Overview

URLsenecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP 172.67.133.55 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-25 13:58:15 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (32)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
senecaphoneupdate.top (2) 0 2022-05-21 14:09:45 UTC 2022-11-24 07:55:31 UTC 104.21.5.85 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-25 05:51:47 UTC 34.117.237.239
flagicons.lipis.dev (1) 527996 No data No data 185.199.110.153
player.vimeo.com (1) 1858 2013-09-26 03:16:08 UTC 2020-01-28 05:29:01 UTC 162.159.138.60
europe-west2-tech-microservices-production.cloudfunctions.net (1) 0 2019-10-08 09:29:41 UTC 2022-11-25 08:16:32 UTC 216.239.36.54 Unknown ranking
overalltrack.com (2) 112756 2018-12-01 03:47:10 UTC 2022-11-25 10:42:50 UTC 68.183.98.124
analytics.tiktok.com (4) 1182 No data No data 23.36.79.32
cdntechone.com (1) 64371 2021-12-24 17:09:58 UTC 2022-11-25 05:40:16 UTC 172.67.149.153
www.googleoptimize.com (1) 1604 2019-07-23 08:23:32 UTC 2022-11-25 06:34:47 UTC 142.250.74.46
unpkg.com (1) 11693 2016-01-07 23:26:01 UTC 2022-11-25 06:19:56 UTC 104.16.124.175
my.rtmark.net (5) 9054 2017-08-22 14:11:49 UTC 2022-11-25 07:48:21 UTC 139.45.195.8
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.39.57.61
track.profitableredirect.com (2) 124496 No data No data 18.192.108.151
ouhastay.net (2) 117137 2021-09-10 09:52:42 UTC 2022-11-25 00:24:04 UTC 139.45.197.239
redrotou.net (1) 145989 2021-03-16 05:03:50 UTC 2022-11-24 16:18:20 UTC 139.45.197.251
img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
broker-systems.com (17) 0 2020-12-15 12:26:55 UTC 2022-11-24 15:52:06 UTC 104.21.79.157 Unknown ranking
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-11-25 06:21:31 UTC 216.239.34.178
r3.o.lencr.org (12) 344 No data No data 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
datatechone.com (1) 0 2015-06-17 13:52:19 UTC 2022-11-25 09:59:37 UTC 139.45.195.253 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-25 06:03:02 UTC 34.102.187.140
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-25 06:26:28 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-25 05:53:13 UTC 142.250.74.10
ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
ocsp.pki.goog (3) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
vod-progressive.akamaized.net (1) 19176 No data No data 23.36.76.123
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-25 05:53:39 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
e1.o.lencr.org (2) 6159 No data No data 23.36.76.226
app1-smartsecurity-etl.herokuapp.com (4) 115431 2021-11-12 17:04:25 UTC 2022-11-25 10:42:50 UTC 54.243.129.215

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-25 2 ouhastay.net Sinkholed
2022-11-25 2 ouhastay.net Sinkholed
2022-11-25 2 datatechone.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.133.55
Date UQ / IDS / BL URL IP
2023-01-08 14:59:03 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom2/ (...) 172.67.133.55
2023-01-08 07:44:05 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom/i (...) 172.67.133.55
2023-01-07 22:44:02 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom/i (...) 172.67.133.55
2023-01-07 14:05:15 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom2/ (...) 172.67.133.55
2023-01-05 23:00:13 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom2/ (...) 172.67.133.55


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-01 13:00:25 +0000 0 - 6 - 0 ouo.io/UEvUT0 104.22.22.162
2023-02-01 12:58:55 +0000 0 - 0 - 8 wsend.co/966597600931 104.26.6.159
2023-02-01 12:58:41 +0000 0 - 0 - 2 nasertale.fun/ 104.21.65.152
2023-02-01 12:58:38 +0000 19 - 0 - 8 col.portalconsultasegura.com/mua/VALIDATEMAIL (...) 188.114.97.1
2023-02-01 12:58:25 +0000 0 - 0 - 2 kineticlegalllc.com/hhh/enterpassword.php 104.21.44.174


Last 5 reports on domain: senecaphoneupdate.top
Date UQ / IDS / BL URL IP
2023-01-09 01:48:02 +0000 0 - 3 - 2 senecaphoneupdate.top/smart-security-0/index. (...) 188.114.96.1
2023-01-08 19:46:02 +0000 0 - 3 - 2 senecaphoneupdate.top/smart-security-0/index. (...) 188.114.97.1
2023-01-08 14:59:03 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom2/ (...) 172.67.133.55
2023-01-08 07:45:05 +0000 0 - 3 - 2 senecaphoneupdate.top/smart-security-0/index. (...) 104.21.5.85
2023-01-08 07:44:05 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom/i (...) 172.67.133.55


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-02 12:00:55 +0000 0 - 0 - 2 tele123.store/cl/500/env/nl 79.98.29.10
2022-12-02 12:00:27 +0000 0 - 0 - 2 telefonica.site/bd/fortune/nl/ 79.98.24.35
2022-12-02 10:51:13 +0000 0 - 0 - 2 senecaphoneupdate.top/smart-security-0/index. (...) 172.67.133.55
2022-12-01 13:56:11 +0000 0 - 0 - 2 exceptionalphonesecurity.xyz/smart-security-0 (...) 172.67.155.44
2022-12-01 13:02:12 +0000 0 - 0 - 2 televivo.online/kz/env/nl 194.135.87.58

JavaScript

Executed Scripts (53)

Executed Evals (1)
#1 JavaScript::Eval (size: 5) - SHA256: 35e6366764c85ff27d4eaa8798d75814c7c25d9aa684fc270eac4d8056341083
enSet

Executed Writes (14)
#1 JavaScript::Write (size: 53) - SHA256: 6ce64525848d677d6f619f970e996c47cc6a82bf85d40bb2acd64474d3a3046e
Click < strong > Allow < /strong> To Continue Using Chrome
#2 JavaScript::Write (size: 156) - SHA256: 949398833ecb71dace0d6a15f4166af32a8e0c16be1f945f93297956925b8f51
< img src = 'https://overalltrack.com/api/v3.0/clickapi/img?aid=1&clickId={clickid}'
style = 'position:absolute;width:1px;height:1px;left:0;bottom:0;opacity:0;' >
#3 JavaScript::Write (size: 89) - SHA256: 6c19434f8282294efc05f0fd70015529942972352a6b00984ac14d444f61db9b
Update now
for < strong > FREE < /strong> to clean and boost your Android Android immediately!
#4 JavaScript::Write (size: 6) - SHA256: 19766ed6ccb2f4a32778eed80d1928d2c87a18d7c275ccb163ec6709d3eb2e27
Cancel
#5 JavaScript::Write (size: 68) - SHA256: 3d616b12fbe8aa4b171323dc696cebb002be86551f35cc23fe0bc2756abc58e7
< a class = "button"
id = "center-button"
href = "smartsecurityxzt://open" >
#6 JavaScript::Write (size: 325) - SHA256: cb524eefc6d4e1b706c48380e49b2f5c6068316dcc694c02121745040582ce37
< a class = "button exitpoint right cancel"
id = "cancel-button"
href = "https://play.google.com/store/apps/details?id=com.smartsecurityxzt&referrer=publisher%3D{trafficsource.name}%26clickid%3D{clickid}%26utm_source%3Dvar1%26utm_medium%3Drestart_push_{offer.name}%26utm_campaign%3D{trafficsource.name}%26timestamp%3D1669384683189" >
#7 JavaScript::Write (size: 4) - SHA256: ecd5b806462c7dfdf078ac76c549060a06660422d00e55bd5823be6747361085
< /a>
#8 JavaScript::Write (size: 8) - SHA256: 31fbef162594de01bab0cd525c51f74de7bcb15063029fa1a54b2cf5944c80d8
Continue
#9 JavaScript::Write (size: 2) - SHA256: 1d97c9fec35ad3ba402a8bb3548546924ce958f8f4b8a65b0f39c9c6171bdf34
Ad
#10 JavaScript::Write (size: 50) - SHA256: be434f49ec21e26b619e4186cce641233e60036505ac9cf6de704ebeb72b0e6d
Cleaner Update
for Android Android is Recommended!
#11 JavaScript::Write (size: 112) - SHA256: 4448b50a0446877c729032fc7d2ac04b985f7838bfc700b779e132afa7c2803c
Your phone Android Android can work faster, we released a Cleaner update, and it is recommended
for every phone.
#12 JavaScript::Write (size: 321) - SHA256: 9ab4b2283b70d7058bb56e8d451b0dc141184ca356e2172775b6fe10093894bb
< a class = "button exitpoint install"
id = "install-button"
href = "https://play.google.com/store/apps/details?id=com.smartsecurityxzt&referrer=publisher%3D{trafficsource.name}%26clickid%3D{clickid}%26utm_source%3Dvar1%26utm_medium%3Drestart_push_{offer.name}%26utm_campaign%3D{trafficsource.name}%26timestamp%3D1669384683189" >
#13 JavaScript::Write (size: 336) - SHA256: 9fdebebd6515a7ce4ef9772239f5383477e49009c62d1127c30c1efa8e2f1e72
< a class = "close exitpoint"
style = "display: none"
id = "close-button"
href = "https://play.google.com/store/apps/details?id=com.smartsecurityxzt&referrer=publisher%3D{trafficsource.name}%26clickid%3D{clickid}%26utm_source%3Dvar1%26utm_medium%3Drestart_push_{offer.name}%26utm_campaign%3D{trafficsource.name}%26timestamp%3D1669384683189" > < /a>
#14 JavaScript::Write (size: 10) - SHA256: f96f4d46e788614ae69e039ae032229de03f08cfe7f84c7f405ba021e50d3eca
Update Now


HTTP Transactions (86)


Request Response
                                        
                                            GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1 
Host: senecaphoneupdate.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         104.21.5.85
HTTP/1.1 301 Moved Permanently
                                        
Date: Fri, 25 Nov 2022 13:58:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 25 Nov 2022 14:58:02 GMT
Location: https://senecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkTlmBjBXRMbjl3mylexGaIXumxZuNe4L7FD0FCYOccwQAM3tnwOLBDbFQ7ynRRQXK33LubI6xkvF0pWzakx2DEOPThnnqlXT3Zq6w1sZhSvh5fbdc6XivV8Pd%2BlAW6Ga6JRkCA%2FYg0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fae59c3ea5b51b-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3360
Expires: Fri, 25 Nov 2022 14:54:03 GMT
Date: Fri, 25 Nov 2022 13:58:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3076
Cache-Control: max-age=163467
Date: Fri, 25 Nov 2022 13:58:03 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:22:30 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5790
Expires: Fri, 25 Nov 2022 15:34:33 GMT
Date: Fri, 25 Nov 2022 13:58:03 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 13:17:26 GMT
cache-control: public,max-age=3600
age: 2437
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "C651001B0B255E41C0113FDAD79570CAAB6FB23BCDA7A74C8AB287F4841529CF"
Last-Modified: Thu, 24 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15140
Expires: Fri, 25 Nov 2022 18:10:23 GMT
Date: Fri, 25 Nov 2022 13:58:03 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 2mQy20eyZFksNX0XSkpQFjc4SpzCKdPdaqV/yjzbNHOot4RFhbAjmaOu67pE98UubO/Y1wRKnNA=
x-amz-request-id: JJ8ZENF286GE9WCS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 13:43:51 GMT
age: 852
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 13:58:03 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 13:08:53 GMT
cache-control: public,max-age=3600
age: 2950
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "C651001B0B255E41C0113FDAD79570CAAB6FB23BCDA7A74C8AB287F4841529CF"
Last-Modified: Thu, 24 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15140
Expires: Fri, 25 Nov 2022 18:10:23 GMT
Date: Fri, 25 Nov 2022 13:58:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3249
Cache-Control: max-age=158577
Date: Fri, 25 Nov 2022 13:58:03 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:01:00 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2391
Expires: Fri, 25 Nov 2022 14:37:54 GMT
Date: Fri, 25 Nov 2022 13:58:03 GMT
Connection: keep-alive

                                        
                                            GET /p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 13:58:03 GMT
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   697
Md5:    7e1da03b7d5254f7b1d93874c8f85ce4
Sha1:   c1ff6bec84dd9b2bf2bbcd11bb8791444f04b2d7
Sha256: ff9366f794284e39381efd6b8ae4b6273469134c741ca7c3d6a1e1248e1a98d4
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 13:58:04 GMT
Last-Modified: Fri, 25 Nov 2022 12:23:09 GMT
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aaqT1EauoautC1uq5GjqsCiDRgrpzld6WRdcisPG1CYYNH8FizY9FA==
Age: 5695

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vjGgUTxjnKGyaR9dIsxjLQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.39.57.61
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /S4INxu3dhMOPY+SWaHaEwSIGZQ=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 13:58:04 GMT
Last-Modified: Fri, 25 Nov 2022 12:31:39 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 86C1OqU1ozJ9cdgTbVCHC9adb0DZ8C9HKl8YRuSb4y02zmk4TMab8g==
Age: 5185

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "79742D4996B0A2C5F0ED24C1177403F252E59451DC6CEAA543FE54FCC4A89221"
Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Fri, 25 Nov 2022 19:56:57 GMT
Date: Fri, 25 Nov 2022 13:58:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0808D22DF128F20931D86CE2BE12C5F1B1B031A083B4BB623B495ABE50AD6773"
Last-Modified: Thu, 24 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=650
Expires: Fri, 25 Nov 2022 14:08:54 GMT
Date: Fri, 25 Nov 2022 13:58:04 GMT
Connection: keep-alive

                                        
                                            OPTIONS /device_by_model?model=x64 HTTP/1.1 
Host: app1-smartsecurity-etl.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://senecaphoneupdate.top/
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.243.129.215
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Server: gunicorn
Date: Fri, 25 Nov 2022 13:58:04 GMT
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur

                                        
                                            GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1 
Host: senecaphoneupdate.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.21.5.85
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Fri, 25 Nov 2022 13:58:03 GMT
last-modified: Thu, 05 May 2022 04:35:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAsh3jjiXX6O%2FxQBXq3KXXWWWwCgkqw9pfQSNZCwYBXUHFBbA81PQV4gii4yW2lfpRp4dBxHzlCOenLi%2F4PpGuEkcTN0NKb4Iu6w2u9nWW8Y2hKouFuIrDmCdpiwvs8F2fHSkcjd7RE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae59e0ab5b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1627)
Size:   9909
Md5:    f0cc26c67c51d8c0216a98eacfe4315f
Sha1:   256436b98fa0527fd2758fc8f3d38035d54d7688
Sha256: aeeaa4054e1a30a7b242aa36f9acb53fabafe29205f264560b8628595343dd55
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E01416FC8A821CE83CC0F6F9783241C4075066C747C36DA1786951448143334F"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21582
Expires: Fri, 25 Nov 2022 19:57:46 GMT
Date: Fri, 25 Nov 2022 13:58:04 GMT
Connection: keep-alive

                                        
                                            GET /device_by_model?model=x64 HTTP/1.1 
Host: app1-smartsecurity-etl.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.243.129.215
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Server: gunicorn
Date: Fri, 25 Nov 2022 13:58:04 GMT
Location: /device_by_model/?model=x64
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Content-Length: 0
Via: 1.1 vegur

                                        
                                            OPTIONS /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1 
Host: overalltrack.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://senecaphoneupdate.top/
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         68.183.98.124
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Nov 2022 13:58:04 GMT
Content-Length: 8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Allow: GET,HEAD


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   8
Md5:    f30c3a40e9a3e65c868c754a5de95919
Sha1:   65101ff283414b70636ff494d866190a66ed9978
Sha256: 875befe7cefc0715a17dc737f9514dda981f79a3c9f174badcae5bd1cc2425fe
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 937
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Cookie: _ttp=2I2fdMAGeZ8f4IsNQ7FjcYs3JPj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202211251358045D1D84581192907CA15B
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebe802024c2f9cb24329469b2a0ee76db1749ac55dd46b755a615e60246d241540a86fdb6cf9c0b7036552e3db8bdf7277252171d0dc8c4b0bbdddd0ecde81bc41
x-origin-response-time: 19,23.218.220.136
x-akamai-request-id: bc9534fd.577c4072
expires: Fri, 25 Nov 2022 13:58:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 25 Nov 2022 13:58:04 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-218-220-136.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=19, inner; dur=15
x-parent-response-time: 117,23.36.79.28
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /device_by_model/?model=x64 HTTP/1.1 
Host: app1-smartsecurity-etl.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.243.129.215
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Server: gunicorn
Date: Fri, 25 Nov 2022 13:58:04 GMT
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur

                                        
                                            GET /img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fsenecaphoneupdate.top%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 25 Nov 2022 13:58:04 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7ddeaf1743c845bfa267cf7207047e10; expires=Sat, 25 Nov 2023 13:58:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1 
Host: overalltrack.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         68.183.98.124
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Nov 2022 13:58:04 GMT
Content-Length: 126
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   126
Md5:    c8f85db18fe8f89306f6c0819c67036d
Sha1:   7b5c44e4a9fd70e664aa4fe54fc0bd7bb3963a31
Sha256: a71ab24977d03d440189548647bee7fdbdf0d6dee44478d1f6b44f17699a75ee
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B65B7FB441D78D75685F9062F7FE4C807CFCF366F425A50A53D41598BC68BBAC"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5916
Expires: Fri, 25 Nov 2022 15:36:40 GMT
Date: Fri, 25 Nov 2022 13:58:04 GMT
Connection: keep-alive

                                        
                                            GET /device_by_model/?model=x64 HTTP/1.1 
Host: app1-smartsecurity-etl.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://senecaphoneupdate.top
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.243.129.215
HTTP/1.1 404 Not Found
Content-Type: application/json
                                        
Connection: keep-alive
Server: gunicorn
Date: Fri, 25 Nov 2022 13:58:04 GMT
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Length: 86
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Via: 1.1 vegur


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size:   86
Md5:    024c203b02c3d88f5e07d125220aa18a
Sha1:   4450bc452d44c05834e068f5341745b2e81ebbe3
Sha256: a7360add54a81883d7f3e724d07de917a7fcd5cc190db96b7de642d34ceb2787
                                        
                                            GET /e69b0e43-f199-496b-87cc-2daa322bb681 HTTP/1.1 
Host: track.profitableredirect.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         18.192.108.151
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 13:58:04 GMT
content-length: 724
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=0aKuJ_L2TiE7g5u2wOGlN-hekMCvYEJNWNk_SWwQ68k; Max-Age=86400; Expires=Sat, 26-Nov-2022 13:58:04 GMT; Domain=track.profitableredirect.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=ZkKJlVAPnDTovTaqDiI%2B7nBYV0nwRpQkxbhvlXgY7Pya1gUxy0rOcpfbCa5ZCXGvnByXj9qqmEAEbeZB54zoJ22IOOHopFjNYYUGDwPUczmbXuq2Ad3l77%2Bedzxs5xIWC%2Bzcd69axh4VENf6nvPQaA%3D%3D; Max-Age=31536000; Expires=Sat, 25-Nov-2023 13:58:04 GMT; Domain=track.profitableredirect.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BEB57722EDC3A4176A2E5B390ECB597169D06BC6F73BA1FCB53CA536A8020B90"
Last-Modified: Fri, 25 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9886
Expires: Fri, 25 Nov 2022 16:42:51 GMT
Date: Fri, 25 Nov 2022 13:58:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2389
Expires: Fri, 25 Nov 2022 14:37:54 GMT
Date: Fri, 25 Nov 2022 13:58:05 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ouhastay.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouhastay.net/afu.php?zoneid=3647676
Cookie: OAID=7ad474e4401c44379b0f2136f4009989; oaidts=1669384685
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 25 Nov 2022 13:58:05 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /img.gif?f=merge&userId=7ad474e4401c44379b0f2136f4009989 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouhastay.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 25 Nov 2022 13:58:05 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7ad474e4401c44379b0f2136f4009989; expires=Sat, 25 Nov 2023 13:58:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            POST /?z=3647676&syncedCookie=true&rhd=false HTTP/1.1 
Host: ouhastay.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 455
Origin: https://ouhastay.net
Connection: keep-alive
Referer: https://ouhastay.net/afu.php?zoneid=3647676&var=3647676&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false
Cookie: OAID=7ad474e4401c44379b0f2136f4009989; oaidts=1669384685
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         139.45.197.239
HTTP/2 302 Found
                                        
server: nginx
date: Fri, 25 Nov 2022 13:58:05 GMT
content-length: 0
location: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
x-trace-id: 9c904d8f8b133883a4a88de2417869bc
link: <https://broker-systems.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
access-control-allow-origin: https://ouhastay.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=7ad474e4401c44379b0f2136f4009989; expires=Sat, 25 Nov 2023 13:58:05 GMT; path=/; secure; SameSite=None oaidts=1669384685; expires=Sat, 25 Nov 2023 13:58:05 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Fri, 02 Dec 2022 13:58:05 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=149230
Date: Fri, 25 Nov 2022 13:58:05 GMT
Etag: "63806ddb-117"
Expires: Sun, 27 Nov 2022 07:25:15 GMT
Last-Modified: Fri, 25 Nov 2022 07:25:15 GMT
Server: nginx
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3219
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 13:58:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3219
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 13:58:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3219
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 13:58:05 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:53 GMT
age: 58212
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7993
Md5:    92c78302bcce1568eb6a5563100b932c
Sha1:   43d1dec7fc06879988c9c3cadd800cc8145df988
Sha256: 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 57800
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11743
Md5:    8784bb7a8b88736a6016f712e3183bf3
Sha1:   b0ddc1555d2506177adcdcea77864d75f1245d07
Sha256: 8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 57806
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8006
Md5:    8b6ee13d43732f7c764a49500d092865
Sha1:   5d15fd672e968d59b541e4d5d0d01cd5e69f4075
Sha256: fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
                                        
                                            GET /i18n/pixel/identify.js HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202211251358041DADD2BCFA7A08922523
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b07d6441f728f51009cc13b8a600b3466733aa71db956da589d409a18e64bfa7ea75f6ef1cda767e37b480b6c49ec9058
content-encoding: gzip
expires: Fri, 25 Nov 2022 13:58:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 25 Nov 2022 13:58:04 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=2, origin; dur=102
x-origin-response-time: 102,23.36.79.28
x-akamai-request-id: 577c3f73
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   35134
Md5:    ddcade2900b8a8ca4cd5b5d53df18bb5
Sha1:   5cb1acc9c1d0bc6888078dc7ff4ea90ab838712c
Sha256: 19ba79601b7a3f7f44481458c3bd3aec887e1f71acf78831a37a6f9eb48ba231
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 34505
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 74438
etag: "b80047da428636adb7027f12718c8d11bd461da4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11954
Md5:    6673267df195141739d1018c17101368
Sha1:   b80047da428636adb7027f12718c8d11bd461da4
Sha256: de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
                                        
                                            GET /assets/img/2021/07/03/1627983967543-9619d850-d57a-4851-807a-02068b4f5e17.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:58:05 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJZt9et7UiBV7%2FBUgQDLUahwYBIGTyo6yhi5Ye%2BGxjRrSciVsFIuIPHWdwpFW49zUst79oXuCp5x6MD5yzNXxEx4hCpT0XFMpFaXAsQRCWCffK57XJ8OJsPs2I%2B5J5cz8WVHOcw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af5a00b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 200 x 82, 8-bit/color RGBA, non-interlaced\012- data
Size:   13851
Md5:    85ab2db69e24280a66e01692320337a1
Sha1:   36e4f076eaceeac945160a9b6f4ab0b01a23ff38
Sha256: 9623615e71a52200c4c9eaac0998f8508f55d53c9d562b3d02d7e0aebcacbdfc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 13:58:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/reg/v2/registration.js HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 13:58:05 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
cf-cache-status: HIT
age: 1103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4KSbBKT1GMhVLvfpMceHAi8rGSxe6QwN%2Blv86KfrUBo383yrklaZd3%2FLso4YMI52RworsMwWXguMm5AJ7yz1BqZGJaLhV6w7fBP0bYzUb5rZyArOe6HurcK8I9DsaqVwgNmEzE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af59f3b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (22747)
Size:   5773
Md5:    45f2996cfaabde88eebcb53730d8a2a2
Sha1:   24b553ac4da86f7592049946b5c4cab2ab0b937b
Sha256: 06f88c71ea9b23612ccb4f55e9ae3d375b050100c4562b7cb0f79857ed5c0f79
                                        
                                            GET /assets/reg/v2/registration-form.js HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 13:58:05 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
cf-cache-status: HIT
age: 1103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fimH8J3%2FdWG6Y5%2B4gxw8HsbBOxDVYinaVImIZa0mgRVZp6bEoaRyhNS3oAsAH32fSuoHDnh%2F1tjI0JGQX%2BNMFpeVDltzQldK%2BwaoBssOFgn1BvgZmcK2nGfIUkhAy7oumMZbhoM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af59f7b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (41190)
Size:   59041
Md5:    a01c9f733f4f7577e6b413166b33c3af
Sha1:   e0a0cdf13a7a488b7b8c5a9edd7430eb40d5c9c6
Sha256: 8f15564e27580feb3c6d312abb316585963dbf277dd32e31c39ab54908c84dee
                                        
                                            GET /assets/img/2021/07/03/1627994280359-a8930d1d-c68c-48c1-9109-f4c3e8036b91.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:58:05 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1074
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWCWJw5X8rkZ81I9qbGT6Kl%2FBp62e2kdQMhcCLH5O05f3N1FeY9SyvOBgbvg46yANPjMgfGbzInP5tuk2eydtKnsuUqm%2FVwCu%2BkSOHN33c1NddCQ%2FpY%2B%2BzePz2JAUlUCYij9h1w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af6a11b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 119 x 113, 8-bit colormap, non-interlaced\012- data
Size:   2115
Md5:    4752c8021a41e7bfbb1b79ecaeccbdda
Sha1:   4ba53911c67a9348f82549877cea4e5b531870cc
Sha256: af41e513c110faed295f378c8e1a22e9d72e03d980a5f28d32d55292473fdddc
                                        
                                            GET /assets/at/v5/tracking.js HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 13:58:05 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
cf-cache-status: HIT
age: 1103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKwK3vZlbwWB56gN%2FG1aP%2BMpxEBEqAIGvn0JPMtcelcXQRfiTL%2BMAIjZpr8biQljR0U3h0i6B5iv8sNSZqj8nAyXjtp45oeYglJMv0%2B68v4qKJhOeQqdTVmEmbj65M4DL%2Brrbvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af59fcb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (28968)
Size:   10857
Md5:    be87033f0c1f7c5a527a353dd380a3fc
Sha1:   9775696aed4f4c22ab3fdbc7a1a6b37ad4c71aee
Sha256: 57934d883a60a8fbc0c7b3d91d6064c0f8760e15c7be4499bfe8f1bd77290e48
                                        
                                            GET /assets/img/2021/07/03/1627979101733-6f5c97a5-241b-4c75-a8ad-48f67971041f.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:58:05 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g35oki%2FHgoBWHzNVX4h4ffSZnI%2B8hLyZyKNeGMXABgfneajFOHDC7fSWxEcCqzLRfplSsFMgNvP7Gz7Z8xPK6%2BPcdfuOrUr7G1c9Q71XX7ig%2B5H5QQU1QgdSky2YpD66%2FBK9aIk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af6a16b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 117 x 93, 8-bit colormap, non-interlaced\012- data
Size:   1982
Md5:    49f1401d77904fc61edfe8d552d12a6a
Sha1:   62d0c898e2d675d046f4e87ef2f745e5f9bf732d
Sha256: e329fb4f42cae49eaba4fd19890d128dfac0fdf6aefae14f719eb7dbdbb5c8ab
                                        
                                            GET /assets/img/2021/07/03/1627983981297-09ae9196-87ef-4a69-938e-8ca455880a42.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:58:05 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAwdp7twocrFm0pmzC5h8QVmGlDN3HcvtdxaX9%2FLshToX4FMJ2PmznqYsO%2BtGQbhp%2F47QyRLhqJDvbiSKfsoXbc8thEdy6cRU1U%2Fdk4jeZzeoinyk4tKqkPkn7TIUFmpEaDWU5Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af5a06b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 66, 8-bit/color RGBA, non-interlaced\012- data
Size:   7749
Md5:    c7e3d1e9dd0ccbc1384eb34b84dbc4d8
Sha1:   7d6b6778c5ef1e0c9cf2dd0e7847ac1e0f2d6676
Sha256: 5d05c876af16bac58a824b6783b75144a5fd475d66b643cf3f6c4d352e49a65a
                                        
                                            GET /stattag.js HTTP/1.1 
Host: cdntechone.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.149.153
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 13:58:06 GMT
last-modified: Wed, 23 Nov 2022 15:07:35 GMT
etag: W/"637e3737-3284"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6150
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TJdUUiIdBbQCc0ejD1ij0VskJr8GoLfzXzgxWmf59znxFF%2BxsUbDSfVmcj%2FiCAfQv718Y3hra8sHCiaacDG8V5O%2B28IayCmlJFiWY9FkON2RBxZYy3svRsZ0CgdzoffZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fae5b039271bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12932), with no line terminators
Size:   5688
Md5:    b8f2cab9c0d8795ea3a6f350e3cd1795
Sha1:   bad2faff91b744e0a9a9d8ac25d5c7b7307ef955
Sha256: 8655610b28a26fb1008be179b3a5f363aced99cb682c7c2fa0caf5b3d3440310
                                        
                                            GET /assets/img/2021/06/26/1627289251805-4a55db67-c49c-4dc8-ad85-b582754777ff.jpg HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 13:58:06 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Og9aPD5HF2LbstajZx5BBkhLvDPyktV2D8JLudajX7DFZnoCoGnVCEbs%2Bjw2nL6SPxP7JyK06JulSgYcQjrVvZYDA%2FTDYy0l2vIhNj%2F2agPkJn3mVVeAikRkyMfDjmusyjDhoek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5b04b66b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2800x895, components 3\012- data
Size:   108777
Md5:    26df5069c76843bf93433094d00b5bb5
Sha1:   c3c2372d9684e379c110d5871c5285a218bf2353
Sha256: 787b3e802d57f3cd3ac5b9ad8a3f922d55e410d459ff4e11658664e546bdfb4d
                                        
                                            GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:28:35 GMT
expires: Thu, 23 Nov 2023 18:28:35 GMT
cache-control: public, max-age=31536000
age: 156571
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Size:   26100
Md5:    312bcfa92b0b0a09c3f404b2c662a0b6
Sha1:   5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
Sha256: 979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
                                        
                                            GET /assets/img/2022/02/04/1646413684488-18ea1365-fd52-4a50-b07f-2ba9046efb59.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:58:05 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S97X9NcDr9dnb53Hof1g67MJKu2cErj6u9fNLvMtR1qOuPhi4kTN6pJlE0F%2F4C58JivjuG5IraA64cXcJh50cttG7UGUMBAUNx0S8hKb%2BspPVNb94KsC4rqlJSZo8ujlkD87FpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af59fdb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 513 x 68, 8-bit/color RGBA, non-interlaced\012- data
Size:   7891
Md5:    d5525560e0ccf916906c66d998fe5682
Sha1:   b80c2457e13d9e0736ba37da0642166ce6d8a15f
Sha256: e85410035d52ceb50476b870034b9a25d99078b1bb4429141c61ffa64d508bff
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5588
Cache-Control: max-age=101182
Date: Fri, 25 Nov 2022 13:58:06 GMT
Etag: "637f9c58-116"
Expires: Sat, 26 Nov 2022 18:04:28 GMT
Last-Modified: Thu, 24 Nov 2022 16:31:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /optimize.js?id=OPT-TLN47DR HTTP/1.1 
Host: www.googleoptimize.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.46
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 13:58:06 GMT
expires: Fri, 25 Nov 2022 13:58:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44245
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   44245
Md5:    3aef15d1379916130c74415a504b2a94
Sha1:   bcc13f768a1a6764ce31559a2dc75f5738fbb8b9
Sha256: cada3970321f0a75d9b6ed7ce9ca7b182ce7c5800648e5d5f77dc7d1d57fbccf
                                        
                                            GET /flags/4x3/no.svg HTTP/1.1 
Host: flagicons.lipis.dev
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.199.110.153
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: GitHub.com
x-origin-cache: HIT
last-modified: Wed, 19 Oct 2022 08:52:22 GMT
access-control-allow-origin: *
etag: W/"634fbac6-13e"
expires: Sun, 20 Nov 2022 06:21:53 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: ECA6:9356:1523F66:1CD8CDC:6379C529
accept-ranges: bytes
date: Fri, 25 Nov 2022 13:58:06 GMT
via: 1.1 varnish
age: 397
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669384687.759254,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 5337d286dd0cadd3889b2a6775a25d3dec821366
content-length: 188
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   188
Md5:    f916e66fd4723d7b98979d330bdab4d4
Sha1:   b30df178bab8c3751c9e593dc19999823d98c6a7
Sha256: 9c4ce2506adbbb63dda2139fb698e6ec80134b41862e8206d431ba3607cd4148
                                        
                                            GET /p.js?f=sync&lr=1&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 13:58:06 GMT
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   697
Md5:    109d9d0f284658da4525b3d1c0ead2ec
Sha1:   3fc4214c1bef95a85db5eaa84c262d6d85275b6e
Sha256: 73657615b5abe9d595c5dcb7faa33dd526743bc03168c7fd72de56d573c5cc7c
                                        
                                            GET /external/465726082.hd.mp4?s=e5c3d3024ed8e02293307a9d67b5e6f9b16e59e8&profile_id=174 HTTP/1.1 
Host: player.vimeo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         162.159.138.60
HTTP/1.1 302 Found
                                        
Date: Fri, 25 Nov 2022 13:58:06 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Location: https://vod-progressive.akamaized.net/exp=1669399086~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=47549aa81d1fb17d06a9389d6854cb0435a289dc583322037a3abee927fb345c/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Host: player-backend-5ff8dcb846-5vmcc
X-Player-Backend: g
X-Xss-Protection: 1; mode=block
Via: 1.1 google, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-bma1667-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1669384687.639212,VS0,VE147
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=LnhZlxY52MzL6SFfFddQscJ2OOXgaZAQQVbC2ytY3K0-1669384686-0-AR07LvZEfIzyO5pJGdruyYsBnmZgvKoL3P403F+35/4dsejydrzI4ne4bHT8HyMz6MGf2sIQ1Gh0Zntfd2swUtM=; path=/; expires=Fri, 25-Nov-22 14:28:06 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 76fae5b368eb1c0a-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 13:58:06 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 16:52:35 GMT
Expires: Thu, 01 Dec 2022 16:52:34 GMT
Etag: "2ffaca360ca166595c22af6993fe09f828d94f2e"
Cache-Control: max-age=528267,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fae5b40b06b509-OSL

                                        
                                            POST /log/add?cid=0146f596-44d1-40c0-b3b5-74fcad621e75 HTTP/1.1 
Host: datatechone.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1122
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.253
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 13:58:06 GMT
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://broker-systems.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.239.34.178
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 12:41:08 GMT
expires: Fri, 25 Nov 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 4619
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /exp=1669399086~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=47549aa81d1fb17d06a9389d6854cb0435a289dc583322037a3abee927fb345c/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4 HTTP/1.1 
Host: vod-progressive.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: https://broker-systems.com/
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.123
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
X-GUploader-UploadID: ADPycdvFALOJgFC8lHRE0XZtj_vOO8NMw94V883uDWMJyDi0Z5tzcMZ5sJ_cbHrMp_W3I5t9ZIwCFXUG4i7oN_MZINQBq6BT75Ie
x-goog-generation: 1661020573365224
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11965965
x-amz-meta-x-goog-reserved-source-generation: 1602068348320686
x-goog-hash: crc32c=hqujiA==, md5=DBrrzNDq44InOGp42cFLAQ==
x-goog-storage-class: COLDLINE
Accept-Ranges: bytes
Server: UploadServer
Aka-c-hit: cache-hit
Last-Modified: Sat, 20 Aug 2022 18:36:13 GMT
ETag: "0c1aebccd0eae38227386a78d9c14b01"
Cache-Control: private, max-age=25832551
Expires: Wed, 20 Sep 2023 13:40:38 GMT
Date: Fri, 25 Nov 2022 13:58:07 GMT
Content-Range: bytes 0-11965964/11965965
Content-Length: 11965965
Connection: keep-alive
AK-REFERENCE-ID: 0.774c2417.1669384687.35a793e
Akamai-Mon-Iucid-Del: 875210
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Timing-Allow-Origin: *
X-VIM-CACHEBC: EP:H11,E:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.123


--- Additional Info ---
Magic:  ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size:   11965965
Md5:    0c1aebccd0eae38227386a78d9c14b01
Sha1:   f05673ace82e6c754989e36334a939d66fadf3c8
Sha256: d945e04c74f6b88360ee453d3183015ed971b3dd55c89de0d36e11e117c0137d
                                        
                                            POST /j/collect?v=1&_v=j98&a=1115710953&t=pageview&_s=1&dl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D620006910393061509%26country%3DNO%26campaignid%3D6340333%26cost%3D0.005863%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3&ul=en-us&de=UTF-8&dt=broker-systems.com&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YADAAAABQAAAAC~&jid=716033388&gjid=958363298&cid=1584228869.1669384686&tid=UA-123565908-17&_gid=956064178.1669384686&_r=1&gtm=2wgb90MLX3JTP&z=366793825 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.239.34.178
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://broker-systems.com
date: Fri, 25 Nov 2022 13:58:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /img.gif?f=sync&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a&ttl=&rurl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D620006910393061509%26country%3DNO%26campaignid%3D6340333%26cost%3D0.005863%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 25 Nov 2022 13:58:07 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=21a58eb5503a436aacf209793ddcb0d6; expires=Sat, 25 Nov 2023 13:58:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            POST /g/collect?v=2&tid=G-Y5BMFENDVB&gtm=2oeb90&_p=1115710953&cid=1584228869.1669384686&ul=en-us&sr=1280x1024&_s=1&sid=1669384686&sct=1&seg=0&dl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D620006910393061509%26country%3DNO%26campaignid%3D6340333%26cost%3D0.005863%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3&dt=broker-systems.com&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://broker-systems.com
date: Fri, 25 Nov 2022 13:58:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 13:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /batch-event-collector HTTP/1.1 
Host: europe-west2-tech-microservices-production.cloudfunctions.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1171
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.239.36.54
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
access-control-allow-origin: *
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
function-execution-id: w6i4gz1nf3kn
x-powered-by: Express
x-cloud-trace-context: 216b23237881b2ae88a5c528847d9a44
content-encoding: gzip
date: Fri, 25 Nov 2022 13:58:07 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   22
Md5:    7ed7900fc45647ddd2f5e4799f6e3f4e
Sha1:   c599a3e8d0cf90430834cda9a07a4b52dd609a7c
Sha256: a0ce47d8f99c7c1b5988ae1c07711bb0aed25484d8ce3563c3a589f2d7216c2f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 13:58:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Fri, 25 Nov 2022 13:58:05 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQpfs091qNyI3NZWu%2BkLc1YCwziJ637SfoogRSD%2BaqidlV4cAT0dfEJLsf3AE5RMfZ1N5WGNc8lInCcQFbJivgia%2Bm9%2FRPR6V0CMv78DRCcZacrQRJl7qQ%2BlUfOSCkxFp2CCOH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5aced5bb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 2022112513580382418695FE08CBA2EC08
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b8c4560aa47662a253c143cd0055ba42c14c5098d434a87977310bf06467b4fd320e675571cf581272d6b8cd3265eb4fb
content-encoding: gzip
expires: Fri, 25 Nov 2022 13:58:03 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 25 Nov 2022 13:58:03 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=101
x-origin-response-time: 101,23.36.79.28
x-akamai-request-id: 577c3d0c
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js HTTP/1.1 
Host: redrotou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 13:58:04 GMT
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-12fca"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/config.js?sdkid=C8SQEGFV9S6N3MLDFVTG&hostname=senecaphoneupdate.top HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20221125135804085852C1AE6316A3E5F0
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb3db49c777b53f0869cfbbab6a47b28ff3f5cf2974ab5b1443e1b5a13be33b1e52081c44f4de47cefd6fb09d2239a69339e509b165b8b68bf926952ede667ce8b
content-encoding: gzip
x-origin-response-time: 12,23.218.220.146
x-akamai-request-id: ba950e2e.577c3f7a
expires: Fri, 25 Nov 2022 13:58:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 25 Nov 2022 13:58:04 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2I2fdMAGeZ8f4IsNQ7FjcYs3JPj; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-218-220-146.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=12, inner; dur=3
x-parent-response-time: 115,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/06/23/1627034872559-2caa23ff-eecf-4033-b355-8c1f5da0ec76.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:58:05 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeDMcYD1DQHXfR%2FUlh3kiFgRUpXaGypw%2FE50yMFYS6f5ZrjsLeiRKxYqkvrgzchYe6hwvdtl1OkmnRJ6md0KDatkD35mRzCGIQdtvLINqnYNwIGjvl0aIX3dalrZ06dh6oMvpjw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af6a0eb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/07/03/1627994300561-5bf0b534-f69d-4dab-ba2c-ade842022f0f.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:58:06 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NE4Mh3sX3phmu3Cv4ZsWzMK8x8jFR8TKAsDX5ET5GIqf5dbWGOUd4KZc7Ljc0D%2Bu0XMYAXJubzUIucCSnLTltJT6ohXraki5rKETvIfavYLp2ydKYnqqx8%2B%2Fh9QV%2FVRitCNNJFk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af6a13b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/06/28/1627484559621-a2880a7f-56da-4ccf-98eb-f1448814c9da.jpg HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 13:58:06 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeqPoPlGgdXcO17zPJoFnF1TckkzA7xgkr4JKtk6vc9E6fukcnpVa0ums9WAVFWtnRtDOIOkHxwfY4rEbyiFiu9wLRhynRmZi1RwwtHbQnjlhMUnWezraIdI6b4kyjNnWfKQgPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5b04b6ab4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/06/23/1627034952535-217e2eaa-ce12-41ea-92b9-82e94483661c.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:58:05 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YloAKl2Em01zHtohJLuZaSOp6mI9Z3zLoxSJ7BD42vIQ6rBObNOm3KNm4YROIY8rBpqatDqt54i1zIZnOnL6iV00oMqnpDLaXQ42rRceX3Kn%2FrYssiaq7GCSb9MHwBfs4slcgx8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af5a04b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/06/26/1627297013883-7dbc897f-02ca-4586-9259-4c23ea49acb5.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:58:05 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxTIbk1M2YjcY2GOeGPKs9hBrVnF6fHqJl5YdEcBIYPWiakSGvZnwtsxwQOhx5FDZAkG5lOXkuI8mkkAV1v24yQAIs5XSCDuApyC4ofsK5Rggjj8LUs1w%2FqyfnLM9Wucl7zdUtU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af6a0fb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/07/03/1627994332152-c4584953-f3aa-4b49-b0fb-e9b64e9d2a97.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:58:05 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1101
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B267qpOLC44roz09e9CSvypjBHlf%2BH6BFg3ghjDvrTzfJYNqIZXj7rcSAdC3be%2FknpZBWO%2BwxLYuyQqjZvsKAERmza5%2F52dS1DwnbZHkv9fxluL3kBo8G5F%2F7Xa2yp5%2Bzrc%2BlFQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5af6a15b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1669384684914&hash=oDAcxvbjr6wMK2pu5JKKdGyMo8CvbBdE7y612e23v_0&rm=DJ HTTP/1.1 
Host: track.profitableredirect.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=0aKuJ_L2TiE7g5u2wOGlN-hekMCvYEJNWNk_SWwQ68k; cc-v4=ZkKJlVAPnDTovTaqDiI%2B7nBYV0nwRpQkxbhvlXgY7Pya1gUxy0rOcpfbCa5ZCXGvnByXj9qqmEAEbeZB54zoJ22IOOHopFjNYYUGDwPUczmbXuq2Ad3l77%2Bedzxs5xIWC%2Bzcd69axh4VENf6nvPQaA%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         18.192.108.151
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 13:58:05 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /vue@2.6.14/dist/vue.min.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.124.175
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 13:58:06 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"16fc7-2o16WfTmzFXqWKvsM++c67m6Z8E"
via: 1.1 fly.io
fly-request-id: 01F7JYERAAW5E3031G1EAGDR8T
cf-cache-status: HIT
age: 14788855
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76fae5afa9321c02-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/08/08/1631094157993-71e6734e-0583-460e-ad85-f2e9c96f6f65.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620006910393061509&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:58:06 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 10:08:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6453
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWY7Dlhuhqm3Ifhl5o2YvKq6qCGvpXJ1psy2AtiEn9gNHdcup5ZqvazPNO%2BTF5FB4WsWOKY%2BW0XmZYx18YZEdY8%2BDeO6W92Gwi9UMQvgTWa49rWdtxc7mTujf2ZXFQWuQ0ho2nU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae5b33814b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Cabin:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 13:58:06 GMT
date: Fri, 25 Nov 2022 13:58:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---