urlquery - report: swimmings.flu.cc/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2022-11-30 20:24:46 UTC	93.184.220.29
swimmings.flu.cc (2)	0	No data	No data	72.52.179.174	Unknown ranking
img-getpocket.cdn.mozilla.net (7)	1631	2017-09-01 03:40:57 UTC	2022-11-30 17:26:07 UTC	34.120.237.76
tsyndicate.com (1)	13042	2017-03-16 09:04:54 UTC	2022-11-30 22:34:08 UTC	136.243.83.47
www.google-analytics.com (2)	40	2013-07-28 22:04:32 UTC	2022-11-30 22:10:37 UTC	142.250.74.14
r3.o.lencr.org (11)	344	2020-12-02 08:52:13 UTC	2022-11-30 17:12:16 UTC	95.101.11.115
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-30 17:13:24 UTC	34.117.237.239
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-11-30 17:12:17 UTC	52.37.79.227
ocsp.pki.goog (6)	175	2017-06-14 07:23:31 UTC	2022-11-30 17:12:14 UTC	142.250.74.131
www.gstatic.com (2)	0	2016-07-26 09:37:06 UTC	2022-11-30 22:12:22 UTC	142.250.74.35	Domain (gstatic.com) ranked at: 540
cdn.smrt-assets.com (9)	0	No data	No data	95.101.10.10	Unknown ranking
guard.cdtbox.rocks (1)	240008	No data	No data	3.211.105.4
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-11-30 17:19:42 UTC	34.160.144.191
ocsp.sca1b.amazontrust.com (4)	1015	2017-03-03 15:20:51 UTC	2019-03-27 04:05:54 UTC	143.204.42.88
linksecurecd.com (2)	175553	No data	No data	52.208.36.79
region1.google-analytics.com (1)	0	2022-03-17 11:26:33 UTC	2022-11-30 17:28:03 UTC	216.239.32.36	Domain (google-analytics.com) ranked at: 8401
statisticresearch.com (1)	584767	No data	No data	52.204.249.38
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-30 17:12:31 UTC	34.102.187.140
www.googletagmanager.com (1)	75	2013-05-22 02:07:37 UTC	2022-11-30 23:14:41 UTC	142.250.74.168
stats.g.doubleclick.net (1)	96	2013-06-10 20:21:11 UTC	2022-11-30 17:26:15 UTC	64.233.165.157
gaut-hil.com (3)	342928	2020-07-09 20:17:47 UTC	2022-11-30 22:55:40 UTC	3.208.247.235

Scan Date	Severity	Indicator	Comment
2022-12-01	2	swimmings.flu.cc/	Malware
2022-12-01	2	linksecurecd.com/service-worker.js	Phishing

Date	UQ / IDS / BL	URL	IP
2023-02-01 11:45:48 +0000	0 - 0 - 1	cx3kc.hp1001.com/html/4_1078.html	72.52.179.174
2023-02-01 10:34:34 +0000	0 - 0 - 1	a8qg5.hp1001.com/cate/7_402.html	72.52.179.174
2023-02-01 06:35:42 +0000	0 - 0 - 1	61.hp1001.com/	72.52.179.174
2023-01-30 07:17:33 +0000	0 - 0 - 1	ta.hp1001.com/show/5_9148.html	72.52.179.174
2023-01-30 06:31:55 +0000	0 - 0 - 12	6e5.hp1001.com/html/4_18.html	72.52.179.174

Date	UQ / IDS / BL	URL	IP
2023-02-01 21:47:13 +0000	0 - 0 - 1	www.vova.com/pt/Criativo-Bonito-Swan-Gel-Cane (...)	69.16.230.226
2023-02-01 18:55:33 +0000	0 - 0 - 1	8c4d591d.ithemeshosting.com.php73-39.lan3-1.w (...)	184.106.55.134
2023-02-01 16:10:39 +0000	0 - 0 - 9	www.newtelegraphng.com/investigation-obstruct (...)	67.227.172.38
2023-02-01 15:00:48 +0000	0 - 2 - 0	growcurriculum.org/SubscribeNow_Prep_PreK	72.52.134.16
2023-02-01 14:00:55 +0000	0 - 0 - 10	kadyotube.com/lib/thumb/?src=kadyotube.com/th (...)	67.227.226.240

Date	UQ / IDS / BL	URL	IP
2022-12-01 01:48:45 +0000	0 - 0 - 2	swimmings.flu.cc/	72.52.179.174
2022-11-25 20:30:28 +0000	0 - 0 - 2	dec.namani.flu.cc/vrs/sl5/lok/panel/pvqdq929b (...)	72.52.179.174
2022-11-24 11:36:47 +0000	0 - 0 - 36	dec.namani.flu.cc/vrs/sl5/lok/panel/pvqdq929b (...)	72.52.179.174
2022-11-23 17:17:48 +0000	0 - 0 - 5	bennnet.flu.cc/ml/vrs/ptb/lok/panel/pvqdq929b (...)	72.52.179.174
2022-11-23 17:17:48 +0000	0 - 0 - 5	namani.flu.cc/ml/vrs/pn2/lok/panel/pvqdq929bs (...)	72.52.179.174

Date	UQ / IDS / BL	URL	IP
2023-02-01 06:35:42 +0000	0 - 0 - 1	61.hp1001.com/	72.52.179.174
2023-02-01 05:56:21 +0000	0 - 0 - 1	askiven.com/when-is-mary-nam-due-to-have-her- (...)	69.16.230.42
2023-02-01 05:28:50 +0000	0 - 0 - 2	kxivlxy.wy5532.com/	162.210.196.167
2023-01-31 02:43:46 +0000	0 - 0 - 1	blackbigtube.com/black-porn-video/wankz-ebony (...)	69.16.230.42
2023-01-30 03:11:17 +0000	0 - 0 - 1	rp.seroteforoh.com/?pcrc=1196592868&v=2.0	77.247.179.82

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13148 Expires: Thu, 01 Dec 2022 05:27:41 GMT Date: Thu, 01 Dec 2022 01:48:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a5daf4dc99951793ae2315d4795e8146 Sha1: 4427507ca4d3a5632cc8f598afbc85e2195d00bd Sha256: 94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4598 Cache-Control: max-age=122364 Date: Thu, 01 Dec 2022 01:48:33 GMT Etag: "638730f7-1d7" Expires: Fri, 02 Dec 2022 11:47:57 GMT Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT Server: ECS (ska/F718) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: f3cf023c797da81728c0ac84c8759331 Sha1: fa07c5e39e4b0741ea484101cccb2202acea9d9c Sha256: 5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 01 Dec 2022 01:19:45 GMT cache-control: public,max-age=3600 age: 1728 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18116 Expires: Thu, 01 Dec 2022 06:50:29 GMT Date: Thu, 01 Dec 2022 01:48:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6d9d34c96b9a826ae5676640c966469c Sha1: 8052a16d41a637e420478b7de1ff5a2dc951fccd Sha256: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: V2c7esFlxOR8LGp5Cbw1cQtufRVTXXyEtGGpzQiijrTx/hBXjHYAcqw/Xi8HvfAvJWTQdt1xxq4= x-amz-request-id: 9WZD72E5G04RGXTX content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 01 Dec 2022 01:46:05 GMT age: 148 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 01 Dec 2022 01:48:33 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET / HTTP/1.1 Host: swimmings.flu.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: swimmings.flu.cc/ FQDN: swimmings.flu.cc IP: 72.52.179.174 HASH: 08ac4674705a729f5cca26c27616dc85b29df751ec9675cdef4426574eabf4bf 72.52.179.174 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Thu, 01 Dec 2022 01:48:33 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By: PHP/5.4.16 Keep-Alive: timeout=5, max=68 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (616) Size: 2224 Md5: 889348cf272daa9e707124e473e25108 Sha1: 4e64458775bde05899828bf563831d62c90aea61 Sha256: 08ac4674705a729f5cca26c27616dc85b29df751ec9675cdef4426574eabf4bf Alerts: Blocklists: - fortinet: Malware
GET /page/bouncy.php?&bpae=GbhGdL3GtUx%2FjnO0L57eOtdiGx%2FabLMDTTTQBK679yvv7J6xupBd8iAIDoK0H9KWofemnc7OzjWhxXH4NDikbmMbAnMXZmQnd4Iym8dQd392Fj8OkvOv5TS%2BN9mGfrSEnZYNwn5Mo9P1vpi3%2BM0gAeVCsTQ6FyQ1P2Nwcg%2FimgFcZFIVRxe48FeP9%2B0j%2BnQEJzzwuwYvbyhoidHPZGEkRtOLHxKrZV0MsJHe8cEpJQPafj4kPDD%2BxpagJna1VUG9Q137vD4p4693qGpIwD2XKt5UUTm8qGFipDsOmNYEFNxF1j3Ze7gdyY%2F7YJEBGuCj7PjXDUBPFSCkuse87DQCuSONpnf4T%2BDZmdmy2ssLGB0Pz9IGLNXY88W7xYORIkeVJbb8MrueF11Fva2W0LbJRXFwJQlSmy2EuZ9aLCoF921Pudd7npKWkZxXAIBRv3sQwWbYmo%2FNci71a4zxQch2YSTZ8EFQ3Go7Z0cJyyc%2FxKUeJOCf0YE%3D&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1 Host: swimmings.flu.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://swimmings.flu.cc/ Upgrade-Insecure-Requests: 1	URL: swimmings.flu.cc/page/bouncy.php?&bpae=GbhGdL3GtUx%2Fjn (...) FQDN: swimmings.flu.cc IP: 72.52.179.174 HASH: 3a7840759686c8fbdf1e3aee93a27d821daae97a6d3259851eff52d3c4cf4c64 72.52.179.174 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Thu, 01 Dec 2022 01:48:33 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By: PHP/5.4.16 Keep-Alive: timeout=5, max=66 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text Size: 982 Md5: 993c976063c2a671888224e5791b7a68 Sha1: d36f59a384e7902c882b021cc2eeb2898875b41e Sha256: 3a7840759686c8fbdf1e3aee93a27d821daae97a6d3259851eff52d3c4cf4c64
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 01 Dec 2022 01:08:56 GMT cache-control: public,max-age=3600 age: 2378 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4592 Cache-Control: max-age=117289 Date: Thu, 01 Dec 2022 01:48:34 GMT Etag: "63871d2b-1d7" Expires: Fri, 02 Dec 2022 10:23:24 GMT Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT Server: ECS (ska/F718) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: cfdd00e67ee6ca21712b867eb5288ab6 Sha1: b61d5d6ec3b7ad71619e13e32c87f2d01871b88a Sha256: f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: ZS+fQsUqUO8L3np06aZmPA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.37.79.227 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.37.79.227 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: b0Bzn2Ckoh4/LiTS4opW1r+NltA= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: 89f90903159fb365751dc10b84144dafc0fb35ad9e0908aad72de91a9d445f36 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=120274 Date: Thu, 01 Dec 2022 01:48:34 GMT Etag: "63873ac4-1d7" Expires: Fri, 02 Dec 2022 11:13:08 GMT Last-Modified: Wed, 30 Nov 2022 11:13:08 GMT Server: nginx X-Cache: Miss from cloudfront Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: Z3Eru6-ATN2q0dK9oSuAGt0zaDmVD00eJKqDrkM3ErbJmsP3L-z7OQ== --- Additional Info --- Magic: data Size: 471 Md5: 917d79a56468c073f6373d60d42d2e2c Sha1: 7fb822a354ee502287a1627803ed3663e716493b Sha256: 89f90903159fb365751dc10b84144dafc0fb35ad9e0908aad72de91a9d445f36
GET /favicon.ico HTTP/1.1 Host: gaut-hil.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaut-hil.com/zcredirect?visitid=43815073-711a-11ed-9520-0a302b0961bb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: gaut-hil.com/favicon.ico FQDN: gaut-hil.com IP: 3.208.247.235 HASH: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8 3.208.247.235 HTTP/2 404 Not Found content-type: text/html;charset=utf-8 date: Thu, 01 Dec 2022 01:48:34 GMT content-length: 653 cache-control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' content-language: en server: Bdjfkxpn X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators Size: 653 Md5: ba2732b1b2fa2626ffaa15f62f9e7d66 Sha1: 203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /zcvisitor/43815073-711a-11ed-9520-0a302b0961bb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=5fe288d0-1df8-11ed-a07d-12beee04f19b HTTP/1.1 Host: gaut-hil.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://swimmings.flu.cc/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: gaut-hil.com/zcvisitor/43815073-711a-11ed-9520-0a302b09 (...) FQDN: gaut-hil.com IP: 3.208.247.235 HASH: 23329f875c7896511955670509a946e860fccf66089857feb91dc348b8337f0d 3.208.247.235 HTTP/2 200 OK content-type: text/html;charset=UTF-8 date: Thu, 01 Dec 2022 01:48:34 GMT cache-control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag server: VEzBRMez X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 1098 Md5: 2f064525217846ead39f8f666facd2b3 Sha1: 716fb03fd919404004379a6e2e63fd380748b45b Sha256: 23329f875c7896511955670509a946e860fccf66089857feb91dc348b8337f0d
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: 77b24628a279a923612e120fbbbd68f2803eb774ef331bfa5cbbd182159d6f76 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=129966 Date: Thu, 01 Dec 2022 01:48:35 GMT Etag: "638760a1-1d7" Expires: Fri, 02 Dec 2022 13:54:41 GMT Last-Modified: Wed, 30 Nov 2022 13:54:41 GMT Server: nginx X-Cache: Miss from cloudfront Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: n4VhlxBJKTm-t2TbBryDF5s3oUh5t2kRu0WuETtG9YkMhsh0pKEGrA== --- Additional Info --- Magic: data Size: 471 Md5: 3dda734bca411145ad3d0fa3fa26980e Sha1: 6cef37bae2ac274ac3dbd451716a38cd0d5fedec Sha256: 77b24628a279a923612e120fbbbd68f2803eb774ef331bfa5cbbd182159d6f76
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 01:48:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 608e4d04a251ebcd51660e801f388303 Sha1: fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d Sha256: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 01:48:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 608e4d04a251ebcd51660e801f388303 Sha1: fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d Sha256: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js FQDN: www.gstatic.com IP: 142.250.74.35 HASH: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7 142.250.74.35 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 10017 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 30 Nov 2022 10:16:35 GMT expires: Thu, 30 Nov 2023 10:16:35 GMT cache-control: public, max-age=31536000 age: 55920 last-modified: Thu, 10 May 2018 20:35:52 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (35547) Size: 10017 Md5: fa9987a23f5a9d865766e952511baa30 Sha1: f2e620b99ee61a01671ba6a9e22ca75d58a1b52d Sha256: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.gstatic.com/firebasejs/5.0.2/firebase-app.js FQDN: www.gstatic.com IP: 142.250.74.35 HASH: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5 142.250.74.35 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 8604 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 24 Nov 2022 21:48:07 GMT expires: Fri, 24 Nov 2023 21:48:07 GMT cache-control: public, max-age=31536000 age: 532828 last-modified: Thu, 10 May 2018 20:35:51 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (25088) Size: 8604 Md5: 73069e532b7039778d3a7128c997c61a Sha1: c523bbf1ac7f4e612c8ade75434c42fbca885adc Sha256: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: c266575b4a9441198599f3056ce792e3eea9cc40925e092b790c408c687ecaf9 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C266575B4A9441198599F3056CE792E3EEA9CC40925E092B790C408C687ECAF9" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17625 Expires: Thu, 01 Dec 2022 06:42:20 GMT Date: Thu, 01 Dec 2022 01:48:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 17e004eb3096fcb9902f830fc4d38856 Sha1: ad5b467cfdc5860003a559902ac00fb0231f651c Sha256: c266575b4a9441198599f3056ce792e3eea9cc40925e092b790c408c687ecaf9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: b201111434a493e2fe9513e0cb6c000f0e192dba19fbe5c811008ba6278ac031 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B201111434A493E2FE9513E0CB6C000F0E192DBA19FBE5C811008BA6278AC031" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15720 Expires: Thu, 01 Dec 2022 06:10:35 GMT Date: Thu, 01 Dec 2022 01:48:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: fce98c91fa92df2af1f67ac4c4c3ed3b Sha1: ce66af4a004edfbeea22889c30ac5a7cd36b6935 Sha256: b201111434a493e2fe9513e0cb6c000f0e192dba19fbe5c811008ba6278ac031
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: c266575b4a9441198599f3056ce792e3eea9cc40925e092b790c408c687ecaf9 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C266575B4A9441198599F3056CE792E3EEA9CC40925E092B790C408C687ECAF9" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4772 Expires: Thu, 01 Dec 2022 03:08:07 GMT Date: Thu, 01 Dec 2022 01:48:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 17e004eb3096fcb9902f830fc4d38856 Sha1: ad5b467cfdc5860003a559902ac00fb0231f651c Sha256: c266575b4a9441198599f3056ce792e3eea9cc40925e092b790c408c687ecaf9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: c266575b4a9441198599f3056ce792e3eea9cc40925e092b790c408c687ecaf9 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C266575B4A9441198599F3056CE792E3EEA9CC40925E092B790C408C687ECAF9" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17290 Expires: Thu, 01 Dec 2022 06:36:45 GMT Date: Thu, 01 Dec 2022 01:48:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 17e004eb3096fcb9902f830fc4d38856 Sha1: ad5b467cfdc5860003a559902ac00fb0231f651c Sha256: c266575b4a9441198599f3056ce792e3eea9cc40925e092b790c408c687ecaf9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: b201111434a493e2fe9513e0cb6c000f0e192dba19fbe5c811008ba6278ac031 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B201111434A493E2FE9513E0CB6C000F0E192DBA19FBE5C811008BA6278AC031" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8994 Expires: Thu, 01 Dec 2022 04:18:29 GMT Date: Thu, 01 Dec 2022 01:48:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: fce98c91fa92df2af1f67ac4c4c3ed3b Sha1: ce66af4a004edfbeea22889c30ac5a7cd36b6935 Sha256: b201111434a493e2fe9513e0cb6c000f0e192dba19fbe5c811008ba6278ac031
GET /prod/push-subscriber.js HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/prod/push-subscriber.js FQDN: cdn.smrt-assets.com IP: 95.101.10.10 HASH: 6ec5fc6e201f4cf0ba2754f2510363cad0ea29076f9775cc25a06ff71763c0f7 95.101.10.10 HTTP/1.1 200 OK Content-Type: application/javascript Last-Modified: Tue, 29 Mar 2022 15:19:51 GMT ETag: "6b5bccad39f7057909ad0660f33cc2fa" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: EWR52-C3 X-Amz-Cf-Id: ZYeyEUjVfozwVHu4cvD2yRWXyoEpdjgR_UyNsFpXUKnSHG4ckehEag== Vary: Accept-Encoding Content-Encoding: gzip Date: Thu, 01 Dec 2022 01:48:35 GMT Content-Length: 4395 Connection: keep-alive --- Additional Info --- Magic: ASCII text Size: 4395 Md5: d87a44d0aa0b54e75b2eb54c76bcf152 Sha1: f765110fd22c73d181d9a2ea1b20de424b3d9e35 Sha256: 6ec5fc6e201f4cf0ba2754f2510363cad0ea29076f9775cc25a06ff71763c0f7
GET /assets/1387/js/backoffer.js HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/assets/1387/js/backoffer.js FQDN: cdn.smrt-assets.com IP: 95.101.10.10 HASH: 33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388 95.101.10.10 HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 660 Last-Modified: Thu, 06 May 2021 12:38:04 GMT ETag: "e7e1dc07852a36f89e4be03aa3787316" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: JFK51-C1 X-Amz-Cf-Id: Ct4gwLcTloBEVOXNAkPHVE_nt09klAc2VQmBXL2NgHnXp5GYhbW-rA== Date: Thu, 01 Dec 2022 01:48:35 GMT Connection: keep-alive --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 660 Md5: e7e1dc07852a36f89e4be03aa3787316 Sha1: 0dc3f8e7eb943af093cf8f4600fcf0e421891025 Sha256: 33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388
GET /assets/1142/js/translates.js HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/assets/1142/js/translates.js FQDN: cdn.smrt-assets.com IP: 95.101.10.10 HASH: 382c5561b9f4f1ee785de83a1f6318d386ccfb3514c7ef83713ba3f23625a28e 95.101.10.10 HTTP/1.1 200 OK Content-Type: text/javascript Last-Modified: Tue, 02 Feb 2021 10:27:46 GMT ETag: "2aaad6f608837c3d11d469676fbf05e3" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: IAD66-C1 X-Amz-Cf-Id: WTtUIo8enDmV4D2EzAPrJlWU3BVR6f42wnMDg0zq-U_bG1dl2MokFw== Vary: Accept-Encoding Content-Encoding: gzip Date: Thu, 01 Dec 2022 01:48:35 GMT Content-Length: 21300 Connection: keep-alive --- Additional Info --- Magic: Unicode text, UTF-8 text Size: 21300 Md5: 582399a53fc62aec6fa84af0518fec31 Sha1: e9f50fad9612f9a966dbacab1e10038408a1850d Sha256: 382c5561b9f4f1ee785de83a1f6318d386ccfb3514c7ef83713ba3f23625a28e
GET /assets/1142/css/style.css HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/assets/1142/css/style.css FQDN: cdn.smrt-assets.com IP: 95.101.10.10 HASH: 716556d461e3b88c9fcce874b691854ede2b1f89c85ae4153af2e346a4fdcfe1 95.101.10.10 HTTP/1.1 200 OK Content-Type: text/css Last-Modified: Tue, 02 Feb 2021 10:31:49 GMT ETag: "29eb03319f4fa23d5f0ffb577e211144" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: EWR52-C3 X-Amz-Cf-Id: do1tK3VUzP8vs0q5Md8AyVLNy-qbUeMlibFBvtnf8bN2CuxLJkKKYg== Unused62: 8096267 Vary: Accept-Encoding Content-Encoding: gzip Date: Thu, 01 Dec 2022 01:48:35 GMT Content-Length: 1748 Connection: keep-alive --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 1748 Md5: 09310f1400ff9f06ebf7b88e5593c729 Sha1: f071ec3fd651bf38aadb68fa75286d5efda61461 Sha256: 716556d461e3b88c9fcce874b691854ede2b1f89c85ae4153af2e346a4fdcfe1
GET /assets/2081/js/jquery-3.6.0.min.js HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/assets/2081/js/jquery-3.6.0.min.js FQDN: cdn.smrt-assets.com IP: 95.101.10.10 HASH: 92bea561347f34bbdc95382b896b8fe5241566ef5ab9e1c4fa16a80aa9774820 95.101.10.10 HTTP/1.1 200 OK Content-Type: text/javascript Last-Modified: Mon, 07 Mar 2022 07:24:21 GMT ETag: "8fb8fee4fcc3cc86ff6c724154c49c42" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: EWR52-C3 X-Amz-Cf-Id: YdDvCAfApuBeJikH0egfR2oFmxLcwFkvANQk_0CVOQRzDU8r5103bQ== Vary: Accept-Encoding Content-Encoding: gzip Date: Thu, 01 Dec 2022 01:48:35 GMT Content-Length: 30947 Connection: keep-alive --- Additional Info --- Magic: ASCII text, with very long lines (65447) Size: 30947 Md5: 1ecabf74ccd963b3bc7a4d95c2250354 Sha1: 1237612dd439c3f5bd6352a29295ff4b4cc5f753 Sha256: 92bea561347f34bbdc95382b896b8fe5241566ef5ab9e1c4fa16a80aa9774820
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 01:48:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 608e4d04a251ebcd51660e801f388303 Sha1: fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d Sha256: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
GET /prod/push-lang-config.js HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/prod/push-lang-config.js FQDN: cdn.smrt-assets.com IP: 95.101.10.10 HASH: fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11 95.101.10.10 HTTP/1.1 200 OK Content-Type: application/javascript Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT ETag: "7152525f63649929a736f6efb78b58a5" x-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: JFK51-C1 X-Amz-Cf-Id: EyZZgpjeSVI5bZ65quK1ibmASd3k9YGFQNJJw86sflsz5sUolQ5lig== Vary: Accept-Encoding Content-Encoding: gzip Date: Thu, 01 Dec 2022 01:48:35 GMT Content-Length: 2366 Connection: keep-alive --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (7658), with no line terminators Size: 2366 Md5: 86caa25373c28e4a962df5e15f4c160f Sha1: 7a992cdd21a4074c155ccc7016e7cf836a66dd85 Sha256: fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2654 Expires: Thu, 01 Dec 2022 02:32:49 GMT Date: Thu, 01 Dec 2022 01:48:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a97c452e75cf1d4833e777d7ba7f2c47 Sha1: 58f15763fd33f742ce870f49f1c2dbed5b41205f Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2654 Expires: Thu, 01 Dec 2022 02:32:49 GMT Date: Thu, 01 Dec 2022 01:48:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a97c452e75cf1d4833e777d7ba7f2c47 Sha1: 58f15763fd33f742ce870f49f1c2dbed5b41205f Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2654 Expires: Thu, 01 Dec 2022 02:32:49 GMT Date: Thu, 01 Dec 2022 01:48:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a97c452e75cf1d4833e777d7ba7f2c47 Sha1: 58f15763fd33f742ce870f49f1c2dbed5b41205f Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2654 Expires: Thu, 01 Dec 2022 02:32:49 GMT Date: Thu, 01 Dec 2022 01:48:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a97c452e75cf1d4833e777d7ba7f2c47 Sha1: 58f15763fd33f742ce870f49f1c2dbed5b41205f Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8740 x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cP7SqHjYIAMF8xw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw== via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 13:21:34 GMT age: 44821 etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8740 Md5: 26d6dffbf400da4803a2e76e2a8ef2f8 Sha1: 2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8 Sha256: 04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c90c80dd5cadbde3fef20a9c4561b1efa47401e5f6bdf64c91246553c50204f0 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7957 x-amzn-requestid: 54f43d6b-cf41-4067-b459-6b8d98869354 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cV91PGgNIAMF2Xg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63857687-069ac54c22797a511c69a220;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: B4x-V_KZGERwIhr_eGik5Npj5mKN6CbI9pdrNU2I8gFCGYKQVuu3dA== via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 05:38:39 GMT age: 72596 etag: "01a07f9a5725f608fafeced7b3d1ebdbcb776c29" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7957 Md5: 37004182402c955f288eb1fa8df7aef4 Sha1: 01a07f9a5725f608fafeced7b3d1ebdbcb776c29 Sha256: c90c80dd5cadbde3fef20a9c4561b1efa47401e5f6bdf64c91246553c50204f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d5701207a8b6b358359ebfd85a6916af7a3abf79acba235bf7d4131b0bc2e9b5 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 2382 x-amzn-requestid: 94ae079e-ec35-4e9c-aa30-33be1137c477 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cTRYNHPeIAMFncg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6384629a-386ca2063c3991d4749e18cf;Sampled=0 x-amzn-remapped-date: Mon, 28 Nov 2022 07:26:18 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 6hcyQXOxk36UdAHQkayqoUCfBxaKkDk407cfakceLUQBX4PlYwd5tg== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 12:36:46 GMT age: 47509 etag: "b3eaec75f854d22cd1dcd6aa42e37f6d0df50036" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 2382 Md5: f5469e846da1e0f21cfc480f56a656a6 Sha1: b3eaec75f854d22cd1dcd6aa42e37f6d0df50036 Sha256: d5701207a8b6b358359ebfd85a6916af7a3abf79acba235bf7d4131b0bc2e9b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F350e8884-8903-4779-8a0c-bb74e9168bfb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 0cb64a9a33f66b92eed5a591b6c368f3d74363941d8876e553a8ea6aaa547590 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4199 x-amzn-requestid: d7983896-c4a5-4133-9b0e-51ac412cf732 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cZttXFcZIAMFmJg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6386f655-139cd6a82eaa934d5d411029;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 06:21:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 91_Pv2sUA4286BEZXTKFctgZOrzWy6VWFDGiUV3_p_QnyckRDFb-lw== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 21:51:29 GMT age: 14226 etag: "07fafbd614cdb49f20bceea29d5e684725d3bdf6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4199 Md5: 4fd5f7a9e04d27654062b3e18b8aecca Sha1: 07fafbd614cdb49f20bceea29d5e684725d3bdf6 Sha256: 0cb64a9a33f66b92eed5a591b6c368f3d74363941d8876e553a8ea6aaa547590
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac125ad4-8001-4f7b-a27e-5f3c4f979358.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: fd9bc5cfa9db9999ceba780a3c801663ae3a9d115fc968f633800da2a680d49c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6036 x-amzn-requestid: 9867bb66-8624-4fe5-943f-2752e038cd22 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cb0YoE3YoAMFSWQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6387cdd0-1710e0052c8bf19c06b6011e;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT x-amz-cf-pop: SEA19-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: RXKIjgAm-fxCv0Wadim_1BwhuUkcAmZRPXUB9gT_qnEkREplaGZpkg== via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 21:45:30 GMT age: 14585 etag: "4593bb86a0a61eccab43063cb3c0c797abea5b46" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6036 Md5: 83e8a8c500dbcb636ad4a57a10de8adf Sha1: 4593bb86a0a61eccab43063cb3c0c797abea5b46 Sha256: fd9bc5cfa9db9999ceba780a3c801663ae3a9d115fc968f633800da2a680d49c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6b1394-57be-42ed-ad12-94fa7a0b4be7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7609 x-amzn-requestid: 1a464872-7c15-42d3-a12a-f344adf99662 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cV91PHVUoAMFf4Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63857687-3f77f387752222b212d6e2a5;Sampled=0 x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: mh5slfAqC8Jrbw6WLAI_GN9oftGPLXy0W75ZvD_XBcoBukkYT9wVsQ== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 05:21:42 GMT age: 73613 etag: "b3d22d146c6094cb539de40a72b9c5a140802ee5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7609 Md5: 0d0219e6bee2a28f003f396f872eecf0 Sha1: b3d22d146c6094cb539de40a72b9c5a140802ee5 Sha256: 41c1b037e8e654c19f36b74cceccd1fc841cc9fb7de39ac552ab5089dc3e82db
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: 577a636045e6c035b317f4d4238cd987b332b7360740de321b191e68bc4a7b21 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Thu, 01 Dec 2022 01:48:35 GMT Etag: "6386a000-1d7" Last-Modified: Thu, 01 Dec 2022 00:47:31 GMT Server: ECS (dcb/7ECA) X-Cache: Miss from cloudfront Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: AfRzx8OfsjuyEhbfxMk7o5J8tbzrRPzO2hmAbB6MKT8pb5l_yghDyQ== Age: 3664 --- Additional Info --- Magic: data Size: 471 Md5: bf4aeaed488335e78f3cc434e4e139f1 Sha1: 426fd1c4ea9308709a1656b5b94c6021af36e4a6 Sha256: 577a636045e6c035b317f4d4238cd987b332b7360740de321b191e68bc4a7b21
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 01:48:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 33f732b4dfbd5fb3ed7345eba2896fe6 Sha1: 2652f214cf7127302cc65b1d4e42f48a80907d5d Sha256: 904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
GET /assets/1142/images/908435.jpg HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cdn.smrt-assets.com/assets/1142/css/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: cdn.smrt-assets.com/assets/1142/images/908435.jpg FQDN: cdn.smrt-assets.com IP: 95.101.10.10 HASH: 780bd637bb06ad6a4cdb941e7d9545deb332213dca714359ec238a6078dd6597 95.101.10.10 HTTP/1.1 200 OK Content-Type: image/jpeg Content-Length: 55519 Last-Modified: Tue, 02 Feb 2021 10:31:27 GMT ETag: "39f57a6ea8cfaf12b1cf1e9960819ab4" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: EWR52-C3 X-Amz-Cf-Id: Oq2XSRXUx5KwgbE8ToXg7RDyFIWcRWvQBJKtpqmSiGhhyqF4QFsSKA== Date: Thu, 01 Dec 2022 01:48:35 GMT Connection: keep-alive --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1973x544, components 3\012- data Size: 55519 Md5: 39f57a6ea8cfaf12b1cf1e9960819ab4 Sha1: fa514b4d1f7a2ab7ef3bf0aff731fa33cd2449ca Sha256: 780bd637bb06ad6a4cdb941e7d9545deb332213dca714359ec238a6078dd6597
GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: 792892beadc4543e5274ef6ae2566953c4df0098d2b2066634f3d60a2bf320a3 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 01 Dec 2022 01:48:35 GMT expires: Thu, 01 Dec 2022 01:48:35 GMT cache-control: private, max-age=900 last-modified: Thu, 01 Dec 2022 00:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 47241 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1921) Size: 47241 Md5: eca865a353a1c3a98f9d73b7e853f26b Sha1: 18628f4db5d2b8c3058f5245537740c1bfafcde2 Sha256: 792892beadc4543e5274ef6ae2566953c4df0098d2b2066634f3d60a2bf320a3
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 01:48:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 33f732b4dfbd5fb3ed7345eba2896fe6 Sha1: 2652f214cf7127302cc65b1d4e42f48a80907d5d Sha256: 904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
GET /api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead} HTTP/1.1 Host: tsyndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4ca (...) FQDN: tsyndicate.com IP: 136.243.83.47 HASH: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 136.243.83.47 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 01 Dec 2022 01:48:36 GMT content-length: 35 pragma: no-cache expires: 0 vary: * x-api-version: 1 x-request-id: db4754d4b3caa4de set-cookie: ts_rt_3f949dfe-3372-4caa-baf0-047f88323cfa=ANmUCUOmR4kbQgQSPEjEBJwwZ8rYSVPmThmDCB9GnFixDMOA; expires=Fri, 01 Dec 2023 01:48:36 GMT; path=/; HttpOnly; secure; SameSite=None cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag: none, noindex, nofollow report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: c2196de8ba412c60c22ab491af7b1409 Sha1: 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /assets/1373/other/favicon.ico HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/assets/1373/other/favicon.ico FQDN: cdn.smrt-assets.com IP: 95.101.10.10 HASH: 314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97 95.101.10.10 HTTP/1.1 200 OK Content-Type: image/x-icon Content-Length: 1150 Last-Modified: Wed, 28 Apr 2021 11:28:55 GMT ETag: "38722a803b73dd1871a3d8a19db44d2f" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: EWR53-C1 X-Amz-Cf-Id: hRGwTMWM9126KynU_hBy09kCvTZ65FQe2UvG17pu3CCa6ZCk7SC7Iw== Date: Thu, 01 Dec 2022 01:48:36 GMT Connection: keep-alive --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size: 1150 Md5: 38722a803b73dd1871a3d8a19db44d2f Sha1: 3379960a2c6611bfefcb39e662198d6df322e12d Sha256: 314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
GET /service-worker.js HTTP/1.1 Host: linksecurecd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Cookie: gdm_uid_v1_1_001=DmcfL1AJSEI9rKNoZbH/mON/XVpGD/dOVMDi6iGoTbdGPAaFuULSIx6DLC0pN+YA; gdm_visit_freq_v1_1_001=CY6kMI1cMWu7B85RwQ9BICcR0A9rA1No5HpSv0ymyIU=; v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5aqWonPlQ+FsrUT0gl3jDAo=; gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; gdm_visit_freq_v2_1_001=CY6kMI1cMWu7B85RwQ9BICcR0A9rA1No5HpSv0ymyIU=; gdm_uid_v2_1_001=DmcfL1AJSEI9rKNoZbH/mON/XVpGD/dOVMDi6iGoTbdGPAaFuULSIx6DLC0pN+YA; gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5aqWonPlQ+FsrUT0gl3jDAo= Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	URL: linksecurecd.com/service-worker.js FQDN: linksecurecd.com IP: 52.208.36.79 HASH: e0850d9cfed6697ef9e2873acccdb7dcf2d1e5051be54414e7daa11206848375 52.208.36.79 HTTP/2 200 OK content-type: text/javascript;charset=utf-8 date: Thu, 01 Dec 2022 01:48:36 GMT server: nginx vary: Accept-Encoding, Accept-Encoding cache-control: no-cache, must-revalidate pragma: no-cache expires: Sat, 1 May 2020 12:00:00 GMT access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Java source, ASCII text, with very long lines (10690) Size: 9238 Md5: 2370a85b88869a7d6bd04e46a4b97610 Sha1: 9759488c87f6ae419d384d5c3e98b3ad26257a83 Sha256: e0850d9cfed6697ef9e2873acccdb7dcf2d1e5051be54414e7daa11206848375 Alerts: Blocklists: - fortinet: Phishing
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google-analytics.com/analytics.js FQDN: www.google-analytics.com IP: 142.250.74.14 HASH: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e 142.250.74.14 HTTP/2 200 OK content-type: text/javascript strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20039 date: Thu, 01 Dec 2022 00:46:55 GMT expires: Thu, 01 Dec 2022 02:46:55 GMT cache-control: public, max-age=7200 age: 3701 last-modified: Tue, 27 Sep 2022 22:01:05 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1325) Size: 20039 Md5: 47e6f374ca946fddd5b59871b325736c Sha1: baa9282efc8785e84d247c3bff518eaa45f101c4 Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
POST /j/collect?v=1&_v=j98&a=1858923649&t=pageview&_s=1&dl=https%3A%2F%2Flinksecurecd.com%2Fsmartlink%2F%3Fa%3D52677%26sm%3D110%26s2%3Dwvfh026jf4r93prk2coee8dq&dr=https%3A%2F%2Fgaut-hil.com%2F&ul=en-us&de=UTF-8&dt=Best%20dating%20worldwide%20%3C3&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=1845301771&gjid=889225551&cid=1593602342.1669859315&tid=UA-179148962-2&_gid=529835955.1669859315&_r=1&gtm=2wgbs0TR8VQRX&z=83165262 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://linksecurecd.com Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.google-analytics.com/j/collect?v=1&_v=j98&a=1858923 (...) FQDN: www.google-analytics.com IP: 142.250.74.14 HASH: de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af 142.250.74.14 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: https://linksecurecd.com date: Thu, 01 Dec 2022 01:48:36 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 2 Md5: cc7a1e792bca8ccb1946b7a07f6dbc03 Sha1: 11a2757082428311f587b7664fa9840376137f80 Sha256: de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: defc4e348dab57d8a71ea0f8d245f165dd12709944a4f01f09af8b68137984a9 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=90577 Date: Thu, 01 Dec 2022 01:48:36 GMT Etag: "6386b0da-1d7" Expires: Fri, 02 Dec 2022 02:58:13 GMT Last-Modified: Wed, 30 Nov 2022 01:24:42 GMT Server: ECS (bsa/EB1A) X-Cache: Miss from cloudfront Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: V2ccW78ekQ1RxeANvPK67hvE-FSNWuI1D7lLnIocx0GO0LaTiGq_2Q== Age: 5611 --- Additional Info --- Magic: data Size: 471 Md5: ea642213bbbf1d03e8f6de37a0b4f988 Sha1: 78898acb8102daf05f65e12cb5d5cbe8046452da Sha256: defc4e348dab57d8a71ea0f8d245f165dd12709944a4f01f09af8b68137984a9
GET /assets/1142/video/0881.mp4 HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/assets/1142/video/0881.mp4 FQDN: cdn.smrt-assets.com IP: 95.101.10.10 HASH: 65a008cc718990beaea59388cfce3432d2eeae6f6a6d86f2175509929cce0f73 95.101.10.10 HTTP/1.1 206 Partial Content Content-Type: video/mp4 Last-Modified: Tue, 23 Feb 2021 09:44:47 GMT ETag: "202800ae586847c70ded553afe023ae9" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: JFK50-P7 X-Amz-Cf-Id: HoO_TIo8L3GzEIqEkq3KwHDlKpykNNix08i-VvsIYuLMSICCavnqYA== Date: Thu, 01 Dec 2022 01:48:35 GMT Content-Range: bytes 0-928110/928111 Content-Length: 928111 Connection: keep-alive --- Additional Info --- Magic: ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size: 295384 Md5: 5fa7d3acdd5ca8005f0594aa64bb220e Sha1: b8e4776c47d51cbf93d6a2880d798d2d8410d78f Sha256: 65a008cc718990beaea59388cfce3432d2eeae6f6a6d86f2175509929cce0f73
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=1593602342.1669859315&jid=1845301771&gjid=889225551&_gid=529835955.1669859315&_u=YADAAEAAAAAAACAAI~&z=229779802 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://linksecurecd.com Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_ (...) FQDN: stats.g.doubleclick.net IP: 64.233.165.157 HASH: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b 64.233.165.157 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: https://linksecurecd.com strict-transport-security: max-age=10886400; includeSubDomains; preload date: Thu, 01 Dec 2022 01:48:36 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 1 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: very short file (no magic) Size: 1 Md5: c4ca4238a0b923820dcc509a6f75849b Sha1: 356a192b7913b04c54574d18c28d46e6395428ab Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /color?x=1&forScheme=aHR0cHM6Ly9saW5rc2VjdXJlY2QuY29tL3NtYXJ0bGluay8/YT01MjY3NyZzbT0xMTAmczI9d3ZmaDAyNmpmNHI5M3ByazJjb2VlOGRx HTTP/1.1 Host: guard.cdtbox.rocks User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://linksecurecd.com Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: guard.cdtbox.rocks/color?x=1&forScheme=aHR0cHM6Ly9saW5r (...) FQDN: guard.cdtbox.rocks IP: 3.211.105.4 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.211.105.4 HTTP/2 204 No Content date: Thu, 01 Dec 2022 01:48:36 GMT server: nginx vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 01 Dec 2022 01:48:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 5d950b70d3b1532276ed817249b72618 Sha1: dca7faf727b8afdd481c8f8bcc3e9129fdadadc3 Sha256: afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /g/collect?v=2&tid=G-C3EPRPS8FB&gtm=2oebs0&_p=1858923649&cid=1593602342.1669859315&ul=en-us&sr=1280x1024&_s=1&sid=1669859314&sct=1&seg=0&dl=https%3A%2F%2Flinksecurecd.com%2Fsmartlink%2F%3Fa%3D52677%26sm%3D110%26s2%3Dwvfh026jf4r93prk2coee8dq&dr=https%3A%2F%2Fgaut-hil.com%2F&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://linksecurecd.com Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRP (...) FQDN: region1.google-analytics.com IP: 216.239.32.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.32.36 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: https://linksecurecd.com date: Thu, 01 Dec 2022 01:48:36 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 21d5b5ec267430dba91b17f89a557aca5cd2a21535da18eb02ec69ed0e1b7371 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 13411 x-amzn-requestid: 17fcc4e1-76c1-4eca-9235-c1a513bca24a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cbz80FCQoAMFs1A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6387cd1e-26da4f265d74215f31425eb9;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: MttRByNp1C1ZeFFicFVa0w3XRyXJnUycPy2Izk8hzGEgXGdDqD3L3A== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google date: Wed, 30 Nov 2022 21:48:17 GMT age: 14425 etag: "63bfa2ea925aa2c188c664a7bf7af7b0e5417e60" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13411 Md5: 328ce221bcf3442f88d09373193ff594 Sha1: 63bfa2ea925aa2c188c664a7bf7af7b0e5417e60 Sha256: 21d5b5ec267430dba91b17f89a557aca5cd2a21535da18eb02ec69ed0e1b7371
GET /smartlink/?a=52677&sm=110&s2=wvfh026jf4r93prk2coee8dq HTTP/1.1 Host: linksecurecd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://gaut-hil.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: linksecurecd.com/smartlink/?a=52677&sm=110&s2=wvfh026jf (...) FQDN: linksecurecd.com IP: 52.208.36.79 52.208.36.79 HTTP/2 200 OK content-type: text/html;charset=utf-8 date: Thu, 01 Dec 2022 01:48:35 GMT server: nginx vary: Accept-Encoding, Accept-Encoding set-cookie: gdm_uid_v1_1_001=DmcfL1AJSEI9rKNoZbH/mON/XVpGD/dOVMDi6iGoTbdGPAaFuULSIx6DLC0pN+YA; Domain=.linksecurecd.com; Expires=Wed, 01-Mar-2023 01:48:35 GMT; Path=/ gdm_visit_freq_v1_1_001=CY6kMI1cMWu7B85RwQ9BICcR0A9rA1No5HpSv0ymyIU=; Domain=.linksecurecd.com; Expires=Wed, 01-Mar-2023 01:48:35 GMT; Path=/ v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5aqWonPlQ+FsrUT0gl3jDAo=; Domain=.linksecurecd.com; Expires=Wed, 01-Mar-2023 01:48:35 GMT; Path=/; Secure; SameSite=None gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.linksecurecd.com; Expires=Wed, 01-Mar-2023 01:48:35 GMT; Path=/ gdm_visit_freq_v2_1_001=CY6kMI1cMWu7B85RwQ9BICcR0A9rA1No5HpSv0ymyIU=; Domain=.linksecurecd.com; Expires=Wed, 01-Mar-2023 01:48:35 GMT; Path=/; Secure; SameSite=None gdm_uid_v2_1_001=DmcfL1AJSEI9rKNoZbH/mON/XVpGD/dOVMDi6iGoTbdGPAaFuULSIx6DLC0pN+YA; Domain=.linksecurecd.com; Expires=Wed, 01-Mar-2023 01:48:35 GMT; Path=/; Secure; SameSite=None gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.linksecurecd.com; Expires=Wed, 01-Mar-2023 01:48:35 GMT; Path=/; Secure; SameSite=None v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5aqWonPlQ+FsrUT0gl3jDAo=; Domain=.linksecurecd.com; Expires=Wed, 01-Mar-2023 01:48:35 GMT; Path=/ cache-control: no-cache, must-revalidate pragma: no-cache expires: Sat, 1 May 2020 12:00:00 GMT access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /zcredirect?visitid=43815073-711a-11ed-9520-0a302b0961bb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 Host: gaut-hil.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaut-hil.com/zcvisitor/43815073-711a-11ed-9520-0a302b0961bb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=5fe288d0-1df8-11ed-a07d-12beee04f19b Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers	URL: gaut-hil.com/zcredirect?visitid=43815073-711a-11ed-9520 (...) FQDN: gaut-hil.com IP: 3.208.247.235 3.208.247.235 HTTP/2 200 OK content-type: text/html;charset=UTF-8 date: Thu, 01 Dec 2022 01:48:34 GMT cache-control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag redirected: JS server: Bdjfkxpn X-Firefox-Spdy: h2 --- Additional Info ---
GET /user-segments/?pid=TH HTTP/1.1 Host: statisticresearch.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: statisticresearch.com/user-segments/?pid=TH FQDN: statisticresearch.com IP: 52.204.249.38 52.204.249.38 HTTP/2 200 OK date: Thu, 01 Dec 2022 01:48:35 GMT server: nginx X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4598 

                                        
                                            
Cache-Control: max-age=122364 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:33 GMT 

                                        
                                            
Etag: "638730f7-1d7" 

                                        
                                            
Expires: Fri, 02 Dec 2022 11:47:57 GMT 

                                        
                                            
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT 

                                        
                                            
Server: ECS (ska/F718) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    f3cf023c797da81728c0ac84c8759331

                                                Sha1:   fa07c5e39e4b0741ea484101cccb2202acea9d9c

                                                Sha256: 5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=18116 

                                        
                                            
Expires: Thu, 01 Dec 2022 06:50:29 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:33 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    6d9d34c96b9a826ae5676640c966469c

                                                Sha1:   8052a16d41a637e420478b7de1ff5a2dc951fccd

                                                Sha256: f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 01 Dec 2022 01:48:33 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /page/bouncy.php?&bpae=GbhGdL3GtUx%2FjnO0L57eOtdiGx%2FabLMDTTTQBK679yvv7J6xupBd8iAIDoK0H9KWofemnc7OzjWhxXH4NDikbmMbAnMXZmQnd4Iym8dQd392Fj8OkvOv5TS%2BN9mGfrSEnZYNwn5Mo9P1vpi3%2BM0gAeVCsTQ6FyQ1P2Nwcg%2FimgFcZFIVRxe48FeP9%2B0j%2BnQEJzzwuwYvbyhoidHPZGEkRtOLHxKrZV0MsJHe8cEpJQPafj4kPDD%2BxpagJna1VUG9Q137vD4p4693qGpIwD2XKt5UUTm8qGFipDsOmNYEFNxF1j3Ze7gdyY%2F7YJEBGuCj7PjXDUBPFSCkuse87DQCuSONpnf4T%2BDZmdmy2ssLGB0Pz9IGLNXY88W7xYORIkeVJbb8MrueF11Fva2W0LbJRXFwJQlSmy2EuZ9aLCoF921Pudd7npKWkZxXAIBRv3sQwWbYmo%2FNci71a4zxQch2YSTZ8EFQ3Go7Z0cJyyc%2FxKUeJOCf0YE%3D&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1 

                                        
                                            
Host: swimmings.flu.cc

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://swimmings.flu.cc/ 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         72.52.179.174

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:33 GMT 

                                        
                                            
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 

                                        
                                            
X-Powered-By: PHP/5.4.16 

                                        
                                            
Keep-Alive: timeout=5, max=66 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text

                                                Size:   982

                                                Md5:    993c976063c2a671888224e5791b7a68

                                                Sha1:   d36f59a384e7902c882b021cc2eeb2898875b41e

                                                Sha256: 3a7840759686c8fbdf1e3aee93a27d821daae97a6d3259851eff52d3c4cf4c64

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4592 

                                        
                                            
Cache-Control: max-age=117289 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:34 GMT 

                                        
                                            
Etag: "63871d2b-1d7" 

                                        
                                            
Expires: Fri, 02 Dec 2022 10:23:24 GMT 

                                        
                                            
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT 

                                        
                                            
Server: ECS (ska/F718) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    cfdd00e67ee6ca21712b867eb5288ab6

                                                Sha1:   b61d5d6ec3b7ad71619e13e32c87f2d01871b88a

                                                Sha256: f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         143.204.42.88

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=120274 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:34 GMT 

                                        
                                            
Etag: "63873ac4-1d7" 

                                        
                                            
Expires: Fri, 02 Dec 2022 11:13:08 GMT 

                                        
                                            
Last-Modified: Wed, 30 Nov 2022 11:13:08 GMT 

                                        
                                            
Server: nginx 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: Z3Eru6-ATN2q0dK9oSuAGt0zaDmVD00eJKqDrkM3ErbJmsP3L-z7OQ== 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    917d79a56468c073f6373d60d42d2e2c

                                                Sha1:   7fb822a354ee502287a1627803ed3663e716493b

                                                Sha256: 89f90903159fb365751dc10b84144dafc0fb35ad9e0908aad72de91a9d445f36

                                        
                                            GET /zcvisitor/43815073-711a-11ed-9520-0a302b0961bb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=5fe288d0-1df8-11ed-a07d-12beee04f19b HTTP/1.1 

                                        
                                            
Host: gaut-hil.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://swimmings.flu.cc/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         3.208.247.235

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html;charset=UTF-8

                                        

                                        
                                            
date: Thu, 01 Dec 2022 01:48:34 GMT 

                                        
                                            
cache-control: no-store, no-cache, pre-check=0, post-check=0 

                                        
                                            
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: GET,POST,OPTIONS 

                                        
                                            
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag 

                                        
                                            
server: VEzBRMez 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   1098

                                                Md5:    2f064525217846ead39f8f666facd2b3

                                                Sha1:   716fb03fd919404004379a6e2e63fd380748b45b

                                                Sha256: 23329f875c7896511955670509a946e860fccf66089857feb91dc348b8337f0d

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:35 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    608e4d04a251ebcd51660e801f388303

                                                Sha1:   fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d

                                                Sha256: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

                                        
                                            GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 

                                        
                                            
Host: www.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.35

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" 

                                        
                                            
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} 

                                        
                                            
content-length: 10017 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Wed, 30 Nov 2022 10:16:35 GMT 

                                        
                                            
expires: Thu, 30 Nov 2023 10:16:35 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 55920 

                                        
                                            
last-modified: Thu, 10 May 2018 20:35:52 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (35547)

                                                Size:   10017

                                                Md5:    fa9987a23f5a9d865766e952511baa30

                                                Sha1:   f2e620b99ee61a01671ba6a9e22ca75d58a1b52d

                                                Sha256: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C266575B4A9441198599F3056CE792E3EEA9CC40925E092B790C408C687ECAF9" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=17625 

                                        
                                            
Expires: Thu, 01 Dec 2022 06:42:20 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:35 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    17e004eb3096fcb9902f830fc4d38856

                                                Sha1:   ad5b467cfdc5860003a559902ac00fb0231f651c

                                                Sha256: c266575b4a9441198599f3056ce792e3eea9cc40925e092b790c408c687ecaf9

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C266575B4A9441198599F3056CE792E3EEA9CC40925E092B790C408C687ECAF9" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4772 

                                        
                                            
Expires: Thu, 01 Dec 2022 03:08:07 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:35 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    17e004eb3096fcb9902f830fc4d38856

                                                Sha1:   ad5b467cfdc5860003a559902ac00fb0231f651c

                                                Sha256: c266575b4a9441198599f3056ce792e3eea9cc40925e092b790c408c687ecaf9

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "B201111434A493E2FE9513E0CB6C000F0E192DBA19FBE5C811008BA6278AC031" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8994 

                                        
                                            
Expires: Thu, 01 Dec 2022 04:18:29 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:35 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    fce98c91fa92df2af1f67ac4c4c3ed3b

                                                Sha1:   ce66af4a004edfbeea22889c30ac5a7cd36b6935

                                                Sha256: b201111434a493e2fe9513e0cb6c000f0e192dba19fbe5c811008ba6278ac031

                                        
                                            GET /assets/1387/js/backoffer.js HTTP/1.1 

                                        
                                            
Host: cdn.smrt-assets.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.10.10

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/javascript

                                        

                                        
                                            
Content-Length: 660 

                                        
                                            
Last-Modified: Thu, 06 May 2021 12:38:04 GMT 

                                        
                                            
ETag: "e7e1dc07852a36f89e4be03aa3787316" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
X-Amz-Cf-Pop: JFK51-C1 

                                        
                                            
X-Amz-Cf-Id: Ct4gwLcTloBEVOXNAkPHVE_nt09klAc2VQmBXL2NgHnXp5GYhbW-rA== 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:35 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   660

                                                Md5:    e7e1dc07852a36f89e4be03aa3787316

                                                Sha1:   0dc3f8e7eb943af093cf8f4600fcf0e421891025

                                                Sha256: 33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388

                                        
                                            GET /assets/1142/css/style.css HTTP/1.1 

                                        
                                            
Host: cdn.smrt-assets.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.10.10

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
Last-Modified: Tue, 02 Feb 2021 10:31:49 GMT 

                                        
                                            
ETag: "29eb03319f4fa23d5f0ffb577e211144" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
X-Amz-Cf-Pop: EWR52-C3 

                                        
                                            
X-Amz-Cf-Id: do1tK3VUzP8vs0q5Md8AyVLNy-qbUeMlibFBvtnf8bN2CuxLJkKKYg== 

                                        
                                            
Unused62: 8096267 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:35 GMT 

                                        
                                            
Content-Length: 1748 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   1748

                                                Md5:    09310f1400ff9f06ebf7b88e5593c729

                                                Sha1:   f071ec3fd651bf38aadb68fa75286d5efda61461

                                                Sha256: 716556d461e3b88c9fcce874b691854ede2b1f89c85ae4153af2e346a4fdcfe1

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:35 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    608e4d04a251ebcd51660e801f388303

                                                Sha1:   fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d

                                                Sha256: cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2654 

                                        
                                            
Expires: Thu, 01 Dec 2022 02:32:49 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:35 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    a97c452e75cf1d4833e777d7ba7f2c47

                                                Sha1:   58f15763fd33f742ce870f49f1c2dbed5b41205f

                                                Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1" 

                                        
                                            
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2654 

                                        
                                            
Expires: Thu, 01 Dec 2022 02:32:49 GMT 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:35 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    a97c452e75cf1d4833e777d7ba7f2c47

                                                Sha1:   58f15763fd33f742ce870f49f1c2dbed5b41205f

                                                Sha256: 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8740 

                                        
                                            
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cP7SqHjYIAMF8xw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw== 

                                        
                                            
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 30 Nov 2022 13:21:34 GMT 

                                        
                                            
age: 44821 

                                        
                                            
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8740

                                                Md5:    26d6dffbf400da4803a2e76e2a8ef2f8

                                                Sha1:   2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8

                                                Sha256: 04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 2382 

                                        
                                            
x-amzn-requestid: 94ae079e-ec35-4e9c-aa30-33be1137c477 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cTRYNHPeIAMFncg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6384629a-386ca2063c3991d4749e18cf;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 28 Nov 2022 07:26:18 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: 6hcyQXOxk36UdAHQkayqoUCfBxaKkDk407cfakceLUQBX4PlYwd5tg== 

                                        
                                            
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 30 Nov 2022 12:36:46 GMT 

                                        
                                            
age: 47509 

                                        
                                            
etag: "b3eaec75f854d22cd1dcd6aa42e37f6d0df50036" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   2382

                                                Md5:    f5469e846da1e0f21cfc480f56a656a6

                                                Sha1:   b3eaec75f854d22cd1dcd6aa42e37f6d0df50036

                                                Sha256: d5701207a8b6b358359ebfd85a6916af7a3abf79acba235bf7d4131b0bc2e9b5

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac125ad4-8001-4f7b-a27e-5f3c4f979358.png HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6036 

                                        
                                            
x-amzn-requestid: 9867bb66-8624-4fe5-943f-2752e038cd22 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cb0YoE3YoAMFSWQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6387cdd0-1710e0052c8bf19c06b6011e;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: RXKIjgAm-fxCv0Wadim_1BwhuUkcAmZRPXUB9gT_qnEkREplaGZpkg== 

                                        
                                            
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 30 Nov 2022 21:45:30 GMT 

                                        
                                            
age: 14585 

                                        
                                            
etag: "4593bb86a0a61eccab43063cb3c0c797abea5b46" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6036

                                                Md5:    83e8a8c500dbcb636ad4a57a10de8adf

                                                Sha1:   4593bb86a0a61eccab43063cb3c0c797abea5b46

                                                Sha256: fd9bc5cfa9db9999ceba780a3c801663ae3a9d115fc968f633800da2a680d49c

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         143.204.42.88

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:35 GMT 

                                        
                                            
Etag: "6386a000-1d7" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 00:47:31 GMT 

                                        
                                            
Server: ECS (dcb/7ECA) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: AfRzx8OfsjuyEhbfxMk7o5J8tbzrRPzO2hmAbB6MKT8pb5l_yghDyQ== 

                                        
                                            
Age: 3664 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    bf4aeaed488335e78f3cc434e4e139f1

                                                Sha1:   426fd1c4ea9308709a1656b5b94c6021af36e4a6

                                                Sha256: 577a636045e6c035b317f4d4238cd987b332b7360740de321b191e68bc4a7b21

                                        
                                            GET /assets/1142/images/908435.jpg HTTP/1.1 

                                        
                                            
Host: cdn.smrt-assets.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://cdn.smrt-assets.com/assets/1142/css/style.css 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         95.101.10.10

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
Content-Length: 55519 

                                        
                                            
Last-Modified: Tue, 02 Feb 2021 10:31:27 GMT 

                                        
                                            
ETag: "39f57a6ea8cfaf12b1cf1e9960819ab4" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
X-Amz-Cf-Pop: EWR52-C3 

                                        
                                            
X-Amz-Cf-Id: Oq2XSRXUx5KwgbE8ToXg7RDyFIWcRWvQBJKtpqmSiGhhyqF4QFsSKA== 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:35 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1973x544, components 3\012- data

                                                Size:   55519

                                                Md5:    39f57a6ea8cfaf12b1cf1e9960819ab4

                                                Sha1:   fa514b4d1f7a2ab7ef3bf0aff731fa33cd2449ca

                                                Sha256: 780bd637bb06ad6a4cdb941e7d9545deb332213dca714359ec238a6078dd6597

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:36 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    33f732b4dfbd5fb3ed7345eba2896fe6

                                                Sha1:   2652f214cf7127302cc65b1d4e42f48a80907d5d

                                                Sha256: 904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494

                                        
                                            GET /assets/1373/other/favicon.ico HTTP/1.1 

                                        
                                            
Host: cdn.smrt-assets.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.10.10

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/x-icon

                                        

                                        
                                            
Content-Length: 1150 

                                        
                                            
Last-Modified: Wed, 28 Apr 2021 11:28:55 GMT 

                                        
                                            
ETag: "38722a803b73dd1871a3d8a19db44d2f" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
X-Amz-Cf-Pop: EWR53-C1 

                                        
                                            
X-Amz-Cf-Id: hRGwTMWM9126KynU_hBy09kCvTZ65FQe2UvG17pu3CCa6ZCk7SC7Iw== 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:36 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data

                                                Size:   1150

                                                Md5:    38722a803b73dd1871a3d8a19db44d2f

                                                Sha1:   3379960a2c6611bfefcb39e662198d6df322e12d

                                                Sha256: 314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97

                                        
                                            GET /analytics.js HTTP/1.1 

                                        
                                            
Host: www.google-analytics.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.14

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript

                                        

                                        
                                            
strict-transport-security: max-age=10886400; includeSubDomains; preload 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 20039 

                                        
                                            
date: Thu, 01 Dec 2022 00:46:55 GMT 

                                        
                                            
expires: Thu, 01 Dec 2022 02:46:55 GMT 

                                        
                                            
cache-control: public, max-age=7200 

                                        
                                            
age: 3701 

                                        
                                            
last-modified: Tue, 27 Sep 2022 22:01:05 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (1325)

                                                Size:   20039

                                                Md5:    47e6f374ca946fddd5b59871b325736c

                                                Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4

                                                Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         143.204.42.88

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=90577 

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:36 GMT 

                                        
                                            
Etag: "6386b0da-1d7" 

                                        
                                            
Expires: Fri, 02 Dec 2022 02:58:13 GMT 

                                        
                                            
Last-Modified: Wed, 30 Nov 2022 01:24:42 GMT 

                                        
                                            
Server: ECS (bsa/EB1A) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: V2ccW78ekQ1RxeANvPK67hvE-FSNWuI1D7lLnIocx0GO0LaTiGq_2Q== 

                                        
                                            
Age: 5611 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    ea642213bbbf1d03e8f6de37a0b4f988

                                                Sha1:   78898acb8102daf05f65e12cb5d5cbe8046452da

                                                Sha256: defc4e348dab57d8a71ea0f8d245f165dd12709944a4f01f09af8b68137984a9

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=1593602342.1669859315&jid=1845301771&gjid=889225551&_gid=529835955.1669859315&_u=YADAAEAAAAAAACAAI~&z=229779802 HTTP/1.1 

                                        
                                            
Host: stats.g.doubleclick.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Content-Length: 0 

                                        
                                            
Origin: https://linksecurecd.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         64.233.165.157

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
access-control-allow-origin: https://linksecurecd.com 

                                        
                                            
strict-transport-security: max-age=10886400; includeSubDomains; preload 

                                        
                                            
date: Thu, 01 Dec 2022 01:48:36 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
last-modified: Sun, 17 May 1998 03:00:00 GMT 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  very short file (no magic)

                                                Size:   1

                                                Md5:    c4ca4238a0b923820dcc509a6f75849b

                                                Sha1:   356a192b7913b04c54574d18c28d46e6395428ab

                                                Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 01 Dec 2022 01:48:36 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    5d950b70d3b1532276ed817249b72618

                                                Sha1:   dca7faf727b8afdd481c8f8bcc3e9129fdadadc3

                                                Sha256: afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb53953-3f6b-43ee-95d9-fb65d133745f.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 13411 

                                        
                                            
x-amzn-requestid: 17fcc4e1-76c1-4eca-9235-c1a513bca24a 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cbz80FCQoAMFs1A= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6387cd1e-26da4f265d74215f31425eb9;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: MttRByNp1C1ZeFFicFVa0w3XRyXJnUycPy2Izk8hzGEgXGdDqD3L3A== 

                                        
                                            
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 30 Nov 2022 21:48:17 GMT 

                                        
                                            
age: 14425 

                                        
                                            
etag: "63bfa2ea925aa2c188c664a7bf7af7b0e5417e60" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   13411

                                                Md5:    328ce221bcf3442f88d09373193ff594

                                                Sha1:   63bfa2ea925aa2c188c664a7bf7af7b0e5417e60

                                                Sha256: 21d5b5ec267430dba91b17f89a557aca5cd2a21535da18eb02ec69ed0e1b7371

                                        
                                            GET /zcredirect?visitid=43815073-711a-11ed-9520-0a302b0961bb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 

                                        
                                            
Host: gaut-hil.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://gaut-hil.com/zcvisitor/43815073-711a-11ed-9520-0a302b0961bb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=5fe288d0-1df8-11ed-a07d-12beee04f19b 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         3.208.247.235

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html;charset=UTF-8

                                        

                                        
                                            
date: Thu, 01 Dec 2022 01:48:34 GMT 

                                        
                                            
cache-control: no-store, no-cache, pre-check=0, post-check=0 

                                        
                                            
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: GET,POST,OPTIONS 

                                        
                                            
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag 

                                        
                                            
redirected: JS 

                                        
                                            
server: Bdjfkxpn 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	swimmings.flu.cc/
IP	72.52.179.174 (United States)
ASN	#32244 LIQUIDWEB
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-01 01:48:45 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	2
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (21)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 72.52.179.174

Last 5 reports on ASN: LIQUIDWEB

Last 5 reports on domain: flu.cc

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (21)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (61)

Overview

Domain Summary (21)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 72.52.179.174

Last 5 reports on ASN: LIQUIDWEB

Last 5 reports on domain: flu.cc

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (21)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (61)

Network Intrusion Detection Systems