track.profitableredirect.com/d515311d-ad3e-4bad-98f3-44fa955d1496?c=ALrB2mNrKwUAj1ICAFVTNwApAHP5VIIA&source_id=338795
302 0 B URL HTTP/1.1 track.profitableredirect.com/d515311d-ad3e-4bad-98f3-44fa955d1496?c=ALrB2mNrKwUAj1ICAFVTNwApAHP5VIIA&source_id=338795
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d515311d-ad3e-4bad-98f3-44fa955d1496?c=ALrB2mNrKwUAj1ICAFVTNwApAHP5VIIA&source_id=338795 HTTP/1.1
Host: track.profitableredirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Wed, 01 Feb 2023 19:47:22 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Pragma: no-cache
Set-Cookie: d515311d-ad3e-4bad-98f3-44fa955d1496-v4=YzrS86KJ8xW2qhJfwvpZZ7KDfD3hGgYyWeHxSI_YGV8; Max-Age=86400; Expires=Thu, 02-Feb-2023 19:47:22 GMT; Domain=track.profitableredirect.com; Path=/; HttpOnly
cc-v4=Fi%2Brf%2FfQe8f2xIbXDD3UQY%2Fq8hlj9q4MUAidfqPA21%2FVY4lpY8a%2Bdnoc02exmfqMyhjoTsvsi5MLBOZnh6NjuW6f7TMwAVWg3Mm4cMj3AulqEiTMTWua2KAvhxaSpPHPSkfZSpZ1C77MJruVtngT9Q%3D%3D; Max-Age=31536000; Expires=Thu, 01-Feb-2024 19:47:22 GMT; Domain=track.profitableredirect.com; Path=/; HttpOnly
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6904
Expires: Wed, 01 Feb 2023 21:42:26 GMT
Date: Wed, 01 Feb 2023 19:47:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13861
Expires: Wed, 01 Feb 2023 23:38:23 GMT
Date: Wed, 01 Feb 2023 19:47:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 19:36:02 GMT
content-type: application/json
age: 680
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11783
Expires: Wed, 01 Feb 2023 23:03:45 GMT
Date: Wed, 01 Feb 2023 19:47:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1NePtiUYd2WrPam0zMF6Ri+cA/P710zaJs/jUKU3hvzgPeE3Az2P4nL0lvcmycJ8bpxR0Lqhp+mSaDQkWooWPg==
x-amz-request-id: VM3FDSKZZ6ZB2XGZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 19:22:47 GMT
age: 1475
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 19:47:22 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/V6aoE5d375o
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/V6aoE5d375o
IP
Hash 784b16f2767d9fae23a01ca36f305b22
e69fc4ef07ab235e18d6c50e7e62fe7b1ac7679d
f1291378620c1487f776a86a79f6286d13136e0aea9f6db1e8362cb3c2b8b578
POST /s/gts1p5/V6aoE5d375o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 19:47:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 18:49:05 GMT
age: 3498
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11272
Expires: Wed, 01 Feb 2023 22:55:15 GMT
Date: Wed, 01 Feb 2023 19:47:23 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/V6aoE5d375o
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/V6aoE5d375o
IP
Hash 784b16f2767d9fae23a01ca36f305b22
e69fc4ef07ab235e18d6c50e7e62fe7b1ac7679d
f1291378620c1487f776a86a79f6286d13136e0aea9f6db1e8362cb3c2b8b578
POST /s/gts1p5/V6aoE5d375o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 19:47:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lateralphonesecurity.xyz/security-master-9/images/memory.png
200 OK 3.7 kB URL HTTP/2 lateralphonesecurity.xyz/security-master-9/images/memory.png
IP
File type PNG image data, 96 x 121, 8-bit/color RGBA, non-interlaced\012- data
Hash 07b3c49264fb56d03a9e4e9f2430d096
d2222c7d1809c7810e2e8f108f232b7060dff9ff
18db0fec261694de423284b1d6c333c68c4f048a2ac9aebd135f39ea36121ec4
GET /security-master-9/images/memory.png HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: image/png
content-length: 3705
last-modified: Thu, 27 Oct 2022 11:37:02 GMT
etag: "635a6d5e-e79"
expires: Tue, 07 Feb 2023 08:30:44 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 126999
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7e9GAA6QQHhsMj%2FE4a%2FzqvZvpdYIJsbDPZ6%2BX5zv%2ByEpJ6swHjiVxjNs8pxdq1Pk%2FS0TohuZjLfVcxfyTQhJPxWutyeRpg4v9X4LZ1xiHwwkFd4dimC9d15Xgp0CbgNSSGumzHDBEX37K8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792d32d7f844b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lateralphonesecurity.xyz/security-master-9/images/trash.png
200 OK 1.5 kB URL HTTP/2 lateralphonesecurity.xyz/security-master-9/images/trash.png
IP
File type PNG image data, 106 x 121, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a18ceb74413d6ab16b77bd5262f0829
47ea9bf73e301c4478396c17e773a13e44b03447
11d4cb166b54a0d6cbf37d5d81e7b7b41df0499a86388e1027aa52c502e894b5
GET /security-master-9/images/trash.png HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: image/png
content-length: 1468
last-modified: Thu, 27 Oct 2022 11:37:01 GMT
etag: "635a6d5d-5bc"
expires: Tue, 07 Feb 2023 08:30:44 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 126999
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEE%2Fp2%2BFTj0uuCRQYwM71%2BE0X7n2zVhiWX3UeG%2FQPRqVmY2R0S3QqvctC1vewpjm%2BGf0ExeYfTB3YvhyZ3XMVNz1%2BAAVu7RIyuqXgyFgxAXJK8dve%2BinzXFwpOtVLUQnqKg1Pbz87S8Vsb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792d32d7f840b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6b21f87e54b10ba719e15dc390c48701
7da5a76ac948ba52b23e19b4d857efddef75313e
178a5d6a627ac741af8a057c542d308bdc88802d07f1aeb41af37ff997cd90df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "178A5D6A627AC741AF8A057C542D308BDC88802D07F1AEB41AF37FF997CD90DF"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2434
Expires: Wed, 01 Feb 2023 20:27:57 GMT
Date: Wed, 01 Feb 2023 19:47:23 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash ddb4df40df9122a8ce03deb28c833eb2
e0168a34cde664087ec691ab935ec37169900042
ad67c347674e6cd86d234391cfd0c8243db5667c0f873adf0695816238311191
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6257
Cache-Control: max-age=171226
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 19:47:23 GMT
Etag: "63daa334-117"
Expires: Fri, 03 Feb 2023 19:21:09 GMT
Last-Modified: Wed, 01 Feb 2023 17:36:52 GMT
Server: ECS (amb/6B9A)
X-Cache: HIT
Content-Length: 279
my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8
200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8
IP
Hash 7e1da03b7d5254f7b1d93874c8f85ce4
c1ff6bec84dd9b2bf2bbcd11bb8791444f04b2d7
ff9366f794284e39381efd6b8ae4b6273469134c741ca7c3d6a1e1248e1a98d4
GET /p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wVnMahrgNbFTd4lEInV++w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 29N9HvNPfDi7XMtlKUpUkWlPJcI=
lateralphonesecurity.xyz/security-master-9/scripts/language-set.js
200 OK 23 kB URL HTTP/2 lateralphonesecurity.xyz/security-master-9/scripts/language-set.js
IP
File type Unicode text, UTF-8 text, with very long lines (46009), with no line terminators
Hash cf85ccc0d31e90c27e671188e622504b
8d8c623eab70d3e0896027dfdf059db114273592
5fdf9429e162920b1f858e248dbf1cf443588173cb4ac486a5920c2ba2d1b205
GET /security-master-9/scripts/language-set.js HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=75246
etag: W/"635a6d64-125ee"
expires: Tue, 07 Feb 2023 08:30:43 GMT
last-modified: Thu, 27 Oct 2022 11:37:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 127000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2Fv4zGEXkroBMLgIRJJaqi%2Bzlv6c%2BSfbBGlASEppeRypnON3%2FGEuTSXb5HLJrvZO7Qf%2FmQaSrHyYN69P2z0zINXfCcyBwMXkVsJiVnSdrQ3wEWFQqugLVxvYECoHAFKFDSioxk7TgXNzWMw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d7f826b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc54146b144ec18712d0408114ce6bad
4102b7cd24779158be07a5a50922f1ed7557c62e
f932799140d4773d6daf3a08f16529fac3881ff6c3470959512c7abc0164be50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F932799140D4773D6DAF3A08F16529FAC3881FF6C3470959512C7ABC0164BE50"
Last-Modified: Tue, 31 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Thu, 02 Feb 2023 01:47:21 GMT
Date: Wed, 01 Feb 2023 19:47:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 680e6f6ed800788703543fadb3cf197a
9bf517cea64cc9cf134d3117dd0db6916c29365d
67a60cdeb5589a25ff7680530599124a91d94027e97ba636c32e550d72855467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67A60CDEB5589A25FF7680530599124A91D94027E97BA636C32E550D72855467"
Last-Modified: Mon, 30 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13621
Expires: Wed, 01 Feb 2023 23:34:24 GMT
Date: Wed, 01 Feb 2023 19:47:23 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d1e2c6fb3a161709433112a4e3f229ae
5ed948e9cd27db787ecdbe5f09552f07ca358793
06b8e3bdbe42948f44a9e640d55f18193c87ca891a4c8af54caf405e3e14ffea
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 19:47:23 GMT
Last-Modified: Wed, 01 Feb 2023 18:55:30 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1kaq-WcVKtfVRFPLf05FdMV5eOpn6RAQxoR_hQoZ-JWoARYz0Wtfig==
Age: 3113
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d1e2c6fb3a161709433112a4e3f229ae
5ed948e9cd27db787ecdbe5f09552f07ca358793
06b8e3bdbe42948f44a9e640d55f18193c87ca891a4c8af54caf405e3e14ffea
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91591
Date: Wed, 01 Feb 2023 19:47:23 GMT
Etag: "63d9722b-1d7"
Expires: Thu, 02 Feb 2023 21:13:54 GMT
Last-Modified: Tue, 31 Jan 2023 19:55:23 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BVuUyq4sLp9K9SDaTWAhpK6b6ZBFD8MjW-onZtnLvsKM4q28W7pR7A==
Age: 4711
overalltrack.com/api/v3.0/clickapi/img?aid=2&clickId=w1cg85nrtbda8ram24amue0i
200 OK 43 B URL HTTP/1.1 overalltrack.com/api/v3.0/clickapi/img?aid=2&clickId=w1cg85nrtbda8ram24amue0i
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /api/v3.0/clickapi/img?aid=2&clickId=w1cg85nrtbda8ram24amue0i HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 01 Feb 2023 19:47:23 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Set-Cookie: currentClickid=%7B%222%22%3A%22w1cg85nrtbda8ram24amue0i%22%7D; Max-Age=31536000; Path=/; Expires=Thu, 01 Feb 2024 19:47:23 GMT; Secure; SameSite=None
lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
200 OK 3.9 kB URL HTTP/2 lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1627)
Hash c588cfd079d8c4da44e778b011176c8f
38d96b5cec1733c365390cf8f8874064e53b8e5d
1170a658516d258963357036ffb1f4416929559b7698fcb2af8d68edef9879f6
GET /security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29 HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: text/html; charset=utf-8
last-modified: Tue, 29 Nov 2022 12:13:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRbT8uUpDBl%2BmR4kbzcEEXKwSacLz%2BTaCsn6x9Q4N1TGCIlpZd80CZ0sfy%2BF1VuL%2BpJemCnZ1wgKtfY76mdFkD0jEzfmnE85so7BFm%2BO7O5RVfzPkJvzVCdSprirmR7g2gjdREuH0ed10kQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d4aa5ab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3f658d36dd4af0a90ccb201cc0dea643
ccb9921ce35481e130ab8392fe265174632192d8
e9a3b47d40b3befeb4e677d3f6442e744c2916ac6f6431e91e3940506e24a2d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9A3B47D40B3BEFEB4E677D3F6442E744C2916AC6F6431E91E3940506E24A2D6"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21594
Expires: Thu, 02 Feb 2023 01:47:18 GMT
Date: Wed, 01 Feb 2023 19:47:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 198b1065b0b9bd40cf517205703cde49
cbea798d12e96443be150f4756295ce6ed8b2165
150d3c9081563e7d75983ea64628269312ba2d042e835578092a623d7330d629
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "150D3C9081563E7D75983EA64628269312BA2D042E835578092A623D7330D629"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 02 Feb 2023 01:47:24 GMT
Date: Wed, 01 Feb 2023 19:47:24 GMT
Connection: keep-alive
overalltrack.com/api/v3.0/clickapi/otherInstall?clickId=w1cg85nrtbda8ram24amue0i&aid=2&checkOld=1&medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&source=&campaign=Bidmag%20(Roman)&publisher=Bidmag%20(Roman)&checkUninstall=1
200 OK 8 B URL HTTP/1.1 overalltrack.com/api/v3.0/clickapi/otherInstall?clickId=w1cg85nrtbda8ram24amue0i&aid=2&checkOld=1&medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&source=&campaign=Bidmag%20(Roman)&publisher=Bidmag%20(Roman)&checkUninstall=1
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash f30c3a40e9a3e65c868c754a5de95919
65101ff283414b70636ff494d866190a66ed9978
875befe7cefc0715a17dc737f9514dda981f79a3c9f174badcae5bd1cc2425fe
OPTIONS /api/v3.0/clickapi/otherInstall?clickId=w1cg85nrtbda8ram24amue0i&aid=2&checkOld=1&medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&source=&campaign=Bidmag%20(Roman)&publisher=Bidmag%20(Roman)&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://lateralphonesecurity.xyz/
Origin: https://lateralphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 Feb 2023 19:47:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Allow: GET,HEAD
app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
301 Moved Permanently 0 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /device_by_model?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Origin: https://lateralphonesecurity.xyz
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Server: gunicorn
Date: Wed, 01 Feb 2023 19:47:24 GMT
Content-Type: text/html; charset=utf-8
Location: /device_by_model/?model=x64
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Content-Length: 0
Via: 1.1 vegur
event.trk-consulatu.com/register/event_log/75dnpnjlgk
200 OK 1.9 kB URL HTTP/2 event.trk-consulatu.com/register/event_log/75dnpnjlgk
IP
Hash 79b8cae9f48dedad2c81d9be345c6abe
3539097f228ebd9a98bd2256c1cdb87fd9d8384e
201de1f03b4a9433918aea16dd3f3263de518f83495a77655db7b412a14d097d
OPTIONS /register/event_log/75dnpnjlgk HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lateralphonesecurity.xyz/
Origin: https://lateralphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:24 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://lateralphonesecurity.xyz
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ds%2BvlZ8v5%2BVzCwKlaL7O1ZIlDU3Qo8vtiHZQLloy3UrJSj7GdEHLl%2FDJJyeThiGU9mAjfOt3bHTH91%2FwSoi2pttirUe6q30fV2Vod1RIILgzCpbGRKCOL2mM4Spa3W7pGzm7uLcygKdJzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32db0f06e674-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/75dnpnjlgk
200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/75dnpnjlgk
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /register/event_log/75dnpnjlgk HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lateralphonesecurity.xyz/
Origin: https://lateralphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:24 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://lateralphonesecurity.xyz
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7IU%2FTce6fDc0eDDXlEWXGBhFS0k583VXE6XQ1jwMDYO%2FsUevYkNeRSsweTFcXSS5qC%2Bw%2BRn%2F294wgE%2Bf8uijYpHBoL%2Bu2MruV8zNLwmG4puzb%2FiSMFVCOpGZtiD1KN%2Bia8NMLg2V2ppYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32db3f48e674-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
overalltrack.com/api/v3.0/clickapi/otherInstall?clickId=w1cg85nrtbda8ram24amue0i&aid=2&checkOld=1&medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&source=&campaign=Bidmag%20(Roman)&publisher=Bidmag%20(Roman)&checkUninstall=1
200 OK 72 B URL HTTP/1.1 overalltrack.com/api/v3.0/clickapi/otherInstall?clickId=w1cg85nrtbda8ram24amue0i&aid=2&checkOld=1&medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&source=&campaign=Bidmag%20(Roman)&publisher=Bidmag%20(Roman)&checkUninstall=1
IP
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash be063a48547ff1bbe2096020f6cbd4f1
c11e04c8e81b5e8e99b785792c41a9daddbb9617
d2856f7544300225e054f6b4fdd3d3f5a3cade3e671f45d2702dc2be2c792f6a
GET /api/v3.0/clickapi/otherInstall?clickId=w1cg85nrtbda8ram24amue0i&aid=2&checkOld=1&medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&source=&campaign=Bidmag%20(Roman)&publisher=Bidmag%20(Roman)&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://lateralphonesecurity.xyz
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 01 Feb 2023 19:47:24 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 72
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Flateralphonesecurity.xyz%2Fsecurity-master-9%2Findex.html%3Fclickid%3Dw1cg85nrtbda8ram24amue0i%26utm_source%3D%26utm_medium%3Drestart_app2_Security%2520Master%2520Pop%2520LP9%2520-Roman%26publisher%3DBidmag%2520%2528Roman%2529%26utm_campaign%3DBidmag%2520%2528Roman%2529%23
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Flateralphonesecurity.xyz%2Fsecurity-master-9%2Findex.html%3Fclickid%3Dw1cg85nrtbda8ram24amue0i%26utm_source%3D%26utm_medium%3Drestart_app2_Security%2520Master%2520Pop%2520LP9%2520-Roman%26publisher%3DBidmag%2520%2528Roman%2529%26utm_campaign%3DBidmag%2520%2528Roman%2529%23
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Flateralphonesecurity.xyz%2Fsecurity-master-9%2Findex.html%3Fclickid%3Dw1cg85nrtbda8ram24amue0i%26utm_source%3D%26utm_medium%3Drestart_app2_Security%2520Master%2520Pop%2520LP9%2520-Roman%26publisher%3DBidmag%2520%2528Roman%2529%26utm_campaign%3DBidmag%2520%2528Roman%2529%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 19:47:24 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0eeef7b464104e0ebdbc0f27c5ed3157; expires=Thu, 01 Feb 2024 19:47:24 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
200 OK 0 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://lateralphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Wed, 01 Feb 2023 19:47:24 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur
event.trk-consulatu.com/register/event_log/75dnpnjlgk
200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/75dnpnjlgk
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/75dnpnjlgk HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lateralphonesecurity.xyz/
Content-type: application/json
Origin: https://lateralphonesecurity.xyz
Content-Length: 228
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:24 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://lateralphonesecurity.xyz
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANIqclC8UYuvYNG2tTXgCs54707EJv8VuW45jEN6xWYS1Qv8ufLxRcXJ3Ntx1DFns5Qx9snOH30kpKgRBFwMZFrrefxUSvlJxSsDB%2B8e6wAy1E%2B8kuaoohxbeMTRwa8otJmjWTBu5ECoPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32dc384ae674-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/75dnpnjlgk
200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/75dnpnjlgk
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/75dnpnjlgk HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lateralphonesecurity.xyz/
Content-type: application/json
Origin: https://lateralphonesecurity.xyz
Content-Length: 267
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:24 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://lateralphonesecurity.xyz
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BQcQPybYAxMp23u%2BI1ZTXyrVEOWDHwiFV8tW7e%2BRRwaIGr9iqFogDss3KIwCwjYijX0DCwbfoyyzMA4wrGl1dmvKjC%2F8j36UMJwWN1RIXAoc12VdSEgCnaMbUJad2XdZCP0Cw4WGik%2FtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32dc686fe674-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
primaveratrack.com/testb.php
200 OK 126 B URL HTTP/1.1 primaveratrack.com/testb.php
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash a5b3bfed693e840e5d91095409c6af0b
7fbe8433eda44893839708d5ce47d7a7041005fd
a04e547854da7a70b03398e9329527420ef9f14486d35d5c3186ee46248f25a4
GET /testb.php HTTP/1.1
Host: primaveratrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lateralphonesecurity.xyz
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 01 Feb 2023 19:47:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
404 Not Found 86 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
IP
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 024c203b02c3d88f5e07d125220aa18a
4450bc452d44c05834e068f5341745b2e81ebbe3
a7360add54a81883d7f3e724d07de917a7fcd5cc190db96b7de642d34ceb2787
GET /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lateralphonesecurity.xyz
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Connection: keep-alive
Server: gunicorn
Date: Wed, 01 Feb 2023 19:47:24 GMT
Content-Type: application/json
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Length: 86
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Via: 1.1 vegur
lateralphonesecurity.xyz/security-master-9/scripts/sendClick.js
200 OK 2.0 kB URL HTTP/2 lateralphonesecurity.xyz/security-master-9/scripts/sendClick.js
IP
File type ASCII text, with very long lines (1151)
Hash aa95484b950e88a92ea2f9a5a5ecfb29
e3606f9a64cbf81055481054a665e44c408735c8
85669dd6c836ad48c7ddd96986c5b056792a0abc45fba8080398adc464767620
GET /security-master-9/scripts/sendClick.js HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=5401
etag: W/"635a6d64-1519"
expires: Tue, 07 Feb 2023 08:30:44 GMT
last-modified: Thu, 27 Oct 2022 11:37:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 126999
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHG%2B63WgXqFGmWglpFPxfKsHYrLu2cP19ul14skAUT3ZckDwsVKVCVAuMRkqJzAmMfuxUgb5xhrkDmwNKkVzf0mF%2FNwTcipgwVI9sPpjP7MDj2AV3wf73NBRgIJpEz5b44N0VSQDqcJOgBQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d8085cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7630
Expires: Wed, 01 Feb 2023 21:54:34 GMT
Date: Wed, 01 Feb 2023 19:47:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7630
Expires: Wed, 01 Feb 2023 21:54:34 GMT
Date: Wed, 01 Feb 2023 19:47:24 GMT
Connection: keep-alive
lateralphonesecurity.xyz/security-master-9/scripts/speak.js
200 OK 662 B URL HTTP/2 lateralphonesecurity.xyz/security-master-9/scripts/speak.js
IP
Hash ec9bad422b8ebef6130856644554572c
dc4db52024ee6289cba9744d4f38eb07c39b02ad
239b64778ded70a961c287b04fa753d4bb2c994189a62b6bd05430e648963d7e
GET /security-master-9/scripts/speak.js HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=285
etag: W/"635a6d62-11d"
expires: Tue, 07 Feb 2023 08:30:44 GMT
last-modified: Thu, 27 Oct 2022 11:37:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 126999
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5BK4YD89rJPIpOcKoWPxUzCSSwBlyzjr5BSH7tGIZDOT2iHwvyHal4E9qC4TGTwAu4qoIFpy0pPIAlAE9vaaZKwZQ5UA2OsxUmHhtneuZUJpSHNNz5bC9RIxvEXrJ2EUuIFHAe3BvRc%2Be4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d80858b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4yxwz2MFTdpb8I56VVbFU2Zz0qG_uHcYc3aDtn6boQPjhw7UFLLnYw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 10:37:09 GMT
age: 33015
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 79505
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:27:41 GMT
age: 44383
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lateralphonesecurity.xyz/security-master-9/scripts/onbeforeunload.js
200 OK 7.1 kB URL HTTP/2 lateralphonesecurity.xyz/security-master-9/scripts/onbeforeunload.js
IP
Hash 9cefd95da72ce73251697ad30ab9e15e
fba1b8404586b9c1fdb0b51a67cec8fdfe143bc0
13701f9676b87c022419b222094c03085ab709796d8b733a255ba44f16b4b5cf
GET /security-master-9/scripts/onbeforeunload.js HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=808
etag: W/"635a6d68-328"
expires: Tue, 07 Feb 2023 08:30:44 GMT
last-modified: Thu, 27 Oct 2022 11:37:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 126999
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rj6Hq6fx2jhAJ1JmtE5ieujP31or%2Fy2YA%2F6VO0xkd4aCtM7e27k7w9CodP6xSVo12yBTv9ic6ILyj8sOJsLu83KbjUTaOVYZg9e%2Fp93WQjxwsSuHyK9yUdhia9Z4mu0m5h7nnBSleTExNg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d8085ab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 62246
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 12:57:00 GMT
age: 24624
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lateralphonesecurity.xyz/security-master-9/scripts/url.js
200 OK 0 B URL HTTP/2 lateralphonesecurity.xyz/security-master-9/scripts/url.js
IP
GET /security-master-9/scripts/url.js HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=793
etag: W/"635a6d68-319"
expires: Tue, 07 Feb 2023 08:30:43 GMT
last-modified: Thu, 27 Oct 2022 11:37:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 127000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgmir8PzRQh160lOrxvnwqf%2FniVaK8vciMPesxw%2BaMmTxU3Sn0YMZ5yeSdZCmJPapzM3hHKgrJo6Bc7cTVfDjtuV1j5G9sMKmFix05q8tlqBlsdxwhuE1Kv12cxYMvieKEj1N0yfd21wGDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d7e801b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lateralphonesecurity.xyz/security-master-9/scripts/push.js
200 OK 0 B URL HTTP/2 lateralphonesecurity.xyz/security-master-9/scripts/push.js
IP
GET /security-master-9/scripts/push.js HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=2579
etag: W/"635a6d67-a13"
expires: Tue, 07 Feb 2023 08:30:44 GMT
last-modified: Thu, 27 Oct 2022 11:37:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 126999
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWg4yQT%2FVYusMReHSWODo%2BYQSmHbOKURn%2BzBkG1oIL0Fo2maNGNNKzT9BuiQ9Fv5jbtsgmoouk4lA9DR61%2BGdIpWiCNCSl4OkjUA0DUA4Ut8XZzM6MqWC6QyJmuxtK0gu1iLPj1gRCQ%2BCNg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d7f84cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lateralphonesecurity.xyz/security-master-9/scripts/onbtnclick.js
200 OK 0 B URL HTTP/2 lateralphonesecurity.xyz/security-master-9/scripts/onbtnclick.js
IP
GET /security-master-9/scripts/onbtnclick.js HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=233
etag: W/"635a6d61-e9"
expires: Tue, 07 Feb 2023 08:30:44 GMT
last-modified: Thu, 27 Oct 2022 11:37:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 126999
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bc2c%2B1rB%2BRVbYAR%2FQT5%2B8eS22%2FJW2A9LVIfQGVIC2Qr7tsFKJR3%2Boq9Xt9%2BAOcHSeutVz9hF6YAr4IO%2BrOsCkIlhLLo%2FR2068DZcrQp%2BwRqnTpewbAu2R0QOyHjXqN8HfuZlv4cFWAfnXic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d7f851b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lateralphonesecurity.xyz/security-master-9/scripts/lang.js
200 OK 0 B URL HTTP/2 lateralphonesecurity.xyz/security-master-9/scripts/lang.js
IP
GET /security-master-9/scripts/lang.js HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=3517
etag: W/"635a6d62-dbd"
expires: Tue, 07 Feb 2023 08:30:43 GMT
last-modified: Thu, 27 Oct 2022 11:37:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 127000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhZ3u2lscVC177e2t9dSXphqS0GInYxh5xDhka8jXtz%2FROb8PZXX0yUwEsRCBSZi1IPz9B%2BlyGANX1ZtBhidvxkDNSvnd56KzUyv5LKE2yMy4DjFMNBRnPVrJpgNSylCi1Xni4EOi9Wj4G4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d7f830b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lateralphonesecurity.xyz/security-master-9/scripts/progress.js
200 OK 0 B URL HTTP/2 lateralphonesecurity.xyz/security-master-9/scripts/progress.js
IP
GET /security-master-9/scripts/progress.js HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=1350
etag: W/"635a6d66-546"
expires: Tue, 07 Feb 2023 08:30:43 GMT
last-modified: Thu, 27 Oct 2022 11:37:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 127000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=526WXKIzWBIhFNLDWWK9pv3i%2FN1w2uxSDrWH4FuY5D1BBxofQXGRU49DY50p%2BSzC0eg20AYMa%2FUeMtHDLp6N8VRMDNJoi4CdTkbVeLW6pxEwemqz5eHkfZy6B0dxDhCWdbFwKojRCcbJJrk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d7f837b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lateralphonesecurity.xyz/security-master-9/scripts/vibrate.js
200 OK 0 B URL HTTP/2 lateralphonesecurity.xyz/security-master-9/scripts/vibrate.js
IP
GET /security-master-9/scripts/vibrate.js HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=291
etag: W/"635a6d66-123"
expires: Tue, 07 Feb 2023 08:30:44 GMT
last-modified: Thu, 27 Oct 2022 11:37:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 126999
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhpL73vAJLlw7ytJUDn9JhB%2BHkfyKs%2BjdppSkejsbQILoqaFx%2BRYhSvpYzIVJQ1SlnfmoHcrEOKm2%2BAGWNeGxwr346JXEpznSLYoLPnINsqS6nqCGmxJHA9Qe196%2B7uvSwXPaTcZWUxIwso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d7f847b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lateralphonesecurity.xyz/security-master-9/scripts/ua-parser.min.js
200 OK 0 B URL HTTP/2 lateralphonesecurity.xyz/security-master-9/scripts/ua-parser.min.js
IP
GET /security-master-9/scripts/ua-parser.min.js HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 27 Oct 2022 11:37:11 GMT
vary: Accept-Encoding
etag: W/"635a6d67-48a9"
expires: Tue, 07 Feb 2023 08:30:43 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 127000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGGjaqqHoOA9SOTSeL3Rf1A8AxslN1rj94WdvnHAD9c6hiZ2ufOPUUqlB5xpA8A21dOg0aWgK7%2FJrlqKt03KT49E0xnUwT5UdPxuGC0QIFXHz7%2FQ0mm8Huif%2BCseenj3ic1pVoxyrahdKuY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d7e804b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lateralphonesecurity.xyz/security-master-9/css/style.css
200 OK 0 B URL HTTP/2 lateralphonesecurity.xyz/security-master-9/css/style.css
IP
GET /security-master-9/css/style.css HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: text/css
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=8117
etag: W/"635a6d5c-1fb5"
expires: Tue, 07 Feb 2023 08:30:43 GMT
last-modified: Thu, 27 Oct 2022 11:37:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 127000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkLmKuINKeAlZRWtoZZZxvvksrGDqKa2TNTrK%2BfNzcqr4iF9%2Fl4b3IKNeUnibX5f4Bba8S%2BwpQCbYHUJUdK0lX8WlpnMv%2FnNjDREMYWUlFdBO0F9IOgirm5reoCg39vfOix8zO6QMQ5CGdI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d7effdb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lateralphonesecurity.xyz/security-master-9/scripts/backblock.js
200 OK 0 B URL HTTP/2 lateralphonesecurity.xyz/security-master-9/scripts/backblock.js
IP
GET /security-master-9/scripts/backblock.js HTTP/1.1
Host: lateralphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lateralphonesecurity.xyz/security-master-9/index.html?clickid=w1cg85nrtbda8ram24amue0i&utm_source=&utm_medium=restart_app2_Security%20Master%20Pop%20LP9%20-Roman&publisher=Bidmag%20%28Roman%29&utm_campaign=Bidmag%20%28Roman%29
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 19:47:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=436
etag: W/"635a6d63-1b4"
expires: Tue, 07 Feb 2023 08:30:44 GMT
last-modified: Thu, 27 Oct 2022 11:37:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 126999
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDCRXpwwcjbyVi2InSCxxOt60Z74I7fCnmXfIjI5%2BDttAzjqTPrghskvHCnbgMurBmO4KrbrQCHzzOBZ8Gprj7GQDVqPzvxBV%2BMcJSgu%2B8y%2BZNX2jRfqt0IW5v8fpG92bhsqtzcK66bmJrk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792d32d80854b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
18.192.108.151
34.160.144.191
139.45.195.8
104.21.60.104
167.114.103.223
23.36.77.32