 Feb 2023 12:40:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2589
Expires: Fri, 03 Feb 2023 13:24:04 GMT
Date: Fri, 03 Feb 2023 12:40:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 28054
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 51125
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 44151
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae0083daa88e6b26c6525c51348d266c
676f55b22fdeee4f7737a48cb2b89d86aa371aae
89f6903260704061faf849549fd95e6f9cbbfcbbf93eaa17d32b96c5e4244d53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7159
x-amzn-requestid: 1d159649-0d8c-4806-8f42-585b985972ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuwSKF61IAMF5qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2da7-18fc268c5a719c1d19079001;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:39:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VyQrwAb5tjqPPPQbxf9Ee_zB1UvrnMPGjOHeRKEzyH6BBDazPUkXSA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:47:02 GMT
age: 53633
etag: "676f55b22fdeee4f7737a48cb2b89d86aa371aae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a92e881554205ebbe3721a7bbaeab40
b620fc82bd15b55b581bd8c3a699e1b16563ad2e
ff753b8411bfa0df54938a5f829ce25acbad863a2a3540b3bacca02baf9a2c7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6398
x-amzn-requestid: 843fefd3-8cf4-44ee-bb7c-a010d4149442
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv1XFXQoAMFe5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2cee-76739fd87b4c0d203eca4114;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EUE3i8Lccx5p9GVN4Dv3DOhFmG_4byC3LrD7SLrk4A5Zbone-NJwVA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:52:34 GMT
age: 53301
etag: "b620fc82bd15b55b581bd8c3a699e1b16563ad2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 51182
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 8aba168301e23db7d24c982030307a3a
cd8269a97072ae9c933e3da52f98ec051d400302
40a8f9fa7b6a097858fe0d3bd6f6351562bb4162f851e483b99c8f8ef057f0c0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 12:40:56 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CGtNOf2bwhMqg1JI1owFSXtj3FP2qWSph6ueHTyX0xhSqcTSQVRbJQ==
www.xn--vtedrmmer-52a7s.com/campaign?utm_campaign=6535&utm_term=102776e78c92f471ec3173d75ca013&utm_source=170910&utm_content=ws08ncu7m3omh4cmioi586cm&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781
143.204.55.68302 Found 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/campaign?utm_campaign=6535&utm_term=102776e78c92f471ec3173d75ca013&utm_source=170910&utm_content=ws08ncu7m3omh4cmioi586cm&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781
IP 143.204.55.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /campaign?utm_campaign=6535&utm_term=102776e78c92f471ec3173d75ca013&utm_source=170910&utm_content=ws08ncu7m3omh4cmioi586cm&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781 HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
content-length: 0
cache-control: no-store, no-cache, must-revalidate, no-cache="set-cookie"
date: Fri, 03 Feb 2023 12:40:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /landingpage
pragma: no-cache
server: nginx/1.22.0
set-cookie: PHPSESSID=s728kfec4c683gpl5ef36c46l8; path=/
AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B67732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF;PATH=/
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: L0IjBOK24pVkf0CrewwL0B5PueXF_DQ4tfMXOrK-hFZQ0UVaN-Zwcg==
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/landingpage
143.204.55.68302 Found 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/landingpage
IP 143.204.55.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /landingpage HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=s728kfec4c683gpl5ef36c46l8; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B67732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
content-length: 0
cache-control: no-store, no-cache, must-revalidate
date: Fri, 03 Feb 2023 12:40:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /lp/lp20
pragma: no-cache
server: nginx/1.22.0
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: obG48CwEgOKSppKtaePHb3EHoWB60aj1TlbdvW8h6tFH60z2Wivopg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 12:40:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E
142.250.74.40200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E
IP 142.250.74.40:0
File type ASCII text, with very long lines (19467)
Hash 7b6d66b97467a4ca703167639a4be6ff
db874849e6ca10796d306d01fe9ec01ca6292ab3
f6a447c5aa3d653a68a14a830e526909d58cb75602bbf40c31775c88ce46b993
GET /gtag/js?id=G-NVWF78EY0E HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 12:40:57 GMT
expires: Fri, 03 Feb 2023 12:40:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77058
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 12:40:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash e81e0b633d5908a1fda1df241fe67fe0
f87952502bf1dae5fb7376ecce31d051f7f39c07
ed3f26de7e26468fb7f8ff23b6aed7c8c71b94898fb068b233fc0eedfa283a61
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170367
Date: Fri, 03 Feb 2023 12:40:57 GMT
Etag: "63dcf758-1d7"
Expires: Sun, 05 Feb 2023 12:00:24 GMT
Last-Modified: Fri, 03 Feb 2023 12:00:24 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JY3KyctXbN46Cy0TGyMxqP3RgJ_zk23ZvCFOOPVXKpVipvmZ7Zdfpw==
media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826
54.230.111.76200 OK 84 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826
IP 54.230.111.76:0
File type Unicode text, UTF-8 text, with very long lines (65426)
Hash ce3ccb44a305193a7ab00bfdb69b4e23
c33ded560d8928ee37892bcab8398fac77e2ed07
7f2f658ecf4bd097d730ab77a8513fb1b8b6ca6032b919d6abb0e3be6be210c9
GET /js/landingpage/script.js?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 83821
date: Wed, 01 Feb 2023 08:21:59 GMT
last-modified: Mon, 15 Aug 2022 09:38:18 GMT
etag: "ce3ccb44a305193a7ab00bfdb69b4e23"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zfAWngo-mBOS06lTiqmn7R5Gl6x3RI0m1QhLVmRTv4zHBw9-nC5nCg==
age: 188339
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/project/489/logo_dark.png?config=7826
54.230.111.76200 OK 10 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project/489/logo_dark.png?config=7826
IP 54.230.111.76:0
File type PNG image data, 320 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash dea19df8bf5758e2af9921e166e1420d
4f4610c28f3bad69e8b72d7f6379dcf61f50bd39
2cac0168f0a0c24154662208ee88cfe4213a26fe64c18211fcfcea31f6338b78
GET /project/489/logo_dark.png?config=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 10042
date: Wed, 01 Feb 2023 08:21:59 GMT
last-modified: Fri, 13 Nov 2020 10:55:08 GMT
etag: "dea19df8bf5758e2af9921e166e1420d"
cache-control: max-age=3153600
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PMkzkwMisKdytJLNekJ39e_MxPCYL9aeMOM310KMQ3PxRe6QuHZq6Q==
age: 188339
vary: Origin
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash e81e0b633d5908a1fda1df241fe67fe0
f87952502bf1dae5fb7376ecce31d051f7f39c07
ed3f26de7e26468fb7f8ff23b6aed7c8c71b94898fb068b233fc0eedfa283a61
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170367
Date: Fri, 03 Feb 2023 12:40:57 GMT
Etag: "63dcf758-1d7"
Expires: Sun, 05 Feb 2023 12:00:24 GMT
Last-Modified: Fri, 03 Feb 2023 12:00:24 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JYyLwotJPTMNNkPW3hetqkyxzJZ55Sq4pf22001z9PxfcRA22uS1xA==
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash e81e0b633d5908a1fda1df241fe67fe0
f87952502bf1dae5fb7376ecce31d051f7f39c07
ed3f26de7e26468fb7f8ff23b6aed7c8c71b94898fb068b233fc0eedfa283a61
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170367
Date: Fri, 03 Feb 2023 12:40:57 GMT
Etag: "63dcf758-1d7"
Expires: Sun, 05 Feb 2023 12:00:24 GMT
Last-Modified: Fri, 03 Feb 2023 12:00:24 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GPsOKby4A_sXdCvMr9SO5cUhL7u4e2y4mHy1TSEnonn5pIs1_mewPw==
media.xn--vtedrmmer-52a7s.com/css/landingpage/matchm/style.css?version=7826
54.230.111.76200 OK 84 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/css/landingpage/matchm/style.css?version=7826
IP 54.230.111.76:0
File type ASCII text, with very long lines (50442)
Hash 88fc9f004fb667d33f56de0d9e011e49
fbcbbf3c4437b699b26a27ee7059db7fec6cb8bb
2e091e8c984974a9ec9deee6081500857519d245f60d16faa4b15504e6701cb8
GET /css/landingpage/matchm/style.css?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 83844
date: Wed, 01 Feb 2023 08:21:59 GMT
last-modified: Mon, 21 Nov 2022 10:58:28 GMT
etag: "88fc9f004fb667d33f56de0d9e011e49"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pvaF0v2MUic86EJaJ9zcdZV4A_KBr8F4hW33hcqp4qe1GgyBKKDpEg==
age: 188339
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/images/landingpage/lp20/dating.jpg
54.230.111.76200 OK 105 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/images/landingpage/lp20/dating.jpg
IP 54.230.111.76:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 790x882, components 3\012- data
Size 105 kB (105401 bytes)
Hash e3e9897556a5683d4955c17b2976c76d
65bdfdc61f841a98406f99ae6a8e1bd6a88bfaff
2c908556342f9d4b976a4d1afdcbc101b9c732ebb01d789e4aebadf17ec1094b
GET /images/landingpage/lp20/dating.jpg HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 105401
date: Wed, 04 Jan 2023 10:14:02 GMT
last-modified: Fri, 01 Feb 2019 09:29:01 GMT
etag: "e3e9897556a5683d4955c17b2976c76d"
cache-control: max-age=3153600
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5Sm8nYk_m6KitFc1aOb7WQb8UDmOMlCSG118-ByQSSbn6wzw01SvlQ==
age: 2600816
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/project/489/favicon.ico?config=7826
54.230.111.76200 OK 4.3 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project/489/favicon.ico?config=7826
IP 54.230.111.76:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 56283d52626ba639ee4fc7c0a6c84324
b150126aede65c06da7573ac4488ff0043da0431
9b5bd7e7398519bf0f9dd7e52e05194f2f2d64fc549265400484d98e4b6f4281
GET /project/489/favicon.ico?config=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 4286
date: Wed, 01 Feb 2023 08:23:50 GMT
last-modified: Fri, 13 Nov 2020 10:55:42 GMT
etag: "56283d52626ba639ee4fc7c0a6c84324"
cache-control: max-age=3153600
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rtHYyoQTWvY1V5CJHqaO-EESSFf2fPOywnh0MSVXrOPT1xhhOQl25A==
age: 188228
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/css/project/matchm/style.css?version=7826
54.230.111.76200 OK 98 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/css/project/matchm/style.css?version=7826
IP 54.230.111.76:0
File type ASCII text, with very long lines (53333)
Hash 064699c25e405c0e166d7662c3561761
27fb9b6c67c5a1c09276a71047ab2fbab7ce69d7
1eaa6a6a7e75e343e5fe9f779b7f6502b3b72e5f799bcb01c26f5c5c19a1b52a
GET /css/project/matchm/style.css?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 97544
date: Wed, 01 Feb 2023 08:23:48 GMT
last-modified: Mon, 21 Nov 2022 10:58:32 GMT
etag: "064699c25e405c0e166d7662c3561761"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CNxBLelF_akb3tCtcnGThWdjfmKjQcIBWDthPQsAs4KbV-VQMsJ3YA==
age: 188230
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826
54.230.111.76200 OK 757 B URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826
IP 54.230.111.76:0
File type ASCII text, with very long lines (1532), with no line terminators
Hash 69b7363b2a1c3b6ca1d79b403e0c6c1c
d369fce98ab7c8750527c5c2f64130dda8729dbf
e6e40f36330091e93b7e5a1661e132f5624d5622ddd56c8941f4027101c36067
GET /js/manifest/script.js?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 757
date: Wed, 01 Feb 2023 08:23:48 GMT
last-modified: Thu, 08 Oct 2020 13:26:42 GMT
etag: "69b7363b2a1c3b6ca1d79b403e0c6c1c"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O88HSk2VrDuxU63cCjPg1wU4rgDweLGVVpD78XiTH7pZ2LzKysdANQ==
age: 188230
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826
54.230.111.76200 OK 236 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826
IP 54.230.111.76:0
File type ASCII text, with very long lines (65433)
Size 236 kB (236255 bytes)
Hash f5ef8833e788ec24ffaac4864a1a9fb6
c4fbc75d56f0269014baf42d5de92ce35f9371f9
9947197e08fb77b400bb6e3294799a442828cb004532c9b7d9872bda9ab16cea
GET /js/vendor/script.js?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 236255
date: Wed, 01 Feb 2023 08:23:48 GMT
last-modified: Mon, 15 Aug 2022 09:38:09 GMT
etag: "f5ef8833e788ec24ffaac4864a1a9fb6"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rCfLr46_5Wr7aAe2e4SDjiT1WLR7X-F1f-_FqNcEP_mHYsAREAQTcg==
age: 188230
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826
54.230.111.76200 OK 37 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826
IP 54.230.111.76:0
File type ASCII text, with very long lines (65435)
Hash f1e681a0bb4eb99a76e4fc67ca697e89
c0be4bbc6827461c7b7b4cbf059b160e914fd65a
67e1168eb449f8e436786e6234a78121c4cd500e8b7e445bff775d731a16eeb9
GET /js/main/script.js?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 36974
date: Wed, 01 Feb 2023 08:23:48 GMT
last-modified: Mon, 15 Aug 2022 09:38:12 GMT
etag: "f1e681a0bb4eb99a76e4fc67ca697e89"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Tmu-KzRN6Oeavc0-wrcqJibWkRhC8CiRoExs4vjyn4KnwMQ5RmmQAA==
age: 188230
vary: Origin
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-NVWF78EY0E>m=45je3210&_p=1644383615&cid=1453515958.1675428089&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675428088&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp20&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-NVWF78EY0E>m=45je3210&_p=1644383615&cid=1453515958.1675428089&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675428088&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp20&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-NVWF78EY0E>m=45je3210&_p=1644383615&cid=1453515958.1675428089&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675428088&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp20&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xn--vtedrmmer-52a7s.com
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.xn--vtedrmmer-52a7s.com
date: Fri, 03 Feb 2023 12:40:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZZXEXszbtmGh7kLfhabCGd41rZRnSmQvdcySUQRTDtJRBqZVUK3LaQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 07:19:27 GMT
age: 19295
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/lp/blank.html?HistoryLoad
143.204.55.68404 Not Found 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/blank.html?HistoryLoad
IP 143.204.55.68:0
GET /lp/blank.html?HistoryLoad HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/lp/lp20
Cookie: PHPSESSID=s728kfec4c683gpl5ef36c46l8; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B67732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF; cookies_marketing=1; cookies_analytic=1; _ga_NVWF78EY0E=GS1.1.1675428088.1.1.1675428088.0.0.0; _ga=GA1.1.1453515958.1675428089
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
date: Fri, 03 Feb 2023 12:40:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.22.0
x-cache: Error from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WU7gcFP4W9hOzLYtG6Zox3zp_9aYrj2r5yGRgK12W90KSCFfljV_1w==
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/project//logo_dark.png?config=7826
54.230.111.76403 Forbidden 0 B URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project//logo_dark.png?config=7826
IP 54.230.111.76:0
GET /project//logo_dark.png?config=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Cookie: _ga_NVWF78EY0E=GS1.1.1675428088.1.1.1675428088.0.0.0; _ga=GA1.1.1453515958.1675428089
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Fri, 03 Feb 2023 12:40:58 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U267WmU6RPhtJpOd4EhM7oeumF7u71FoonccBoycuEV3GRWlZZr6AA==
vary: Origin
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/lp/lp20
143.204.55.68200 OK 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/lp20
IP 143.204.55.68:0
GET /lp/lp20 HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=s728kfec4c683gpl5ef36c46l8; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B67732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
date: Fri, 03 Feb 2023 12:40:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.22.0
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1CDJ2sw8dboSrIDPY9hY19nIiDocrx5va_HLzNv9BLoT3_L_IWDwRg==
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/lp/blank.html
143.204.55.68404 Not Found 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/blank.html
IP 143.204.55.68:0
GET /lp/blank.html HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/lp/lp20
Cookie: PHPSESSID=s728kfec4c683gpl5ef36c46l8; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B67732DA2E2C0F1EC2DC5D9750CB59139C8BE168E1EA94654C8953046A410C9E5EF
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
date: Fri, 03 Feb 2023 12:40:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.22.0
x-cache: Error from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: E8WJYHDMBAhjdmAi_NqTsn8WLKMzixJzbt5Nu4s1W9LplS4oiBJXCQ==
X-Firefox-Spdy: h2