senecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
301 Moved Permanently 0 B URL HTTP/1.1 senecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: senecaphoneupdate.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 25 Nov 2022 13:58:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 25 Nov 2022 14:58:02 GMT
Location: https://senecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkTlmBjBXRMbjl3mylexGaIXumxZuNe4L7FD0FCYOccwQAM3tnwOLBDbFQ7ynRRQXK33LubI6xkvF0pWzakx2DEOPThnnqlXT3Zq6w1sZhSvh5fbdc6XivV8Pd%2BlAW6Ga6JRkCA%2FYg0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fae59c3ea5b51b-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3360
Expires: Fri, 25 Nov 2022 14:54:03 GMT
Date: Fri, 25 Nov 2022 13:58:03 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3076
Cache-Control: max-age=163467
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:58:03 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:22:30 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5790
Expires: Fri, 25 Nov 2022 15:34:33 GMT
Date: Fri, 25 Nov 2022 13:58:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 13:17:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2437
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash c936f33142380f61891094d83bba29d5
520f6d4e3865a4ee7ecdfa55b980a93cdd5121fe
c651001b0b255e41c0113fdad79570caab6fb23bcda7a74c8ab287f4841529cf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C651001B0B255E41C0113FDAD79570CAAB6FB23BCDA7A74C8AB287F4841529CF"
Last-Modified: Thu, 24 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15140
Expires: Fri, 25 Nov 2022 18:10:23 GMT
Date: Fri, 25 Nov 2022 13:58:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2mQy20eyZFksNX0XSkpQFjc4SpzCKdPdaqV/yjzbNHOot4RFhbAjmaOu67pE98UubO/Y1wRKnNA=
x-amz-request-id: JJ8ZENF286GE9WCS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 13:43:51 GMT
age: 852
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:58:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 13:08:53 GMT
cache-control: public,max-age=3600
age: 2950
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash c936f33142380f61891094d83bba29d5
520f6d4e3865a4ee7ecdfa55b980a93cdd5121fe
c651001b0b255e41c0113fdad79570caab6fb23bcda7a74c8ab287f4841529cf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C651001B0B255E41C0113FDAD79570CAAB6FB23BCDA7A74C8AB287F4841529CF"
Last-Modified: Thu, 24 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15140
Expires: Fri, 25 Nov 2022 18:10:23 GMT
Date: Fri, 25 Nov 2022 13:58:03 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 709 B IP
Hash 4ff92f40a3234be254fff1ffbfd1182d
0d83c4b0b53a7705fb50bfb0d16169c9792f971b
36d6065776cdd385a26ea92303f82054ec3ecbf1bf6a7486100d7488cc91ea11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3249
Cache-Control: max-age=158577
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:58:03 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:01:00 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 94d86bd8aa3fb64d5ef4ba39b2093f46
f6f8b969e6d14af88dcd584c72ad52d904d459e9
43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2391
Expires: Fri, 25 Nov 2022 14:37:54 GMT
Date: Fri, 25 Nov 2022 13:58:03 GMT
Connection: keep-alive
my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8
200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8
IP
Hash 7e1da03b7d5254f7b1d93874c8f85ce4
c1ff6bec84dd9b2bf2bbcd11bb8791444f04b2d7
ff9366f794284e39381efd6b8ae4b6273469134c741ca7c3d6a1e1248e1a98d4
GET /p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:58:03 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 135ed55a8e07837e2d46e0a4a3c61a8f
cef18238037446f2ff7d26b23181ede59cf9eb9b
6c943dc9534081bfe30c0e9bb356b5321e8b56c56154b7668b09425bb2684e8d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 13:58:04 GMT
Last-Modified: Fri, 25 Nov 2022 12:23:09 GMT
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aaqT1EauoautC1uq5GjqsCiDRgrpzld6WRdcisPG1CYYNH8FizY9FA==
Age: 5695
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vjGgUTxjnKGyaR9dIsxjLQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /S4INxu3dhMOPY+SWaHaEwSIGZQ=
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 135ed55a8e07837e2d46e0a4a3c61a8f
cef18238037446f2ff7d26b23181ede59cf9eb9b
6c943dc9534081bfe30c0e9bb356b5321e8b56c56154b7668b09425bb2684e8d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 13:58:04 GMT
Last-Modified: Fri, 25 Nov 2022 12:31:39 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 86C1OqU1ozJ9cdgTbVCHC9adb0DZ8C9HKl8YRuSb4y02zmk4TMab8g==
Age: 5185
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7d906efdce40a5a19cdc41d4e5c3f296
829b5308fce29e5c23a15671cc9997787d1fb0a0
79742d4996b0a2c5f0ed24c1177403f252e59451dc6ceaa543fe54fcc4a89221
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79742D4996B0A2C5F0ED24C1177403F252E59451DC6CEAA543FE54FCC4A89221"
Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Fri, 25 Nov 2022 19:56:57 GMT
Date: Fri, 25 Nov 2022 13:58:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 44e8ffafe6f612c770d176a08f80e5d4
2490be14b79d724044f1c225d0329963dcc33f7f
0808d22df128f20931d86ce2be12c5f1b1b031a083b4bb623b495abe50ad6773
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0808D22DF128F20931D86CE2BE12C5F1B1B031A083B4BB623B495ABE50AD6773"
Last-Modified: Thu, 24 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=650
Expires: Fri, 25 Nov 2022 14:08:54 GMT
Date: Fri, 25 Nov 2022 13:58:04 GMT
Connection: keep-alive
app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
200 OK 0 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /device_by_model?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://senecaphoneupdate.top/
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Fri, 25 Nov 2022 13:58:04 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur
senecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
200 OK 9.9 kB URL HTTP/2 senecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1627)
Hash f0cc26c67c51d8c0216a98eacfe4315f
256436b98fa0527fd2758fc8f3d38035d54d7688
aeeaa4054e1a30a7b242aa36f9acb53fabafe29205f264560b8628595343dd55
GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: senecaphoneupdate.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:03 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 05 May 2022 04:35:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAsh3jjiXX6O%2FxQBXq3KXXWWWwCgkqw9pfQSNZCwYBXUHFBbA81PQV4gii4yW2lfpRp4dBxHzlCOenLi%2F4PpGuEkcTN0NKb4Iu6w2u9nWW8Y2hKouFuIrDmCdpiwvs8F2fHSkcjd7RE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae59e0ab5b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 32711e3e55b1dc847aba118a9e0fd091
a6c11eacd3b8329585d294a6ac2cca7941c24bb5
e01416fc8a821ce83cc0f6f9783241c4075066c747c36da1786951448143334f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E01416FC8A821CE83CC0F6F9783241C4075066C747C36DA1786951448143334F"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21582
Expires: Fri, 25 Nov 2022 19:57:46 GMT
Date: Fri, 25 Nov 2022 13:58:04 GMT
Connection: keep-alive
app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
301 Moved Permanently 0 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /device_by_model?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Server: gunicorn
Date: Fri, 25 Nov 2022 13:58:04 GMT
Content-Type: text/html; charset=utf-8
Location: /device_by_model/?model=x64
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Content-Length: 0
Via: 1.1 vegur
overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
200 OK 8 B URL HTTP/1.1 overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash f30c3a40e9a3e65c868c754a5de95919
65101ff283414b70636ff494d866190a66ed9978
875befe7cefc0715a17dc737f9514dda981f79a3c9f174badcae5bd1cc2425fe
OPTIONS /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://senecaphoneupdate.top/
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Nov 2022 13:58:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Allow: GET,HEAD
analytics.tiktok.com/api/v2/pixel
200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 937
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Cookie: _ttp=2I2fdMAGeZ8f4IsNQ7FjcYs3JPj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202211251358045D1D84581192907CA15B
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebe802024c2f9cb24329469b2a0ee76db1749ac55dd46b755a615e60246d241540a86fdb6cf9c0b7036552e3db8bdf7277252171d0dc8c4b0bbdddd0ecde81bc41
x-origin-response-time: 19,23.218.220.136
x-akamai-request-id: bc9534fd.577c4072
expires: Fri, 25 Nov 2022 13:58:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 25 Nov 2022 13:58:04 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-218-220-136.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=19, inner; dur=15
x-parent-response-time: 117,23.36.79.28
X-Firefox-Spdy: h2
app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
200 OK 0 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Fri, 25 Nov 2022 13:58:04 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur
my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fsenecaphoneupdate.top%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fsenecaphoneupdate.top%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fsenecaphoneupdate.top%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:58:04 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7ddeaf1743c845bfa267cf7207047e10; expires=Sat, 25 Nov 2023 13:58:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
200 OK 126 B URL HTTP/1.1 overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
IP
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash c8f85db18fe8f89306f6c0819c67036d
7b5c44e4a9fd70e664aa4fe54fc0bd7bb3963a31
a71ab24977d03d440189548647bee7fdbdf0d6dee44478d1f6b44f17699a75ee
GET /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Nov 2022 13:58:04 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 126
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aa4f9ac5fac8741af0f6863fb741ba98
8794e1a4713f96baf4a6729dba30d42c37e21749
b65b7fb441d78d75685f9062f7fe4c807cfcf366f425a50a53d41598bc68bbac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B65B7FB441D78D75685F9062F7FE4C807CFCF366F425A50A53D41598BC68BBAC"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5916
Expires: Fri, 25 Nov 2022 15:36:40 GMT
Date: Fri, 25 Nov 2022 13:58:04 GMT
Connection: keep-alive
app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
404 Not Found 86 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
IP
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 024c203b02c3d88f5e07d125220aa18a
4450bc452d44c05834e068f5341745b2e81ebbe3
a7360add54a81883d7f3e724d07de917a7fcd5cc190db96b7de642d34ceb2787
GET /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://senecaphoneupdate.top
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Connection: keep-alive
Server: gunicorn
Date: Fri, 25 Nov 2022 13:58:04 GMT
Content-Type: application/json
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Length: 86
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Via: 1.1 vegur
track.profitableredirect.com/e69b0e43-f199-496b-87cc-2daa322bb681
200 OK 816 B URL HTTP/2 track.profitableredirect.com/e69b0e43-f199-496b-87cc-2daa322bb681
IP
Hash 4f0ad2dd016513be2f2ebf6c55e21cc2
87931bab3544c4edbdaeff386008b0f9046c1621
6145218c677fcbb15fa19725a82432c7d9812bc4283017fbffaeec203785f17b
GET /e69b0e43-f199-496b-87cc-2daa322bb681 HTTP/1.1
Host: track.profitableredirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:58:04 GMT
content-type: text/html;charset=UTF-8
content-length: 724
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=0aKuJ_L2TiE7g5u2wOGlN-hekMCvYEJNWNk_SWwQ68k; Max-Age=86400; Expires=Sat, 26-Nov-2022 13:58:04 GMT; Domain=track.profitableredirect.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=ZkKJlVAPnDTovTaqDiI%2B7nBYV0nwRpQkxbhvlXgY7Pya1gUxy0rOcpfbCa5ZCXGvnByXj9qqmEAEbeZB54zoJ22IOOHopFjNYYUGDwPUczmbXuq2Ad3l77%2Bedzxs5xIWC%2Bzcd69axh4VENf6nvPQaA%3D%3D; Max-Age=31536000; Expires=Sat, 25-Nov-2023 13:58:04 GMT; Domain=track.profitableredirect.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ea141cfd99b6396d70ba37f0c622c1d3
85e4a6529a8ccaa445b81162098ec1b5943ed51c
beb57722edc3a4176a2e5b390ecb597169d06bc6f73ba1fcb53ca536a8020b90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEB57722EDC3A4176A2E5B390ECB597169D06BC6F73BA1FCB53CA536A8020B90"
Last-Modified: Fri, 25 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9886
Expires: Fri, 25 Nov 2022 16:42:51 GMT
Date: Fri, 25 Nov 2022 13:58:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 94d86bd8aa3fb64d5ef4ba39b2093f46
f6f8b969e6d14af88dcd584c72ad52d904d459e9
43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2389
Expires: Fri, 25 Nov 2022 14:37:54 GMT
Date: Fri, 25 Nov 2022 13:58:05 GMT
Connection: keep-alive
ouhastay.net/favicon.ico
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouhastay.net/afu.php?zoneid=3647676
Cookie: OAID=7ad474e4401c44379b0f2136f4009989; oaidts=1669384685
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 25 Nov 2022 13:58:05 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=merge&userId=7ad474e4401c44379b0f2136f4009989
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=7ad474e4401c44379b0f2136f4009989
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=7ad474e4401c44379b0f2136f4009989 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouhastay.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7ad474e4401c44379b0f2136f4009989; expires=Sat, 25 Nov 2023 13:58:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ouhastay.net/?z=3647676&syncedCookie=true&rhd=false
302 Found 0 B URL HTTP/2 ouhastay.net/?z=3647676&syncedCookie=true&rhd=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /?z=3647676&syncedCookie=true&rhd=false HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 455
Origin: https://ouhastay.net
Connection: keep-alive
Referer: https://ouhastay.net/afu.php?zoneid=3647676&var=3647676&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false
Cookie: OAID=7ad474e4401c44379b0f2136f4009989; oaidts=1669384685
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 13:58:05 GMT
content-length: 0
location: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
x-trace-id: 9c904d8f8b133883a4a88de2417869bc
link: <https://broker-systems.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
access-control-allow-origin: https://ouhastay.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=7ad474e4401c44379b0f2136f4009989; expires=Sat, 25 Nov 2023 13:58:05 GMT; path=/; secure; SameSite=None
oaidts=1669384685; expires=Sat, 25 Nov 2023 13:58:05 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 02 Dec 2022 13:58:05 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 3ff73a5b0e3e9b0230351938aab0b196
3f14146e978aa182b5359afea2f39ec8258ea23d
f1bb4fbf24afdea78791ecca75e25e7c169524c9f8c1b3309c271a129c81bc0a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=149230
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:58:05 GMT
Etag: "63806ddb-117"
Expires: Sun, 27 Nov 2022 07:25:15 GMT
Last-Modified: Fri, 25 Nov 2022 07:25:15 GMT
Server: nginx
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3219
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 13:58:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3219
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 13:58:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3219
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 13:58:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:53 GMT
age: 58212
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 57800
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 57806
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/identify.js
200 OK 35 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/identify.js
IP
ASN #20940 Akamai International B.V.
Hash ddcade2900b8a8ca4cd5b5d53df18bb5
5cb1acc9c1d0bc6888078dc7ff4ea90ab838712c
19ba79601b7a3f7f44481458c3bd3aec887e1f71acf78831a37a6f9eb48ba231
GET /i18n/pixel/identify.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202211251358041DADD2BCFA7A08922523
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b07d6441f728f51009cc13b8a600b3466733aa71db956da589d409a18e64bfa7ea75f6ef1cda767e37b480b6c49ec9058
content-encoding: gzip
expires: Fri, 25 Nov 2022 13:58:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 25 Nov 2022 13:58:04 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=2, origin; dur=102
x-origin-response-time: 102,23.36.79.28
x-akamai-request-id: 577c3f73
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 34505
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6673267df195141739d1018c17101368
b80047da428636adb7027f12718c8d11bd461da4
de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 74438
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
broker-systems.com/assets/img/2021/07/03/1627983967543-9619d850-d57a-4851-807a-02068b4f5e17.png
200 OK 14 kB URL HTTP/2 broker-systems.com/assets/img/2021/07/03/1627983967543-9619d850-d57a-4851-807a-02068b4f5e17.png
IP
File type PNG image data, 200 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash 85ab2db69e24280a66e01692320337a1
36e4f076eaceeac945160a9b6f4ab0b01a23ff38
9623615e71a52200c4c9eaac0998f8508f55d53c9d562b3d02d7e0aebcacbdfc
GET /assets/img/2021/07/03/1627983967543-9619d850-d57a-4851-807a-02068b4f5e17.png HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: image/png
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJZt9et7UiBV7%2FBUgQDLUahwYBIGTyo6yhi5Ye%2BGxjRrSciVsFIuIPHWdwpFW49zUst79oXuCp5x6MD5yzNXxEx4hCpT0XFMpFaXAsQRCWCffK57XJ8OJsPs2I%2B5J5cz8WVHOcw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af5a00b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:58:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
broker-systems.com/assets/reg/v2/registration.js
200 OK 5.8 kB URL HTTP/2 broker-systems.com/assets/reg/v2/registration.js
IP
File type Unicode text, UTF-8 text, with very long lines (22747)
Hash 45f2996cfaabde88eebcb53730d8a2a2
24b553ac4da86f7592049946b5c4cab2ab0b937b
06f88c71ea9b23612ccb4f55e9ae3d375b050100c4562b7cb0f79857ed5c0f79
GET /assets/reg/v2/registration.js HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: application/javascript; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
cf-cache-status: HIT
age: 1103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4KSbBKT1GMhVLvfpMceHAi8rGSxe6QwN%2Blv86KfrUBo383yrklaZd3%2FLso4YMI52RworsMwWXguMm5AJ7yz1BqZGJaLhV6w7fBP0bYzUb5rZyArOe6HurcK8I9DsaqVwgNmEzE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af59f3b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
broker-systems.com/assets/reg/v2/registration-form.js
200 OK 59 kB URL HTTP/2 broker-systems.com/assets/reg/v2/registration-form.js
IP
File type Unicode text, UTF-8 text, with very long lines (41190)
Hash a01c9f733f4f7577e6b413166b33c3af
e0a0cdf13a7a488b7b8c5a9edd7430eb40d5c9c6
8f15564e27580feb3c6d312abb316585963dbf277dd32e31c39ab54908c84dee
GET /assets/reg/v2/registration-form.js HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
cf-cache-status: HIT
age: 1103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fimH8J3%2FdWG6Y5%2B4gxw8HsbBOxDVYinaVImIZa0mgRVZp6bEoaRyhNS3oAsAH32fSuoHDnh%2F1tjI0JGQX%2BNMFpeVDltzQldK%2BwaoBssOFgn1BvgZmcK2nGfIUkhAy7oumMZbhoM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af59f7b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
broker-systems.com/assets/img/2021/07/03/1627994280359-a8930d1d-c68c-48c1-9109-f4c3e8036b91.png
200 OK 2.1 kB URL HTTP/2 broker-systems.com/assets/img/2021/07/03/1627994280359-a8930d1d-c68c-48c1-9109-f4c3e8036b91.png
IP
File type PNG image data, 119 x 113, 8-bit colormap, non-interlaced\012- data
Hash 4752c8021a41e7bfbb1b79ecaeccbdda
4ba53911c67a9348f82549877cea4e5b531870cc
af41e513c110faed295f378c8e1a22e9d72e03d980a5f28d32d55292473fdddc
GET /assets/img/2021/07/03/1627994280359-a8930d1d-c68c-48c1-9109-f4c3e8036b91.png HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: image/png
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1074
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWCWJw5X8rkZ81I9qbGT6Kl%2FBp62e2kdQMhcCLH5O05f3N1FeY9SyvOBgbvg46yANPjMgfGbzInP5tuk2eydtKnsuUqm%2FVwCu%2BkSOHN33c1NddCQ%2FpY%2B%2BzePz2JAUlUCYij9h1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af6a11b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
broker-systems.com/assets/at/v5/tracking.js
200 OK 11 kB URL HTTP/2 broker-systems.com/assets/at/v5/tracking.js
IP
File type Unicode text, UTF-8 text, with very long lines (28968)
Hash be87033f0c1f7c5a527a353dd380a3fc
9775696aed4f4c22ab3fdbc7a1a6b37ad4c71aee
57934d883a60a8fbc0c7b3d91d6064c0f8760e15c7be4499bfe8f1bd77290e48
GET /assets/at/v5/tracking.js HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: application/javascript; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
cf-cache-status: HIT
age: 1103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKwK3vZlbwWB56gN%2FG1aP%2BMpxEBEqAIGvn0JPMtcelcXQRfiTL%2BMAIjZpr8biQljR0U3h0i6B5iv8sNSZqj8nAyXjtp45oeYglJMv0%2B68v4qKJhOeQqdTVmEmbj65M4DL%2Brrbvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af59fcb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
broker-systems.com/assets/img/2021/07/03/1627979101733-6f5c97a5-241b-4c75-a8ad-48f67971041f.png
200 OK 2.0 kB URL HTTP/2 broker-systems.com/assets/img/2021/07/03/1627979101733-6f5c97a5-241b-4c75-a8ad-48f67971041f.png
IP
File type PNG image data, 117 x 93, 8-bit colormap, non-interlaced\012- data
Hash 49f1401d77904fc61edfe8d552d12a6a
62d0c898e2d675d046f4e87ef2f745e5f9bf732d
e329fb4f42cae49eaba4fd19890d128dfac0fdf6aefae14f719eb7dbdbb5c8ab
GET /assets/img/2021/07/03/1627979101733-6f5c97a5-241b-4c75-a8ad-48f67971041f.png HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: image/png
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g35oki%2FHgoBWHzNVX4h4ffSZnI%2B8hLyZyKNeGMXABgfneajFOHDC7fSWxEcCqzLRfplSsFMgNvP7Gz7Z8xPK6%2BPcdfuOrUr7G1c9Q71XX7ig%2B5H5QQU1QgdSky2YpD66%2FBK9aIk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af6a16b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
broker-systems.com/assets/img/2021/07/03/1627983981297-09ae9196-87ef-4a69-938e-8ca455880a42.png
200 OK 7.7 kB URL HTTP/2 broker-systems.com/assets/img/2021/07/03/1627983981297-09ae9196-87ef-4a69-938e-8ca455880a42.png
IP
File type PNG image data, 300 x 66, 8-bit/color RGBA, non-interlaced\012- data
Hash c7e3d1e9dd0ccbc1384eb34b84dbc4d8
7d6b6778c5ef1e0c9cf2dd0e7847ac1e0f2d6676
5d05c876af16bac58a824b6783b75144a5fd475d66b643cf3f6c4d352e49a65a
GET /assets/img/2021/07/03/1627983981297-09ae9196-87ef-4a69-938e-8ca455880a42.png HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: image/png
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAwdp7twocrFm0pmzC5h8QVmGlDN3HcvtdxaX9%2FLshToX4FMJ2PmznqYsO%2BtGQbhp%2F47QyRLhqJDvbiSKfsoXbc8thEdy6cRU1U%2Fdk4jeZzeoinyk4tKqkPkn7TIUFmpEaDWU5Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af5a06b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
200 OK 5.7 kB URL HTTP/2 cdntechone.com/stattag.js
IP
File type ASCII text, with very long lines (12932), with no line terminators
Hash b8f2cab9c0d8795ea3a6f350e3cd1795
bad2faff91b744e0a9a9d8ac25d5c7b7307ef955
8655610b28a26fb1008be179b3a5f363aced99cb682c7c2fa0caf5b3d3440310
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:06 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6150
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TJdUUiIdBbQCc0ejD1ij0VskJr8GoLfzXzgxWmf59znxFF%2BxsUbDSfVmcj%2FiCAfQv718Y3hra8sHCiaacDG8V5O%2B28IayCmlJFiWY9FkON2RBxZYy3svRsZ0CgdzoffZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fae5b039271bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
broker-systems.com/assets/img/2021/06/26/1627289251805-4a55db67-c49c-4dc8-ad85-b582754777ff.jpg
200 OK 109 kB URL HTTP/2 broker-systems.com/assets/img/2021/06/26/1627289251805-4a55db67-c49c-4dc8-ad85-b582754777ff.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2800x895, components 3\012- data
Size 109 kB (108777 bytes)
Hash 26df5069c76843bf93433094d00b5bb5
c3c2372d9684e379c110d5871c5285a218bf2353
787b3e802d57f3cd3ac5b9ad8a3f922d55e410d459ff4e11658664e546bdfb4d
GET /assets/img/2021/06/26/1627289251805-4a55db67-c49c-4dc8-ad85-b582754777ff.jpg HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:06 GMT
content-type: image/jpeg
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Og9aPD5HF2LbstajZx5BBkhLvDPyktV2D8JLudajX7DFZnoCoGnVCEbs%2Bjw2nL6SPxP7JyK06JulSgYcQjrVvZYDA%2FTDYy0l2vIhNj%2F2agPkJn3mVVeAikRkyMfDjmusyjDhoek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5b04b66b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Hash 312bcfa92b0b0a09c3f404b2c662a0b6
5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:28:35 GMT
expires: Thu, 23 Nov 2023 18:28:35 GMT
cache-control: public, max-age=31536000
age: 156571
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
broker-systems.com/assets/img/2022/02/04/1646413684488-18ea1365-fd52-4a50-b07f-2ba9046efb59.png
200 OK 7.9 kB URL HTTP/2 broker-systems.com/assets/img/2022/02/04/1646413684488-18ea1365-fd52-4a50-b07f-2ba9046efb59.png
IP
File type PNG image data, 513 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash d5525560e0ccf916906c66d998fe5682
b80c2457e13d9e0736ba37da0642166ce6d8a15f
e85410035d52ceb50476b870034b9a25d99078b1bb4429141c61ffa64d508bff
GET /assets/img/2022/02/04/1646413684488-18ea1365-fd52-4a50-b07f-2ba9046efb59.png HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: image/png
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S97X9NcDr9dnb53Hof1g67MJKu2cErj6u9fNLvMtR1qOuPhi4kTN6pJlE0F%2F4C58JivjuG5IraA64cXcJh50cttG7UGUMBAUNx0S8hKb%2BspPVNb94KsC4rqlJSZo8ujlkD87FpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af59fdb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash a54c80dec1c95f72609427d03724eeff
6f1afb5ac564d8f2daf59fe962fb059dcdb201f1
ac57e57ff83ab2ced0f8d7c0f806ebacae13fae70995eb076269a0b65ac81ff9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5588
Cache-Control: max-age=101182
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:58:06 GMT
Etag: "637f9c58-116"
Expires: Sat, 26 Nov 2022 18:04:28 GMT
Last-Modified: Thu, 24 Nov 2022 16:31:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
www.googleoptimize.com/optimize.js?id=OPT-TLN47DR
200 OK 44 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-TLN47DR
IP
File type ASCII text, with very long lines (1921)
Hash 3aef15d1379916130c74415a504b2a94
bcc13f768a1a6764ce31559a2dc75f5738fbb8b9
cada3970321f0a75d9b6ed7ce9ca7b182ce7c5800648e5d5f77dc7d1d57fbccf
GET /optimize.js?id=OPT-TLN47DR HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 13:58:06 GMT
expires: Fri, 25 Nov 2022 13:58:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44245
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flagicons.lipis.dev/flags/4x3/no.svg
200 OK 188 B URL HTTP/2 flagicons.lipis.dev/flags/4x3/no.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash f916e66fd4723d7b98979d330bdab4d4
b30df178bab8c3751c9e593dc19999823d98c6a7
9c4ce2506adbbb63dda2139fb698e6ec80134b41862e8206d431ba3607cd4148
GET /flags/4x3/no.svg HTTP/1.1
Host: flagicons.lipis.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Wed, 19 Oct 2022 08:52:22 GMT
access-control-allow-origin: *
etag: W/"634fbac6-13e"
expires: Sun, 20 Nov 2022 06:21:53 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: ECA6:9356:1523F66:1CD8CDC:6379C529
accept-ranges: bytes
date: Fri, 25 Nov 2022 13:58:06 GMT
via: 1.1 varnish
age: 397
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669384687.759254,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 5337d286dd0cadd3889b2a6775a25d3dec821366
content-length: 188
X-Firefox-Spdy: h2
my.rtmark.net/p.js?f=sync&lr=1&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a
200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a
IP
Hash 109d9d0f284658da4525b3d1c0ead2ec
3fc4214c1bef95a85db5eaa84c262d6d85275b6e
73657615b5abe9d595c5dcb7faa33dd526743bc03168c7fd72de56d573c5cc7c
GET /p.js?f=sync&lr=1&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:58:06 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
player.vimeo.com/external/465726082.hd.mp4?s=e5c3d3024ed8e02293307a9d67b5e6f9b16e59e8&profile_id=174
302 Found 0 B URL HTTP/1.1 player.vimeo.com/external/465726082.hd.mp4?s=e5c3d3024ed8e02293307a9d67b5e6f9b16e59e8&profile_id=174
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /external/465726082.hd.mp4?s=e5c3d3024ed8e02293307a9d67b5e6f9b16e59e8&profile_id=174 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 25 Nov 2022 13:58:06 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Location: https://vod-progressive.akamaized.net/exp=1669399086~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=47549aa81d1fb17d06a9389d6854cb0435a289dc583322037a3abee927fb345c/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Host: player-backend-5ff8dcb846-5vmcc
X-Player-Backend: g
X-Xss-Protection: 1; mode=block
Via: 1.1 google, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-bma1667-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1669384687.639212,VS0,VE147
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=LnhZlxY52MzL6SFfFddQscJ2OOXgaZAQQVbC2ytY3K0-1669384686-0-AR07LvZEfIzyO5pJGdruyYsBnmZgvKoL3P403F+35/4dsejydrzI4ne4bHT8HyMz6MGf2sIQ1Gh0Zntfd2swUtM=; path=/; expires=Fri, 25-Nov-22 14:28:06 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 76fae5b368eb1c0a-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 8a2e7ab9f879e661a79bbd1a8941771d
2ffaca360ca166595c22af6993fe09f828d94f2e
7de1ce8e8144f318bd65ae8f6cfc023abdd5f34da94a0fd9098b18e1be3413d2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:58:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 16:52:35 GMT
Expires: Thu, 01 Dec 2022 16:52:34 GMT
Etag: "2ffaca360ca166595c22af6993fe09f828d94f2e"
Cache-Control: max-age=528267,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fae5b40b06b509-OSL
datatechone.com/log/add?cid=0146f596-44d1-40c0-b3b5-74fcad621e75
200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=0146f596-44d1-40c0-b3b5-74fcad621e75
IP
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=0146f596-44d1-40c0-b3b5-74fcad621e75 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1122
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 13:58:06 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://broker-systems.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 12:41:08 GMT
expires: Fri, 25 Nov 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 4619
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vod-progressive.akamaized.net/exp=1669399086~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=47549aa81d1fb17d06a9389d6854cb0435a289dc583322037a3abee927fb345c/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4
206 Partial Content 12 MB URL HTTP/1.1 vod-progressive.akamaized.net/exp=1669399086~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=47549aa81d1fb17d06a9389d6854cb0435a289dc583322037a3abee927fb345c/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4
IP
ASN #20940 Akamai International B.V.
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 12 MB (11965965 bytes)
Hash 0c1aebccd0eae38227386a78d9c14b01
f05673ace82e6c754989e36334a939d66fadf3c8
d945e04c74f6b88360ee453d3183015ed971b3dd55c89de0d36e11e117c0137d
GET /exp=1669399086~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=47549aa81d1fb17d06a9389d6854cb0435a289dc583322037a3abee927fb345c/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4 HTTP/1.1
Host: vod-progressive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: https://broker-systems.com/
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
X-GUploader-UploadID: ADPycdvFALOJgFC8lHRE0XZtj_vOO8NMw94V883uDWMJyDi0Z5tzcMZ5sJ_cbHrMp_W3I5t9ZIwCFXUG4i7oN_MZINQBq6BT75Ie
x-goog-generation: 1661020573365224
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11965965
x-amz-meta-x-goog-reserved-source-generation: 1602068348320686
x-goog-hash: crc32c=hqujiA==, md5=DBrrzNDq44InOGp42cFLAQ==
x-goog-storage-class: COLDLINE
Accept-Ranges: bytes
Server: UploadServer
Aka-c-hit: cache-hit
Last-Modified: Sat, 20 Aug 2022 18:36:13 GMT
ETag: "0c1aebccd0eae38227386a78d9c14b01"
Cache-Control: private, max-age=25832551
Expires: Wed, 20 Sep 2023 13:40:38 GMT
Date: Fri, 25 Nov 2022 13:58:07 GMT
Content-Range: bytes 0-11965964/11965965
Content-Length: 11965965
Connection: keep-alive
AK-REFERENCE-ID: 0.774c2417.1669384687.35a793e
Akamai-Mon-Iucid-Del: 875210
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
Timing-Allow-Origin: *
X-VIM-CACHEBC: EP:H11,E:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.123
www.google-analytics.com/j/collect?v=1&_v=j98&a=1115710953&t=pageview&_s=1&dl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D620006910393061509%26country%3DNO%26campaignid%3D6340333%26cost%3D0.005863%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3&ul=en-us&de=UTF-8&dt=broker-systems.com&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YADAAAABQAAAAC~&jid=716033388&gjid=958363298&cid=1584228869.1669384686&tid=UA-123565908-17&_gid=956064178.1669384686&_r=1>m=2wgb90MLX3JTP&z=366793825
200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1115710953&t=pageview&_s=1&dl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D620006910393061509%26country%3DNO%26campaignid%3D6340333%26cost%3D0.005863%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3&ul=en-us&de=UTF-8&dt=broker-systems.com&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YADAAAABQAAAAC~&jid=716033388&gjid=958363298&cid=1584228869.1669384686&tid=UA-123565908-17&_gid=956064178.1669384686&_r=1>m=2wgb90MLX3JTP&z=366793825
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1115710953&t=pageview&_s=1&dl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D620006910393061509%26country%3DNO%26campaignid%3D6340333%26cost%3D0.005863%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3&ul=en-us&de=UTF-8&dt=broker-systems.com&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YADAAAABQAAAAC~&jid=716033388&gjid=958363298&cid=1584228869.1669384686&tid=UA-123565908-17&_gid=956064178.1669384686&_r=1>m=2wgb90MLX3JTP&z=366793825 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://broker-systems.com
date: Fri, 25 Nov 2022 13:58:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
my.rtmark.net/img.gif?f=sync&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a&ttl=&rurl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D620006910393061509%26country%3DNO%26campaignid%3D6340333%26cost%3D0.005863%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a&ttl=&rurl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D620006910393061509%26country%3DNO%26campaignid%3D6340333%26cost%3D0.005863%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a&ttl=&rurl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D620006910393061509%26country%3DNO%26campaignid%3D6340333%26cost%3D0.005863%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:58:07 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=21a58eb5503a436aacf209793ddcb0d6; expires=Sat, 25 Nov 2023 13:58:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-Y5BMFENDVB>m=2oeb90&_p=1115710953&cid=1584228869.1669384686&ul=en-us&sr=1280x1024&_s=1&sid=1669384686&sct=1&seg=0&dl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D620006910393061509%26country%3DNO%26campaignid%3D6340333%26cost%3D0.005863%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3&dt=broker-systems.com&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-Y5BMFENDVB>m=2oeb90&_p=1115710953&cid=1584228869.1669384686&ul=en-us&sr=1280x1024&_s=1&sid=1669384686&sct=1&seg=0&dl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D620006910393061509%26country%3DNO%26campaignid%3D6340333%26cost%3D0.005863%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3&dt=broker-systems.com&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Y5BMFENDVB>m=2oeb90&_p=1115710953&cid=1584228869.1669384686&ul=en-us&sr=1280x1024&_s=1&sid=1669384686&sct=1&seg=0&dl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D620006910393061509%26country%3DNO%26campaignid%3D6340333%26cost%3D0.005863%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3&dt=broker-systems.com&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://broker-systems.com
date: Fri, 25 Nov 2022 13:58:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 82d582f9d61bc8a00c9a0402c0ea863c
11efbd238d2aa34cf31e224ce915a8bda8f6b923
503332de950ab70d7ba88551be6da9a731c51a32875be710c66f5dbb2df54eb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
europe-west2-tech-microservices-production.cloudfunctions.net/batch-event-collector
200 OK 22 B URL HTTP/2 europe-west2-tech-microservices-production.cloudfunctions.net/batch-event-collector
IP
File type ASCII text, with no line terminators
Hash 7ed7900fc45647ddd2f5e4799f6e3f4e
c599a3e8d0cf90430834cda9a07a4b52dd609a7c
a0ce47d8f99c7c1b5988ae1c07711bb0aed25484d8ce3563c3a589f2d7216c2f
POST /batch-event-collector HTTP/1.1
Host: europe-west2-tech-microservices-production.cloudfunctions.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1171
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
function-execution-id: w6i4gz1nf3kn
x-powered-by: Express
x-cloud-trace-context: 216b23237881b2ae88a5c528847d9a44
content-encoding: gzip
date: Fri, 25 Nov 2022 13:58:07 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 82d582f9d61bc8a00c9a0402c0ea863c
11efbd238d2aa34cf31e224ce915a8bda8f6b923
503332de950ab70d7ba88551be6da9a731c51a32875be710c66f5dbb2df54eb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
200 OK 0 B URL HTTP/2 broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
IP
GET /compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQpfs091qNyI3NZWu%2BkLc1YCwziJ637SfoogRSD%2BaqidlV4cAT0dfEJLsf3AE5RMfZ1N5WGNc8lInCcQFbJivgia%2Bm9%2FRPR6V0CMv78DRCcZacrQRJl7qQ%2BlUfOSCkxFp2CCOH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5aced5bb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq
200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq
IP
ASN #20940 Akamai International B.V.
GET /i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2022112513580382418695FE08CBA2EC08
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b8c4560aa47662a253c143cd0055ba42c14c5098d434a87977310bf06467b4fd320e675571cf581272d6b8cd3265eb4fb
content-encoding: gzip
expires: Fri, 25 Nov 2022 13:58:03 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 25 Nov 2022 13:58:03 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=101
x-origin-response-time: 101,23.36.79.28
x-akamai-request-id: 577c3d0c
X-Firefox-Spdy: h2
redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js
200 OK 0 B URL HTTP/2 redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js
IP
GET /pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:58:04 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-12fca"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8SQEGFV9S6N3MLDFVTG&hostname=senecaphoneupdate.top
200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=C8SQEGFV9S6N3MLDFVTG&hostname=senecaphoneupdate.top
IP
ASN #20940 Akamai International B.V.
GET /i18n/pixel/config.js?sdkid=C8SQEGFV9S6N3MLDFVTG&hostname=senecaphoneupdate.top HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221125135804085852C1AE6316A3E5F0
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb3db49c777b53f0869cfbbab6a47b28ff3f5cf2974ab5b1443e1b5a13be33b1e52081c44f4de47cefd6fb09d2239a69339e509b165b8b68bf926952ede667ce8b
content-encoding: gzip
x-origin-response-time: 12,23.218.220.146
x-akamai-request-id: ba950e2e.577c3f7a
expires: Fri, 25 Nov 2022 13:58:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 25 Nov 2022 13:58:04 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2I2fdMAGeZ8f4IsNQ7FjcYs3JPj; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-220-146.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=12, inner; dur=3
x-parent-response-time: 115,23.36.79.28
X-Firefox-Spdy: h2
broker-systems.com/assets/img/2021/06/23/1627034872559-2caa23ff-eecf-4033-b355-8c1f5da0ec76.png
200 OK 0 B URL HTTP/2 broker-systems.com/assets/img/2021/06/23/1627034872559-2caa23ff-eecf-4033-b355-8c1f5da0ec76.png
IP
GET /assets/img/2021/06/23/1627034872559-2caa23ff-eecf-4033-b355-8c1f5da0ec76.png HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: image/png
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeDMcYD1DQHXfR%2FUlh3kiFgRUpXaGypw%2FE50yMFYS6f5ZrjsLeiRKxYqkvrgzchYe6hwvdtl1OkmnRJ6md0KDatkD35mRzCGIQdtvLINqnYNwIGjvl0aIX3dalrZ06dh6oMvpjw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af6a0eb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
broker-systems.com/assets/img/2021/07/03/1627994300561-5bf0b534-f69d-4dab-ba2c-ade842022f0f.png
200 OK 0 B URL HTTP/2 broker-systems.com/assets/img/2021/07/03/1627994300561-5bf0b534-f69d-4dab-ba2c-ade842022f0f.png
IP
GET /assets/img/2021/07/03/1627994300561-5bf0b534-f69d-4dab-ba2c-ade842022f0f.png HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:06 GMT
content-type: image/png
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NE4Mh3sX3phmu3Cv4ZsWzMK8x8jFR8TKAsDX5ET5GIqf5dbWGOUd4KZc7Ljc0D%2Bu0XMYAXJubzUIucCSnLTltJT6ohXraki5rKETvIfavYLp2ydKYnqqx8%2B%2Fh9QV%2FVRitCNNJFk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af6a13b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
broker-systems.com/assets/img/2021/06/28/1627484559621-a2880a7f-56da-4ccf-98eb-f1448814c9da.jpg
200 OK 0 B URL HTTP/2 broker-systems.com/assets/img/2021/06/28/1627484559621-a2880a7f-56da-4ccf-98eb-f1448814c9da.jpg
IP
GET /assets/img/2021/06/28/1627484559621-a2880a7f-56da-4ccf-98eb-f1448814c9da.jpg HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:06 GMT
content-type: image/jpeg
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeqPoPlGgdXcO17zPJoFnF1TckkzA7xgkr4JKtk6vc9E6fukcnpVa0ums9WAVFWtnRtDOIOkHxwfY4rEbyiFiu9wLRhynRmZi1RwwtHbQnjlhMUnWezraIdI6b4kyjNnWfKQgPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5b04b6ab4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
broker-systems.com/assets/img/2021/06/23/1627034952535-217e2eaa-ce12-41ea-92b9-82e94483661c.png
200 OK 0 B URL HTTP/2 broker-systems.com/assets/img/2021/06/23/1627034952535-217e2eaa-ce12-41ea-92b9-82e94483661c.png
IP
GET /assets/img/2021/06/23/1627034952535-217e2eaa-ce12-41ea-92b9-82e94483661c.png HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: image/png
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YloAKl2Em01zHtohJLuZaSOp6mI9Z3zLoxSJ7BD42vIQ6rBObNOm3KNm4YROIY8rBpqatDqt54i1zIZnOnL6iV00oMqnpDLaXQ42rRceX3Kn%2FrYssiaq7GCSb9MHwBfs4slcgx8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af5a04b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
broker-systems.com/assets/img/2021/06/26/1627297013883-7dbc897f-02ca-4586-9259-4c23ea49acb5.png
200 OK 0 B URL HTTP/2 broker-systems.com/assets/img/2021/06/26/1627297013883-7dbc897f-02ca-4586-9259-4c23ea49acb5.png
IP
GET /assets/img/2021/06/26/1627297013883-7dbc897f-02ca-4586-9259-4c23ea49acb5.png HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: image/png
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxTIbk1M2YjcY2GOeGPKs9hBrVnF6fHqJl5YdEcBIYPWiakSGvZnwtsxwQOhx5FDZAkG5lOXkuI8mkkAV1v24yQAIs5XSCDuApyC4ofsK5Rggjj8LUs1w%2FqyfnLM9Wucl7zdUtU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af6a0fb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
broker-systems.com/assets/img/2021/07/03/1627994332152-c4584953-f3aa-4b49-b0fb-e9b64e9d2a97.png
200 OK 0 B URL HTTP/2 broker-systems.com/assets/img/2021/07/03/1627994332152-c4584953-f3aa-4b49-b0fb-e9b64e9d2a97.png
IP
GET /assets/img/2021/07/03/1627994332152-c4584953-f3aa-4b49-b0fb-e9b64e9d2a97.png HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: image/png
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B267qpOLC44roz09e9CSvypjBHlf%2BH6BFg3ghjDvrTzfJYNqIZXj7rcSAdC3be%2FknpZBWO%2BwxLYuyQqjZvsKAERmza5%2F52dS1DwnbZHkv9fxluL3kBo8G5F%2F7Xa2yp5%2Bzrc%2BlFQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af6a15b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1669384684914&hash=oDAcxvbjr6wMK2pu5JKKdGyMo8CvbBdE7y612e23v_0&rm=DJ
200 OK 0 B URL HTTP/2 track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1669384684914&hash=oDAcxvbjr6wMK2pu5JKKdGyMo8CvbBdE7y612e23v_0&rm=DJ
IP
GET /redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1669384684914&hash=oDAcxvbjr6wMK2pu5JKKdGyMo8CvbBdE7y612e23v_0&rm=DJ HTTP/1.1
Host: track.profitableredirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=0aKuJ_L2TiE7g5u2wOGlN-hekMCvYEJNWNk_SWwQ68k; cc-v4=ZkKJlVAPnDTovTaqDiI%2B7nBYV0nwRpQkxbhvlXgY7Pya1gUxy0rOcpfbCa5ZCXGvnByXj9qqmEAEbeZB54zoJ22IOOHopFjNYYUGDwPUczmbXuq2Ad3l77%2Bedzxs5xIWC%2Bzcd69axh4VENf6nvPQaA%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:58:05 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
unpkg.com/vue@2.6.14/dist/vue.min.js
200 OK 0 B URL HTTP/2 unpkg.com/vue@2.6.14/dist/vue.min.js
IP
GET /vue@2.6.14/dist/vue.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:06 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"16fc7-2o16WfTmzFXqWKvsM++c67m6Z8E"
via: 1.1 fly.io
fly-request-id: 01F7JYERAAW5E3031G1EAGDR8T
cf-cache-status: HIT
age: 14788855
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76fae5afa9321c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
broker-systems.com/assets/img/2021/08/08/1631094157993-71e6734e-0583-460e-ad85-f2e9c96f6f65.png
200 OK 0 B URL HTTP/2 broker-systems.com/assets/img/2021/08/08/1631094157993-71e6734e-0583-460e-ad85-f2e9c96f6f65.png
IP
GET /assets/img/2021/08/08/1631094157993-71e6734e-0583-460e-ad85-f2e9c96f6f65.png HTTP/1.1
Host: broker-systems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:58:06 GMT
content-type: image/png
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 10:08:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6453
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWY7Dlhuhqm3Ifhl5o2YvKq6qCGvpXJ1psy2AtiEn9gNHdcup5ZqvazPNO%2BTF5FB4WsWOKY%2BW0XmZYx18YZEdY8%2BDeO6W92Gwi9UMQvgTWa49rWdtxc7mTujf2ZXFQWuQ0ho2nU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5b33814b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Cabin:wght@400;700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Cabin:wght@400;700&display=swap
IP
GET /css2?family=Cabin:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 13:58:06 GMT
date: Fri, 25 Nov 2022 13:58:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
172.67.133.55
18.192.108.151
104.16.124.175
23.36.76.226
139.45.197.251