surveyandprize.com/16d3c98b40d6?cid=__SID__&s1=__CAMPAIGN_NAME__&s2=__SID__&s3=__GROUP_NAME__&s4=__AD_ID__
172.67.140.104301 Moved Permanently 178 B URL HTTP/1.1 surveyandprize.com/16d3c98b40d6?cid=__SID__&s1=__CAMPAIGN_NAME__&s2=__SID__&s3=__GROUP_NAME__&s4=__AD_ID__
IP 172.67.140.104:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
GET /16d3c98b40d6?cid=__SID__&s1=__CAMPAIGN_NAME__&s2=__SID__&s3=__GROUP_NAME__&s4=__AD_ID__ HTTP/1.1
Host: surveyandprize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 15:10:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://surveyandprize.com/16d3c98b40d6?cid=__SID__&s1=__CAMPAIGN_NAME__&s2=__SID__&s3=__GROUP_NAME__&s4=__AD_ID__
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pP6Br52cJp%2BkHCfvoYya1f2r6gCr1EkQcA6MxdIeWcvwV6gpmYC8w7CvjE63m2yDDi6YqDTompfxlD4z0M03hz8l6yS97gDLI1q%2FMdjfLB3JPdPP6iNXPdvH%2FjCHvXiRMMpDBKI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774db52c7f3a0b3d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7248
Expires: Mon, 05 Dec 2022 17:11:05 GMT
Date: Mon, 05 Dec 2022 15:10:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2290
Cache-Control: max-age=158352
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 15:10:17 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:09:29 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 14:18:29 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3108
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6372
Expires: Mon, 05 Dec 2022 16:56:29 GMT
Date: Mon, 05 Dec 2022 15:10:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: l+adFMX2bxvniNDRI+onq3WoSYKI/MTv6jRaMeZkXVHwSgti52oJWWpRith3Dzips3kOPWI5mEg=
x-amz-request-id: GMD50VRQMRXJXE3M
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 14:48:01 GMT
age: 1336
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 15:10:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/R3_dc96KRAc
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/R3_dc96KRAc
IP 216.58.211.3:0
Hash a2392d051fe9e56f5bc1716bcc863381
783ce4eeb242fbf87b0a8f3987d7844b22cd8b42
9eb688add68923faad62af348723a3b10d442df1e7865c0a257e8da829be8659
POST /s/gts1p5/R3_dc96KRAc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 15:10:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 15:08:58 GMT
cache-control: public,max-age=3600
age: 79
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/R3_dc96KRAc
216.58.211.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/R3_dc96KRAc
IP 216.58.211.3:0
Hash a2392d051fe9e56f5bc1716bcc863381
783ce4eeb242fbf87b0a8f3987d7844b22cd8b42
9eb688add68923faad62af348723a3b10d442df1e7865c0a257e8da829be8659
POST /s/gts1p5/R3_dc96KRAc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 15:10:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2284
Cache-Control: max-age=153279
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 15:10:17 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:44:56 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6c20991e3087468a8f9254baace6d92
28bc5f22015d74ccfe8d17afe8403c5a86fdaf52
7a864147c8abd93f5b00f7609cc13fc32209367d1b8db88df8c512606a187c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A864147C8ABD93F5B00F7609CC13FC32209367D1B8DB88DF8C512606A187C0F"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Mon, 05 Dec 2022 21:09:56 GMT
Date: Mon, 05 Dec 2022 15:10:18 GMT
Connection: keep-alive
push.services.mozilla.com/
52.38.198.114101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.198.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GuGIiFh+bJAe404Tjd3mnA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9Se1PBZyY8lmXrhlh3pXX2uI35k=
cdn-adef.akamaized.net/landings/276749/1667549459/js/js.cockie.min.js?1667549459
23.36.76.96200 OK 921 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/js/js.cockie.min.js?1667549459
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
Hash 6c307d971abe87d1227e2bacc3107095
15a47c8081de7ea966cc1340acec5fcfc20ba0c4
3da6c4c6d3ee4791c2c3c185c8ccf9f648495822c233e6da6cccd1b6dc5015b0
GET /landings/276749/1667549459/js/js.cockie.min.js?1667549459 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: V7+2B27pJAm1iwPtxFKVSdcqqZyRUdJMI0kqs7OdPS5vfrQ9HNY5qaxFjYy1gjUCz5bVNltOW0E=
x-amz-request-id: Z9WYZY47547H7RJ2
Last-Modified: Fri, 04 Nov 2022 08:11:02 GMT
ETag: "ee34078cc4ca5f836c668cdabfea8637"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 15:10:18 GMT
Content-Length: 921
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/js/main.js?1667549459
23.36.76.96200 OK 4.4 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/js/main.js?1667549459
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13869), with no line terminators
Hash b1cbebc265f63e3e277f087f6504a3d7
35a6a2d1de369cb7a7ee0995c236a2f3d28f4bb9
86e32c3cf8debad4bc58b3c44956e12fe438c09b9be11fd3f25dc579cdd00a4f
GET /landings/276749/1667549459/js/main.js?1667549459 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 1Wu/Az81TyWjo9yhB2swuWZNaXYqCaaKsHnI9Dv5s8C+FEBH2P0u4swqKxSFiNroUPv6IxcSuXs=
x-amz-request-id: Z9WVQN5MBT4AJ6PW
Last-Modified: Fri, 04 Nov 2022 08:11:02 GMT
ETag: "fa76cc927644bf39031009d4d0de72a5"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 15:10:18 GMT
Content-Length: 4417
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash ddb79f844e7109157c6cf19f499182e7
bdb9ad68a4e7839bc12e747126912aed534e6b49
234bdf2a86ff2778a4ad176afa5e383acb17484034963ed9d7afa9ac3ff5a688
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 15:10:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 09 Dec 2022 13:20:24 GMT
ETag: "bdb9ad68a4e7839bc12e747126912aed534e6b49"
Last-Modified: Mon, 05 Dec 2022 13:20:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774db535abf9b509-OSL
cdn-adef.akamaized.net/landings/276749/1667549459/css/style.css?1667549459
23.36.76.96200 OK 3.6 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/css/style.css?1667549459
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4501)
Hash 144d7f2e38f20e9d0806fde87f603c37
1677f12a200ad084b122dcf6bfc8899b086e84ed
681fef6d5e1ae5f100754791900c5e37832c14a6b29e3af87a4a4e750e5aef1a
GET /landings/276749/1667549459/css/style.css?1667549459 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 6IrG5DKVgziiiN+HIUuncbhPi97JkWtDC/MwDGHTUcwebxEwRuhSAPMKgCiWgbCGOui8+2vwHzY=
x-amz-request-id: Z9WX2N9E91VSHR9Z
Last-Modified: Fri, 04 Nov 2022 08:11:02 GMT
ETag: "c4ba128cd0fe49849995dad15a5fada8"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 15:10:18 GMT
Content-Length: 3623
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
api.imotech.video/ad/events.js?pixel_id=902760083831232256
104.166.188.188200 OK 6.1 kB URL HTTP/2 api.imotech.video/ad/events.js?pixel_id=902760083831232256
IP 104.166.188.188:0
File type Unicode text, UTF-8 text, with very long lines (17299), with no line terminators
Hash 04e28f6f27e56120dbd628602d454aa8
bd60441a6df5ff0d634a18081fd958c08cea8d4e
2cc39d592792855eb5562cff1fc480c32634d9e7af315afcca0d983d8f0927ed
GET /ad/events.js?pixel_id=902760083831232256 HTTP/1.1
Host: api.imotech.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.13.6.1
date: Mon, 05 Dec 2022 15:10:18 GMT
content-type: application/json,application/javascript;charset=utf-8
content-length: 6084
access-control-allow-origin: *
content-encoding: gzip
cache-control: private, max-age=900
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/276749/1667549459/css/translate.css?1667549459
23.36.76.96200 OK 3.9 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/css/translate.css?1667549459
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (507)
Hash 9e91e6df425da74c2f91f99689e78164
8d356032ce7ea7d08671240edb6248ff2e6ecca8
5ac78e72c85f400d719a0702adb4a4eec3d45ccf9aa5c2f0c22435e4054f3838
GET /landings/276749/1667549459/css/translate.css?1667549459 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: MkKHUIPV5IIKaDgB4fLwEkdvHMyxRHxe+CNI3lkq1gTs0dtpCyUKxGZQ+mwHOdKA1ztMq1joI6Q=
x-amz-request-id: Z9WXA3QM6H283THQ
Last-Modified: Fri, 04 Nov 2022 08:11:02 GMT
ETag: "ddd8385212ed9ba4b8e4d7081b329f49"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 15:10:18 GMT
Content-Length: 3859
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9877ed12a52bd9de0588ef795aaaa316
a61dbd8c5951affa9fe1113a55dcc6fdee573621
b6d2fb28b7222e0e87274c223d3a3377b201574acecbed15c74be6cedd6b5b5f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6D2FB28B7222E0E87274C223D3A3377B201574ACECBED15C74BE6CEDD6B5B5F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 05 Dec 2022 21:10:19 GMT
Date: Mon, 05 Dec 2022 15:10:19 GMT
Connection: keep-alive
cdn-adef.akamaized.net/landings/276749/1667549459/js/bootstrap.bundle.min.js?1667549459
23.36.76.96200 OK 22 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/js/bootstrap.bundle.min.js?1667549459
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65297)
Hash 26a35e8554f5379012cdb3541c056614
6c2ab99fdae64b45ee5de6bd20306ccf74010b31
f3d0c6f375c1a8df7151872a097a80894059ea0f8e875f7b1e3d69848e39b331
GET /landings/276749/1667549459/js/bootstrap.bundle.min.js?1667549459 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: bDU1y/L+Rb7hj2UTJaKf6bCxD5ysJFrPJRWbWqE6ZyR6gOWIVpASfRYlNaTujY9l/KBkMoKTpx0=
x-amz-request-id: Z9WQXYFVHY2YN0RV
Last-Modified: Fri, 04 Nov 2022 08:11:02 GMT
ETag: "a454220fc07088bf1fdd19313b6bfd50"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 15:10:19 GMT
Content-Length: 22291
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn.stfilecamp.com/stormtrk.js?1667549459
205.185.216.10200 OK 6.5 kB URL HTTP/2 cdn.stfilecamp.com/stormtrk.js?1667549459
IP 205.185.216.10:0
Hash 469e121bb4c4fe159bbca2b4f5a88267
f0c66f226de28b324e4f1ecb766597938f984c60
4706b6d6c3e39cf2915a772595f2cc124e96d0919538b56aa817113e6482c416
Analyzer Verdict Alert fortinet Phishing
GET /stormtrk.js?1667549459 HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 15:10:19 GMT
accept-ranges: bytes
cache-control: max-age=3600
content-length: 6502
content-type: text/javascript
x-hw: 1670253018.dop021.sk1.t,1670253018.cds065.sk1.hn,1670253018.cds246.sk1.p
x-rgw-object-type: Normal
etag: "469e121bb4c4fe159bbca2b4f5a88267"
x-amz-request-id: tx0000000000000756a7814-00638e09db-213dd0f0-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Tue, 07 Sep 2021 08:59:42 GMT
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/276749/1667549459/css/bootstrap.min.css?1667549459
23.36.76.96200 OK 23 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/css/bootstrap.min.css?1667549459
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65324)
Hash 3d90c74155068750f4679e4dd7d02546
2ea8ba0a9061264785cf369595b5d08c9e10de00
8789140c9b37fe624af1c131dd83ac3499cacbef3dad9069d0f4b437974c78ee
GET /landings/276749/1667549459/css/bootstrap.min.css?1667549459 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 7qui+4TNNIh1xmfLGkxRs/Wosacdar0G7cCEARg6onYzFRTH3MHUvyF3hFcMXl7T04yXEXP4Ypo=
x-amz-request-id: Z9WTWF7SHV384Q8Y
Last-Modified: Fri, 04 Nov 2022 08:11:02 GMT
ETag: "caa7d90f181e88033d4380aa9fc1e299"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 15:10:19 GMT
Content-Length: 22974
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
surveyandprize.com/16d3c98b40d6?cid=__SID__&s1=__CAMPAIGN_NAME__&s2=__SID__&s3=__GROUP_NAME__&s4=__AD_ID__
104.21.46.153302 Found 1.2 kB URL HTTP/2 surveyandprize.com/16d3c98b40d6?cid=__SID__&s1=__CAMPAIGN_NAME__&s2=__SID__&s3=__GROUP_NAME__&s4=__AD_ID__
IP 104.21.46.153:0
Hash 457bc9f3d83d0cb7f313206137b9f9a4
b232a58b14691783adb186765ca51f8165e105a1
0692cb54345ac399cb6f471c3cf544732b9a0e7420c8b4fd4a62795865f63e65
GET /16d3c98b40d6?cid=__SID__&s1=__CAMPAIGN_NAME__&s2=__SID__&s3=__GROUP_NAME__&s4=__AD_ID__ HTTP/1.1
Host: surveyandprize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 05 Dec 2022 15:10:17 GMT
content-type: text/html; charset=utf-8
location: https://qpdr.yourdatasecuritycenter.live/c/895f9b2ca59340cd?s1=__CAMPAIGN_NAME__&s2=__SID__&s3=__GROUP_NAME__&s4=__AD_ID__&s5=&s6=&sid1=&sid2=&sid3=&sid4=&sid5=&sid6=&cid=__SID__
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Xvoc9aaBVZpbCkfrrzlsA662lXklwZuQ%2FGuNXNT1s0bcKW6j%2FU%2FSLssgnVdi19dPFCH3ua3YpdwX6JqESPj5G99eaFT1JrBiwBY%2FsIAqHRq38wDuRBMogFZhsFGO386vziOu%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774db52f2983b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/276749/1667549459/js/second_back_multi_bigo.js?1667549459
23.36.76.96200 OK 814 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/js/second_back_multi_bigo.js?1667549459
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text
Hash 4f2812a2a1ed59657ca3e91a628b605c
99fab5e5db1721f9d78a3cde74bf98ba82d2e47e
f1c6fdb4403ef98a2b8d2f839d7a0fa1fc6460d992a327389219be751efb0b67
GET /landings/276749/1667549459/js/second_back_multi_bigo.js?1667549459 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: dk+APyxyLwoKY5ugInhcyKhwHrZooeo4BzYdRFLCRQJBQ3aXCcBqczC56GDeSAh0YUk4wIaZna4=
x-amz-request-id: J42TENTB0QTF14TT
Last-Modified: Fri, 04 Nov 2022 08:11:02 GMT
ETag: "96af925d55cad494665471c73ac01b04"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 15:10:19 GMT
Content-Length: 814
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8023
Expires: Mon, 05 Dec 2022 17:24:02 GMT
Date: Mon, 05 Dec 2022 15:10:19 GMT
Connection: keep-alive
cdn-adef.akamaized.net/landings/276749/1667549459/js/site-protect2.0.js?1667549459
23.36.76.96200 OK 1.1 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/js/site-protect2.0.js?1667549459
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
Hash c0b31646b3e848af88cf00fe0adb0171
9da7b450c71cfb71ded4b29bac67257a11ad0482
83ba96b1ce362c307684fcf93aba383c2a951cad3e5474807e9cbaa33f8c0556
GET /landings/276749/1667549459/js/site-protect2.0.js?1667549459 HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: obRwp6hRqvIs0rOzjmtO1bBtjCYoAEYzC8Jw1ys629mLmtiBatigEn7MYWXTjfjQKOE2nhCLFkE=
x-amz-request-id: J42XXV65MD2BZZ46
Last-Modified: Fri, 04 Nov 2022 08:11:02 GMT
ETag: "fc96ab06b0f9fcea6731405215ae5daf"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 15:10:19 GMT
Content-Length: 1068
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8023
Expires: Mon, 05 Dec 2022 17:24:02 GMT
Date: Mon, 05 Dec 2022 15:10:19 GMT
Connection: keep-alive
cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1667549459
192.241.132.237200 OK 92 kB URL HTTP/1.1 cdnjs.claudflare.io/ajax/libs/jquery/3.6.0/d/jquery.min.js?1667549459
IP 192.241.132.237:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65447)
Hash 3d852f172e694fcc72272cc9dd890808
dc5f5b5bb4ed6299a2dc086cdc19047995c89fc1
195a2deaba0dfcb4bbdd7ff485bfc4a9551e382fb5ec73080cdbb18291e41f92
Analyzer Verdict Alert quad9 Sinkholed
GET /ajax/libs/jquery/3.6.0/d/jquery.min.js?1667549459 HTTP/1.1
Host: cdnjs.claudflare.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Content-Type: application/javascript; charset=utf-8
Content-Length: 92373
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 17:54:28 GMT
Cache-Control: public, max-age=43200
Expires: Tue, 06 Dec 2022 03:10:19 GMT
ETag: "1669917268.9112382-92373-1670193373"
Date: Mon, 05 Dec 2022 15:10:19 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8023
Expires: Mon, 05 Dec 2022 17:24:02 GMT
Date: Mon, 05 Dec 2022 15:10:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 61638
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:41 GMT
age: 62258
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Og6pnDOmEW5oc9EtvKD8BtBojepI-ZSde8xxYGThfF6QNl-ZTQWqQQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 62673
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8ugcixaNsXG-AIHYCfoyOWa5zowv2lb4qwWc8o5_7SQc_0w5HW4mBw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:48 GMT
age: 62251
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RwhNdxS-EBTraqzS_TnCNXj3JXgz5NkO8oLyQaHOhHdtnvBbg4vsRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:13 GMT
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
age: 44706
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:01 GMT
age: 62778
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.imotech.video/ad/pixelfile.html
104.166.188.188200 OK 1.9 kB URL HTTP/2 api.imotech.video/ad/pixelfile.html
IP 104.166.188.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 276e9f07c55ed5404d2b4118da99c454
f3556fab4dbc2f9dc0ed954685e733466a44cae2
906f6effab44b23ce90ce63d03fea117c7a9346983bd27972b37f4085d561869
GET /ad/pixelfile.html HTTP/1.1
Host: api.imotech.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty/1.13.6.1
date: Mon, 05 Dec 2022 15:10:19 GMT
content-type: application/json,text/html;charset=utf-8
content-length: 1888
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/276749/1667549459/images/fr11.jpg
23.36.76.96200 OK 1.8 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/fr11.jpg
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 60x60, components 3\012- data
Hash ebec05883988459a846d6f4d9ae9a83c
0713dacaf7dabcfff66eeb152ea1a9603aa5e3ad
bf2cefe1532a0056e5d324ff5c56abf148f1036990ce4d7fe35353db18c339e2
GET /landings/276749/1667549459/images/fr11.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: mecjpmn2ImrDYYF2CGrUR4erQRWvgWQ2d0AbIsad7GnBwXXQCo2Eg6oAcQeowdn3F4tJ4WDDgnU=
x-amz-request-id: J42WKGT0KM2FYCC8
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "ebec05883988459a846d6f4d9ae9a83c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 1833
Date: Mon, 05 Dec 2022 15:10:19 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 339fea4c4b3c61eb74d2d8dfd7f1bb49
1f6a086f639b5e3cc6ade15253b925a5eecd9aa6
999e12d62146d32437a6ff550ad71966145bbd19c24d8b150a1ca720c1091c4e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161419
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 15:10:19 GMT
Etag: "638ddd66-117"
Expires: Wed, 07 Dec 2022 12:00:38 GMT
Last-Modified: Mon, 05 Dec 2022 12:00:38 GMT
Server: nginx
Content-Length: 279
api.imotech.video/bigoad/trackingview?it=1670253016781&title=(1)%20Amazon%3A%20Win%20free%20DangoBuds&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fqpdr.yourdatasecuritycenter.live%2Fc%2F895f9b2ca59340cd%3Fs1%3D__CAMPAIGN_NAME__%26s2%3D__SID__%26s3%3D__GROUP_NAME__%26s4%3D__AD_ID__%26s5%3D%26s6%3D%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D%26sid5%3D%26sid6%3D%26cid%3D__SID__&host=qpdr.yourdatasecuritycenter.live&cookie_id=BA1.1.4415648413.1670253017&session_id=BA1.1.2451688825.1670253017&pixel_id=902760083831232256&ts=1670253016788&extra=%7B%22action%22%3A%22init%22%2C%22wst%22%3A1236%2C%22lgt%22%3A2493%7D
104.166.188.188200 OK 104 B URL HTTP/2 api.imotech.video/bigoad/trackingview?it=1670253016781&title=(1)%20Amazon%3A%20Win%20free%20DangoBuds&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fqpdr.yourdatasecuritycenter.live%2Fc%2F895f9b2ca59340cd%3Fs1%3D__CAMPAIGN_NAME__%26s2%3D__SID__%26s3%3D__GROUP_NAME__%26s4%3D__AD_ID__%26s5%3D%26s6%3D%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D%26sid5%3D%26sid6%3D%26cid%3D__SID__&host=qpdr.yourdatasecuritycenter.live&cookie_id=BA1.1.4415648413.1670253017&session_id=BA1.1.2451688825.1670253017&pixel_id=902760083831232256&ts=1670253016788&extra=%7B%22action%22%3A%22init%22%2C%22wst%22%3A1236%2C%22lgt%22%3A2493%7D
IP 104.166.188.188:0
File type ASCII text, with no line terminators
Hash 1697c316e4cacfe3b86bd22ba2ad378c
7d7611b8c04691226448c8a00479f9afaed4ac8d
62a57a50e8f295c838489a016a1507d70ae4f70fb980af1a518b55983d80f18f
POST /bigoad/trackingview?it=1670253016781&title=(1)%20Amazon%3A%20Win%20free%20DangoBuds&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fqpdr.yourdatasecuritycenter.live%2Fc%2F895f9b2ca59340cd%3Fs1%3D__CAMPAIGN_NAME__%26s2%3D__SID__%26s3%3D__GROUP_NAME__%26s4%3D__AD_ID__%26s5%3D%26s6%3D%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D%26sid5%3D%26sid6%3D%26cid%3D__SID__&host=qpdr.yourdatasecuritycenter.live&cookie_id=BA1.1.4415648413.1670253017&session_id=BA1.1.2451688825.1670253017&pixel_id=902760083831232256&ts=1670253016788&extra=%7B%22action%22%3A%22init%22%2C%22wst%22%3A1236%2C%22lgt%22%3A2493%7D HTTP/1.1
Host: api.imotech.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qpdr.yourdatasecuritycenter.live
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: openresty/1.13.6.1
date: Mon, 05 Dec 2022 15:10:19 GMT
content-type: application/json
content-length: 104
X-Firefox-Spdy: h2
api.imotech.video/bigoad/trackingview?it=1670253016781&title=(1)%20Amazon%3A%20Win%20free%20DangoBuds&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fqpdr.yourdatasecuritycenter.live%2Fc%2F895f9b2ca59340cd%3Fs1%3D__CAMPAIGN_NAME__%26s2%3D__SID__%26s3%3D__GROUP_NAME__%26s4%3D__AD_ID__%26s5%3D%26s6%3D%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D%26sid5%3D%26sid6%3D%26cid%3D__SID__&host=qpdr.yourdatasecuritycenter.live&cookie_id=BA1.1.4415648413.1670253017&session_id=BA1.1.2451688825.1670253017&pixel_id=902760083831232256&ts=1670253016788&extra=%7B%22action%22%3A%22page_view%22%2C%22wst%22%3A1236%2C%22lgt%22%3A2493%7D
104.166.188.188200 OK 104 B URL HTTP/2 api.imotech.video/bigoad/trackingview?it=1670253016781&title=(1)%20Amazon%3A%20Win%20free%20DangoBuds&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fqpdr.yourdatasecuritycenter.live%2Fc%2F895f9b2ca59340cd%3Fs1%3D__CAMPAIGN_NAME__%26s2%3D__SID__%26s3%3D__GROUP_NAME__%26s4%3D__AD_ID__%26s5%3D%26s6%3D%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D%26sid5%3D%26sid6%3D%26cid%3D__SID__&host=qpdr.yourdatasecuritycenter.live&cookie_id=BA1.1.4415648413.1670253017&session_id=BA1.1.2451688825.1670253017&pixel_id=902760083831232256&ts=1670253016788&extra=%7B%22action%22%3A%22page_view%22%2C%22wst%22%3A1236%2C%22lgt%22%3A2493%7D
IP 104.166.188.188:0
File type ASCII text, with no line terminators
Hash b80f1eaa3eb7da6614daa6276e81ec0d
cd6f80fc69a13556caccf7276c329e4f270b7116
fd944f0471be83f4bf63bbbf1148b0ddab0a5010fc94d0580e9c81469831c0a7
POST /bigoad/trackingview?it=1670253016781&title=(1)%20Amazon%3A%20Win%20free%20DangoBuds&referer=&resolution=1024*1280&lang=en-US&url=https%3A%2F%2Fqpdr.yourdatasecuritycenter.live%2Fc%2F895f9b2ca59340cd%3Fs1%3D__CAMPAIGN_NAME__%26s2%3D__SID__%26s3%3D__GROUP_NAME__%26s4%3D__AD_ID__%26s5%3D%26s6%3D%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D%26sid5%3D%26sid6%3D%26cid%3D__SID__&host=qpdr.yourdatasecuritycenter.live&cookie_id=BA1.1.4415648413.1670253017&session_id=BA1.1.2451688825.1670253017&pixel_id=902760083831232256&ts=1670253016788&extra=%7B%22action%22%3A%22page_view%22%2C%22wst%22%3A1236%2C%22lgt%22%3A2493%7D HTTP/1.1
Host: api.imotech.video
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qpdr.yourdatasecuritycenter.live
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: openresty/1.13.6.1
date: Mon, 05 Dec 2022 15:10:19 GMT
content-type: application/json
content-length: 104
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/276749/1667549459/images/top_red.png
23.36.76.96200 OK 11 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/top_red.png
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type PNG image data, 258 x 184, 8-bit/color RGBA, non-interlaced\012- data
Hash 42646054d74c52311ddac5b117bffa1f
6da910b65620678d3ff00281a7c9ce008ca7a853
2e5559d271dcf79baf9d20af3c4fb33c072a6947b5927ce807b364ab90b79455
GET /landings/276749/1667549459/images/top_red.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 8GPuL+PjupzOjQoFQ5pMrXJsZKJXwRtPwDyjjRT0NEoIDXsDuHBLHlIqsQKY9rp1xENw+ZEbXs0=
x-amz-request-id: J42N92ZFXDRRYF3S
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "42646054d74c52311ddac5b117bffa1f"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 11048
Date: Mon, 05 Dec 2022 15:10:19 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/fr2.jpg
23.36.76.96200 OK 1.5 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/fr2.jpg
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 60x60, components 3\012- data
Hash f98294fa0eb143f9e972b602a42cb855
fa58b218723b2a07d9f9e24828170b159ab56229
e6cb798b4373c3a9c42874828b96d92b2ca66cc1b3fb02f30ac3842609d96dc8
GET /landings/276749/1667549459/images/fr2.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: /9OW9z0er5rr7Y0XfGSxlG4OOa4Tyz9XJ9YtoX/OLTmg/CwOMk6KEtW//zE5ThAnW7mI4gwVN6c=
x-amz-request-id: J42NA5DK728ND4A7
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "f98294fa0eb143f9e972b602a42cb855"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 1502
Date: Mon, 05 Dec 2022 15:10:19 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/muti_s20.png
23.36.76.96200 OK 61 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/muti_s20.png
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 8db4f4a07b809e9e599d658f85dec0cc
e8f0e70cbfde3658a28f82dc96532dfef03a72ab
4c66d7f750f81b3d2700462134b727682b1aa0f6e3cbbd8fa51176a3b84620b4
GET /landings/276749/1667549459/images/muti_s20.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 6yfjmg1Fql6ZchjP1IvmTju3HmqAjwhuPTmgp9syprnMIyfGORKHLvIIzrbUgRftdTJVebNIOxw=
x-amz-request-id: J42RFEBF2YH6AYBV
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "8db4f4a07b809e9e599d658f85dec0cc"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 61106
Date: Mon, 05 Dec 2022 15:10:19 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/like.png
23.36.76.96200 OK 469 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/like.png
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type PNG image data, 15 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ce5fbc9816c4e08f9c2564061ffa226
e191f2b1115ff5ea9343cc077056214ce9abe378
1a381623bd87f77b8b642d150404adf1f6edba167de3caa88cccf0385791b2e3
GET /landings/276749/1667549459/images/like.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: zpm9KgplUpQYoszXAZKNyzmsgj2Ok4SFQd5FhTvZLOVSRXu4gKk/sMtcKszT+H8iDwPVFFbpW+k=
x-amz-request-id: J42H2E5VR3JVG1K1
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "0ce5fbc9816c4e08f9c2564061ffa226"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 469
Date: Mon, 05 Dec 2022 15:10:19 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/box_open.png
23.36.76.96200 OK 27 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/box_open.png
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type PNG image data, 258 x 185, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c009212b44bb44e863897f16f34e032
5ad15d73f0915336e4aa8d07f4d3e901524c3faa
01e255633ecb9704310909ef6381ce4bcdf82f6c8050054d203bb1bb49a453c4
GET /landings/276749/1667549459/images/box_open.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: ICffAgcMEwI6A6PzU5EONwYqo4ODkNrqp8Rxy1dunWG524M3IQPyNKquI8e9Rd8fy09Lj2iAX4g=
x-amz-request-id: J42Z77F9BPKRB7NC
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "3c009212b44bb44e863897f16f34e032"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 27312
Date: Mon, 05 Dec 2022 15:10:19 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/account.gif
23.36.76.96200 OK 45 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/account.gif
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 70 x 54\012- data
Hash a40f1f0715cbe6360515ea8c74cd3ffa
123130c62e1a1218455f73cbb80d8c2719337b6a
5d392d3674333fbd2671bcdcc7c7ee6a633d372341f6d25b0648128bb30a59e3
GET /landings/276749/1667549459/images/account.gif HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: gLydMX0LnTumzc2J1nHaQRbSQpurMFmJxh3mM7ExuDJQ7sIhqZoDHQE2KbQYsYLXTGs6079IoxY=
x-amz-request-id: J42GJP31EJDH17XH
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "a40f1f0715cbe6360515ea8c74cd3ffa"
Accept-Ranges: bytes
Content-Type: image/gif
Server: AmazonS3
Content-Length: 44850
Date: Mon, 05 Dec 2022 15:10:19 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/cart.png
23.36.76.96200 OK 937 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/cart.png
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type PNG image data, 48 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 88a7b77cf0559bc0313cd93a08de8ec7
c1caa2457ebc686718b1454c00fe2ade3a7e22f0
7ab145bbd0800caf660da6c6b5e67ad380454d484c095cb62ff16c5023e4a6af
GET /landings/276749/1667549459/images/cart.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: IP4jvkEJp61flM4MzkDIWZwSuN1Vdh3ip/b+oR8zT4lManb9nnbiT9gro2tMt6TkEXAgDrUeoSs=
x-amz-request-id: J42ZM0ZSPE5MZX7Y
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "88a7b77cf0559bc0313cd93a08de8ec7"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 937
Date: Mon, 05 Dec 2022 15:10:20 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/fr1.jpg
23.36.76.96200 OK 1.4 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/fr1.jpg
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 60x60, components 3\012- data
Hash 4440ab8b31eb7898dcec1077fc7e03e6
655bc8fb988185ae942405931b3dab406fe9b2b2
3d2efe107bac4548a49c7f09f249c1cf062af30f82f26ed9edcaf5db3cb450fb
GET /landings/276749/1667549459/images/fr1.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: fFcVo9c9UQX37jtxYCombTKPThH5mMKIAP/wgaCI1CVyHZjnRQwKJUxHQm5b2QHJuPOsi4r8Yzs=
x-amz-request-id: 6ZK95NETDN9J1WJV
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "4440ab8b31eb7898dcec1077fc7e03e6"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 1365
Date: Mon, 05 Dec 2022 15:10:20 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/fr3.jpg
23.36.76.96200 OK 1.7 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/fr3.jpg
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 60x60, components 3\012- data
Hash d22a23156703f31d30fadef0251ce210
fcfabaa5a2b45122c9dc35038fb694c8de5a8762
30fe4936506f284f85ef53b9da90981c066291ca1820335577c3225f34d2577f
GET /landings/276749/1667549459/images/fr3.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: qikm9TbkGCUEpw+yyeVRqfm6vZcryExKqi5rZBKXiuYWUxm6Hlibx9Le8LLRNZ9lzW5KDGm0bsI=
x-amz-request-id: 6ZK66BG0YQQNTBZP
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "d22a23156703f31d30fadef0251ce210"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 1657
Date: Mon, 05 Dec 2022 15:10:20 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/fr4.jpg
23.36.76.96200 OK 1.6 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/fr4.jpg
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 60x60, components 3\012- data
Hash e9cadeaa7c0e68f933727dfdb48bef3b
463a060f64bb050d3524dc7e0ecda9dc78661641
8ade6dcc1d0aa595e1e0441d7af86248b9f593893ea83cc7bbbed067d7e6f8b1
GET /landings/276749/1667549459/images/fr4.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: JVFBKUzUh+BPrsKvgmDSlQwMMcnAB9s9zEQgbXZz7ISpX63PPBlprl/qiQYFS28mNKlM2kgKk1g=
x-amz-request-id: 6ZKASD2MZ95VWWJC
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "e9cadeaa7c0e68f933727dfdb48bef3b"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 1610
Date: Mon, 05 Dec 2022 15:10:20 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/xcmda0yz8f.png
23.36.76.96200 OK 615 B URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/xcmda0yz8f.png
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type PNG image data, 258 x 184, 8-bit colormap, non-interlaced\012- data
Hash 486830ae8c419d37c8a275e62ad18f4d
e0d4db697660aad97be4074f32e51c3846fcc3ce
bf7323d6955dacfc17037128471a98c15686a29a0d5d608cd4d6f9959d12345a
GET /landings/276749/1667549459/images/xcmda0yz8f.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 02hvZOmDOTVc1hRtnN+Q2JvUNrcgIQrCmjgVTJEn78e9TDuwsJA87/kpc9DJKoOrgWztEARYB7E=
x-amz-request-id: 6ZK9V9MG1DKCRS5E
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "486830ae8c419d37c8a275e62ad18f4d"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 615
Date: Mon, 05 Dec 2022 15:10:20 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/menu-top.png
23.36.76.96200 OK 1.8 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/menu-top.png
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type PNG image data, 119 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a5cf08870fc0cba6336f48b74f56a6
673d65fc453e92c8dfc93e0a2db2fbea2ac7fe2c
e5aefe98bdbdc454e931585e7228ce115f5a871126435778086f51e380fd6abf
GET /landings/276749/1667549459/images/menu-top.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: jHp8Yk9SdqvjuB6YzXxKutLXad0N5BFtfYRQJSuLFx8BoQv1EeDh1J87codO70CXmcavJu9zVEg=
x-amz-request-id: 6ZK9T0ZXX5X0XDCC
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "b8a5cf08870fc0cba6336f48b74f56a6"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1763
Date: Mon, 05 Dec 2022 15:10:20 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/fr5.jpg
23.36.76.96200 OK 1.5 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/fr5.jpg
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 60x60, components 3\012- data
Hash 509a76783101fb161fb387279189c7bf
6e50ab947014d50ede1ab593e48be1bf672179dc
9b864e17b56f4548655f2831edadb54cca4e76edf7398ff672567c6f034df679
GET /landings/276749/1667549459/images/fr5.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: CIkU1LQr7vW2nrG3TFWBN7fIIs68fp0Lk3zRan/ImEkS1cVOKe/P8ykNFhY1yLIeqCGgJmymyhg=
x-amz-request-id: 6ZKB4P62WTYBGVBM
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "509a76783101fb161fb387279189c7bf"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 1483
Date: Mon, 05 Dec 2022 15:10:20 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn.stfilecamp.com/fp.min.js
205.185.216.10200 OK 32 kB URL HTTP/2 cdn.stfilecamp.com/fp.min.js
IP 205.185.216.10:0
File type Unicode text, UTF-8 text, with very long lines (31370)
Hash 198f2f5b0a649f41fe890c59d37319aa
f24629687612889bb59f610df3879afcd766fb80
d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912
Analyzer Verdict Alert fortinet Phishing
GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 15:10:20 GMT
cache-control: max-age=3600
content-length: 31705
content-type: text/javascript
last-modified: Mon, 13 Jun 2022 11:23:14 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx000000000000075699427-00638e09dc-213dda3c-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670253019.dop021.sk1.t,1670253019.cds065.sk1.hn,1670253020.cds237.sk1.pr
X-Firefox-Spdy: h2
cdn-adef.akamaized.net/landings/276749/1667549459/images/s20_blue_1.png
23.36.76.96200 OK 13 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/s20_blue_1.png
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type PNG image data, 258 x 185, 8-bit/color RGBA, non-interlaced\012- data
Hash 281a2d5b551075d4317dfc0483c1a015
2c7fd79257e77a631aee0eed95d6b188c10786ff
b81843a0f719d52f7af609b1ec84b0e9e7f163fdbcd319302737b9ececa0bdb4
GET /landings/276749/1667549459/images/s20_blue_1.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: TdEMXkRJGNuWY/941liN6Yn+2E4ci1asLlfOApaSZm9HxMaViEwvbJeZwLxdYx5mxleSBpoz1LM=
x-amz-request-id: 6ZKBWTHKTQBBDS94
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "281a2d5b551075d4317dfc0483c1a015"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 12769
Date: Mon, 05 Dec 2022 15:10:20 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/box_closed.png
23.36.76.96200 OK 36 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/box_closed.png
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type PNG image data, 258 x 184, 8-bit/color RGBA, non-interlaced\012- data
Hash e6380f53e8e49f2d3c338177e8550131
687adab713df3258bff484350a4ed0b13018c327
0b0970c34a816d372e289246440e6671947d6e2c964aaa143bb0eb70effd721d
GET /landings/276749/1667549459/images/box_closed.png HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: hqdRlVjkb2gSs5p86y1yoZkRq2RmSttb5Ml2PQzJj5WbDj7hQ5Pdu4NxsB/NxVIIJMpin33f+r4=
x-amz-request-id: 6ZK21W2E33GBJX9J
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "e6380f53e8e49f2d3c338177e8550131"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 36208
Date: Mon, 05 Dec 2022 15:10:20 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/landings/276749/1667549459/images/fr6.jpg
23.36.76.96200 OK 1.3 kB URL HTTP/1.1 cdn-adef.akamaized.net/landings/276749/1667549459/images/fr6.jpg
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 60x60, components 3\012- data
Hash ccb48afe0c11229be71311a75ae8f1f8
6b1bee04936150646bd119b8cee491e3e811b45a
dce02f3573a9be78759b64327704bc6e51987301da301c4d606eb026989b850b
GET /landings/276749/1667549459/images/fr6.jpg HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: R/X4SFeZN0AwtODym5vFWSN/husn6yniDKgWX8Y+6s+WDzIwnZkizXaWJaBiaYI31qm2NMvObkY=
x-amz-request-id: 6ZKEPKJDHMB7PN5C
Last-Modified: Fri, 04 Nov 2022 08:11:01 GMT
ETag: "ccb48afe0c11229be71311a75ae8f1f8"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 1342
Date: Mon, 05 Dec 2022 15:10:20 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-adef.akamaized.net/images/favicon.ico
23.36.76.96200 OK 4.1 kB URL HTTP/1.1 cdn-adef.akamaized.net/images/favicon.ico
IP 23.36.76.96:0
ASN #20940 Akamai International B.V.
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0
GET /images/favicon.ico HTTP/1.1
Host: cdn-adef.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: mzbDFFn0Yhqdz4XL9s4sX6yByljdNVrKhKiK+UtK4DVRgNzfBI6OtL7EakQiGwqEsC19uC++cQI=
x-amz-request-id: 78F19547EBC3B810
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Content-Length: 4103
Server: AmazonS3
Unused62: 8096267
Date: Mon, 05 Dec 2022 15:10:20 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 15:10:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 15:10:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 15:10:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.138200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.138:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 14:13:40 GMT
expires: Mon, 05 Dec 2022 15:13:40 GMT
cache-control: public, max-age=3600
age: 3400
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main
142.250.74.138200 OK 75 kB URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main
IP 142.250.74.138:0
File type ASCII text, with very long lines (1613)
Hash 110765e1accf41111543c29721c78b52
3eeceb853d592a297162325f20f0420e136c875a
b5fb084ee4491e64fca48643106c0eb338212638caafdad88ff91e0d4198b589
GET /_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75035
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 00:23:32 GMT
expires: Thu, 30 Nov 2023 00:23:32 GMT
cache-control: public, max-age=31536000
age: 485208
last-modified: Sat, 12 Nov 2022 06:10:12 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 15:10:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.99200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.99:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 14:19:59 GMT
expires: Tue, 05 Dec 2023 14:19:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 3022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 15:10:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
qpdr.yourdatasecuritycenter.live/js/rt/service-worker.js
52.19.101.114200 OK 2.5 kB URL HTTP/2 qpdr.yourdatasecuritycenter.live/js/rt/service-worker.js
IP 52.19.101.114:0
Hash 25471d1ab96fa94ff2f0aa5670dfc19a
cf337a04d4f267beba0f48e20623c50fa018da2c
dfc728d78457227f1461b2641db62c183dd05c89103d54efc56aa3f0b37dc18c
GET /js/rt/service-worker.js HTTP/1.1
Host: qpdr.yourdatasecuritycenter.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: unique_id=638e09da000e4d45; unique_id2=638e09da000e55c9; GoogleAccountsLocale_session=en; googtrans=/en/en; _bge_ci=BA1.1.4415648413.1670253017; fp_js=9e4947f35751465411fd1a4f5c358c78
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 15:10:20 GMT
content-type: application/javascript
expires: Mon, 12 Dec 2022 15:10:20 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 15:10:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Fqpdr.yourdatasecuritycenter.live%2Fc%2F895f9b2ca59340cd%3Fs1%3D__CAMPAIGN_NAME__%26s2%3D__SID__%26s3%3D__GROUP_NAME__%26s4%3D__AD_ID__%26s5%3D%26s6%3D%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D%26sid5%3D%26sid6%3D%26cid%3D__SID__
104.26.5.120200 OK 0 B URL HTTP/2 stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Fqpdr.yourdatasecuritycenter.live%2Fc%2F895f9b2ca59340cd%3Fs1%3D__CAMPAIGN_NAME__%26s2%3D__SID__%26s3%3D__GROUP_NAME__%26s4%3D__AD_ID__%26s5%3D%26s6%3D%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D%26sid5%3D%26sid6%3D%26cid%3D__SID__
IP 104.26.5.120:0
GET /api/1.0/ping/pong?location=https%3A%2F%2Fqpdr.yourdatasecuritycenter.live%2Fc%2F895f9b2ca59340cd%3Fs1%3D__CAMPAIGN_NAME__%26s2%3D__SID__%26s3%3D__GROUP_NAME__%26s4%3D__AD_ID__%26s5%3D%26s6%3D%26sid1%3D%26sid2%3D%26sid3%3D%26sid4%3D%26sid5%3D%26sid6%3D%26cid%3D__SID__ HTTP/1.1
Host: stormtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qpdr.yourdatasecuritycenter.live
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 15:10:19 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w36Vd8uRqP%2BMV5%2F%2F18InREktxdeZpONJTmZ0ChTinxz20sV1ZPfKGUqBJKj1WKkamUN9VBnpmC64io%2FhhD%2FSI1qUqppDqpsZKtcDUGy2c8exJuPiQvspQcjk14ki%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774db53cbc580b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
qpdr.yourdatasecuritycenter.live/c/895f9b2ca59340cd?s1=__CAMPAIGN_NAME__&s2=__SID__&s3=__GROUP_NAME__&s4=__AD_ID__&s5=&s6=&sid1=&sid2=&sid3=&sid4=&sid5=&sid6=&cid=__SID__
52.19.101.114200 OK 0 B URL HTTP/2 qpdr.yourdatasecuritycenter.live/c/895f9b2ca59340cd?s1=__CAMPAIGN_NAME__&s2=__SID__&s3=__GROUP_NAME__&s4=__AD_ID__&s5=&s6=&sid1=&sid2=&sid3=&sid4=&sid5=&sid6=&cid=__SID__
IP 52.19.101.114:0
GET /c/895f9b2ca59340cd?s1=__CAMPAIGN_NAME__&s2=__SID__&s3=__GROUP_NAME__&s4=__AD_ID__&s5=&s6=&sid1=&sid2=&sid3=&sid4=&sid5=&sid6=&cid=__SID__ HTTP/1.1
Host: qpdr.yourdatasecuritycenter.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 15:10:18 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=638e09da000e4d45; Path=/; Expires=Fri, 03 Feb 2023 15:10:18 GMT; Secure; SameSite=None
unique_id2=638e09da000e55c9; Path=/; Expires=Sun, 05 Mar 2023 15:10:18 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Mon, 05 Dec 2022 15:10:18 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
216.58.211.14200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 216.58.211.14:0
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qpdr.yourdatasecuritycenter.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 15:10:20 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+305; expires=Wed, 04-Dec-2024 15:10:20 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2