samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339
54.230.111.102200 OK 45 kB URL HTTP/1.1 samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339
IP 54.230.111.102:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (861)
Hash a95609f4fec39ef336235da16e3b46a7
aaf8babb7146e0a830482b6698bb80a1d14e6d7c
3ea260d13037b53b1b3fac17d17509aaa7a4f6883369702f23e7dda1db567630
GET /n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339 HTTP/1.1
Host: samsung-galaxy-note10.clientoffer.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:57 GMT
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jsw6DtffBtyOynD5ExZzup3rBmenjmn-zym5O6nuQXhyg9RLZSMjQg==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14150
Expires: Wed, 30 Nov 2022 13:12:47 GMT
Date: Wed, 30 Nov 2022 09:16:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4515
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:16:57 GMT
Last-Modified: Wed, 30 Nov 2022 08:01:42 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12030
Expires: Wed, 30 Nov 2022 12:37:27 GMT
Date: Wed, 30 Nov 2022 09:16:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 08:18:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3537
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZhvjMXJ/+B6BbbPYGdEND99vtH2YU+YfTURjZYeuj3Ogb3LILg20n44XLiZL6KzHjFnZyrTCmXw=
x-amz-request-id: B95DPE6ZXT5D24VG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 08:45:10 GMT
age: 1907
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:16:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:16:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
samsung-galaxy-note10.clientoffer.site/n/32/1/assets/css/note10_style_min.css
54.230.111.102200 OK 6.1 kB URL HTTP/1.1 samsung-galaxy-note10.clientoffer.site/n/32/1/assets/css/note10_style_min.css
IP 54.230.111.102:0
File type ASCII text, with very long lines (677)
Hash 2a0225015c5d5c59279647ae363dbfa5
079224bfa167898e2ff5a36ec68df070e2fb2892
05883752b06c264ed88235fd6ca9f491e1347f2b3fda5c8c2b3b4b228d8ebc57
GET /n/32/1/assets/css/note10_style_min.css HTTP/1.1
Host: samsung-galaxy-note10.clientoffer.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:58 GMT
Last-Modified: Mon, 28 Nov 2022 15:21:16 GMT
ETag: W/"6384d1ec-5870"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fG-T7p257hnaZ5NgdNLNTBu-zdQwEcaLXFi1V_oY5iI4Y5Ajts4d1Q==
ajax.googleapis.com/ajax/libs/jquery/2.2.2/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.2/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32065)
Hash 2bc666a590303ce436c2679bec5d2173
c9835788b85dea43c45890080fe957673a1a1d17
54d0c6a98d70521e5cbe82178740a6c04e05d10c02932192a945d2126678cde0
GET /ajax/libs/jquery/2.2.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30094
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:11:46 GMT
expires: Sun, 26 Nov 2023 21:11:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 302712
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
samsung-galaxy-note10.clientoffer.site/n/32/1/assets/css/fonts.css
54.230.111.102200 OK 263 B URL HTTP/1.1 samsung-galaxy-note10.clientoffer.site/n/32/1/assets/css/fonts.css
IP 54.230.111.102:0
Hash a8de0a8a234bbad7bed3bea543a2d4dc
bf010bdaf99ce9bc29060d13041fd5db52145981
303feae1988ab7c44bff216bc8d2f3b575e4d6a371a8deb9da32ab1a24e7e90a
GET /n/32/1/assets/css/fonts.css HTTP/1.1
Host: samsung-galaxy-note10.clientoffer.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:58 GMT
Last-Modified: Mon, 28 Nov 2022 15:21:16 GMT
ETag: W/"6384d1ec-87c"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZMAl2C2w68qgdgv4L5ltZ_qO4YzUKKXYuwPecunoQpM2_habLqbG7w==
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:16:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
samsung-galaxy-note10.clientoffer.site/n/32/1/assets/images/galaxynote10/silver.png
54.230.111.102200 OK 50 kB URL HTTP/1.1 samsung-galaxy-note10.clientoffer.site/n/32/1/assets/images/galaxynote10/silver.png
IP 54.230.111.102:0
File type PNG image data, 460 x 485, 8-bit colormap, non-interlaced\012- data
Hash 861067e7ab2c2ae72f0842ac7b258035
0168ae6ab2ac4c265ee28d6d1ce538f15b79b7a8
bb2a46a169e2da454f2223407bb7af6cca076e42f61158c701dba892d4a52ec1
GET /n/32/1/assets/images/galaxynote10/silver.png HTTP/1.1
Host: samsung-galaxy-note10.clientoffer.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 50384
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:58 GMT
Last-Modified: Mon, 28 Nov 2022 15:21:16 GMT
ETag: "6384d1ec-c4d0"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yAgn_XweNOaQG2Dgg6nMhf7EtLLPfqTA6O-flYNsjjl1Zp0YIJIOCg==
samsung-galaxy-note10.clientoffer.site/n/32/1/assets/images/galaxynote10/badge.png
54.230.111.102200 OK 8.4 kB URL HTTP/1.1 samsung-galaxy-note10.clientoffer.site/n/32/1/assets/images/galaxynote10/badge.png
IP 54.230.111.102:0
File type PNG image data, 300 x 180, 8-bit colormap, non-interlaced\012- data
Hash a9dc83f57caeffb8ebeeb15ee6488638
2578f138e9ea56f858ed0bb5025b2f1a34448563
e98bac390e62e4d086a605fc7df50a1244f03209700f81d38f4366f20efb2269
GET /n/32/1/assets/images/galaxynote10/badge.png HTTP/1.1
Host: samsung-galaxy-note10.clientoffer.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 8409
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:58 GMT
Last-Modified: Mon, 28 Nov 2022 15:21:16 GMT
ETag: "6384d1ec-20d9"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8KokiqQg7BI44Os801XErHGe0ZeNVkceFXBPQ68pJtFgVXp2JQVwPg==
samsung-galaxy-note10.clientoffer.site/n/32/1/assets/images/galaxynote10/top.png
54.230.111.102200 OK 6.3 kB URL HTTP/1.1 samsung-galaxy-note10.clientoffer.site/n/32/1/assets/images/galaxynote10/top.png
IP 54.230.111.102:0
File type PNG image data, 588 x 189, 8-bit colormap, non-interlaced\012- data
Hash f6671ce96cce841cfc15c7fc52ce0d0b
87819183e4bdb2f44ffe65f1c181f8d8484493a2
38c68af8739037695f915ef69782e93ffced89ca7cbbcb6528eececbde5af4a2
GET /n/32/1/assets/images/galaxynote10/top.png HTTP/1.1
Host: samsung-galaxy-note10.clientoffer.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6331
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:58 GMT
Last-Modified: Mon, 28 Nov 2022 15:21:16 GMT
ETag: "6384d1ec-18bb"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: co4jsWTt6G9HQHuYpsBYGObLKDYCAuknTH3x9-FpeAAF7xphEUzeaQ==
samsung-galaxy-note10.clientoffer.site/n/32/1/assets/images/galaxynote10/top2.png
54.230.111.102200 OK 6.1 kB URL HTTP/1.1 samsung-galaxy-note10.clientoffer.site/n/32/1/assets/images/galaxynote10/top2.png
IP 54.230.111.102:0
File type PNG image data, 506 x 160, 8-bit colormap, non-interlaced\012- data
Hash 4a8f0266d96859834f1c30ca39e94842
65e69feb55a6d954474f88e96a2f3dc94ba193d1
03ac968eb3786bca05d600666577edda9eb954253bbdfaf6935af560bd65d6a5
GET /n/32/1/assets/images/galaxynote10/top2.png HTTP/1.1
Host: samsung-galaxy-note10.clientoffer.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6110
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:58 GMT
Last-Modified: Mon, 28 Nov 2022 15:21:16 GMT
ETag: "6384d1ec-17de"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: p7vLh-ayqPkqEjuygeAFCh74qtYCAsm3xKV9MdziV71iJB7CwUqrWA==
samsung-galaxy-note10.clientoffer.site/n/32/1/assets/images/galaxynote10/black.png
54.230.111.102200 OK 46 kB URL HTTP/1.1 samsung-galaxy-note10.clientoffer.site/n/32/1/assets/images/galaxynote10/black.png
IP 54.230.111.102:0
File type PNG image data, 460 x 485, 8-bit colormap, non-interlaced\012- data
Hash 2a1dc3d0a458e5c718081bbe496c3815
533367fd77805411cfc36c14be119444fd15a1d1
bfabb2b5304e6ddd583485f626c90d332d6ef7948e76a24d582b105cdf23733c
GET /n/32/1/assets/images/galaxynote10/black.png HTTP/1.1
Host: samsung-galaxy-note10.clientoffer.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 45847
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:58 GMT
Last-Modified: Mon, 28 Nov 2022 15:21:16 GMT
ETag: "6384d1ec-b317"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2mEnTovvplJxM1hVDygv01cELLnN8P9D36R0m5B9VYrEom6j29_vfQ==
samsung-galaxy-note10.clientoffer.site/n/32/1/assets/images/galaxynote10/balloons.png
54.230.111.102200 OK 16 kB URL HTTP/1.1 samsung-galaxy-note10.clientoffer.site/n/32/1/assets/images/galaxynote10/balloons.png
IP 54.230.111.102:0
File type PNG image data, 214 x 456, 8-bit colormap, non-interlaced\012- data
Hash e05afe5bcfa06d3cdddd23b3939e419e
3a3abf6041cfcba867205385e965d2abd0dfb93d
29bb4fc91b4eac03b61ed11abe139ef89dbd98d026de8598a5f825041ca37827
GET /n/32/1/assets/images/galaxynote10/balloons.png HTTP/1.1
Host: samsung-galaxy-note10.clientoffer.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 16049
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:58 GMT
Last-Modified: Mon, 28 Nov 2022 15:21:16 GMT
ETag: "6384d1ec-3eb1"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gj_Lm4qGwKVTf11Lfo3FtI8r2gQMhZhKVUXCXlBU-HXMUn_yQ_t1pA==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 93d07f1107b71d03b025355fb0781586
79dd5b8abb6859cf17642a5cb78a893a21021121
5b28f435cc9c9cba8767a1d29897d91ac8eeffe62fd7f27ef56630aff1773f30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B28F435CC9C9CBA8767A1D29897D91AC8EEFFE62FD7F27EF56630AFF1773F30"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6878
Expires: Wed, 30 Nov 2022 11:11:36 GMT
Date: Wed, 30 Nov 2022 09:16:58 GMT
Connection: keep-alive
cdn.formulead.com/css/main.min.css
34.78.252.25200 OK 94 kB URL HTTP/1.1 cdn.formulead.com/css/main.min.css
IP 34.78.252.25:0
File type ASCII text, with very long lines (65518)
Hash 47cff21534298308fde67abd81cd499d
7ee3430aea39c1ded2b22b0403f37a2f65b88621
2167f959a425770b49bea9a49a6d46e9541f4ad5d0b46c80376953cfdc3db8ac
GET /css/main.min.css HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:58 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Accept-Ranges: bytes
Cache-Control: public, max-age=2678400
Last-Modified: Tue, 15 Nov 2022 14:10:54 GMT
ETag: W/"b2182-1847ba0e9b0"
Vary: Accept-Encoding
Content-Encoding: gzip
samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/images/logo.png
54.230.111.102200 OK 927 B URL HTTP/1.1 samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/images/logo.png
IP 54.230.111.102:0
File type PNG image data, 123 x 19, 8-bit colormap, non-interlaced\012- data
Hash 6c2a831201a1090921bf320b2ed96666
08f75bfc02894a5dbfa8d3962cead4ecee13b8dd
05132bb63319dfefce8fb012daca78627c553af62ffd6bbf94cb1f795945285a
GET /n/32/1/au/galaxynote10_blk_friday/images/logo.png HTTP/1.1
Host: samsung-galaxy-note10.clientoffer.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 927
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:58 GMT
Last-Modified: Mon, 28 Nov 2022 15:21:16 GMT
ETag: "6384d1ec-39f"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: frICdCogn9gVHwovuWZtLf0h90xueZgewzNdGJRcC5FXqCb2cRLsOg==
samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/images/nav.svg
54.230.111.102200 OK 954 B URL HTTP/1.1 samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/images/nav.svg
IP 54.230.111.102:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash ef66f851d16a60f717c042d3cd2678e5
e8ea119cc9a36c192822b35719fa016e673764d8
9d6e0f573ea8892ab9741436df1700cedf3de03fa1372fdef77497c5d1ef4c66
Analyzer Verdict Alert fortinet Phishing
GET /n/32/1/au/galaxynote10_blk_friday/images/nav.svg HTTP/1.1
Host: samsung-galaxy-note10.clientoffer.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Content-Length: 954
Connection: keep-alive
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:58 GMT
Last-Modified: Mon, 28 Nov 2022 15:21:16 GMT
ETag: "6384d1ec-3ba"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: N0VUvtUcZr1dGV7oTajuTokXGKwwOXuzLSyleIOZ3PaxhLvRIvnugg==
cdn.formulead.com/p/574ff3a738b1020100a8dbe1/p.js
34.78.252.25200 OK 427 kB URL HTTP/1.1 cdn.formulead.com/p/574ff3a738b1020100a8dbe1/p.js
IP 34.78.252.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 427 kB (426892 bytes)
Hash 39d6b4d72ccd7be395b3539b58af636a
364cc0d3fce390c8ea37be21b9e5d0649d4d70f2
72e94c18167616324f24f1eb92a46095dd2d77dcdd2011fb62861dae8e03aa40
GET /p/574ff3a738b1020100a8dbe1/p.js HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:58 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
set-cookie: lid=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
plc=574ff3a738b1020100a8dbe1; Path=/; Expires=Fri, 29 Nov 2024 09:16:58 GMT; Secure; SameSite=None
qst.sid=s%3AkMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs.bmqFLUKitoUK5zuPjHnPdG2ofdRTHvRj2Fh7Bvk2YoM; Path=/; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 09:11:14 GMT
cache-control: public,max-age=3600
age: 344
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 8d827734ce620dd4d88e0dd06f5216ec
98a06964a4e35d592e932e53d578e4b875dcd835
81b4fc71caa30abc1ac4ba99a1c8879f9ffa0c14a88dece979d5f02dcf9751a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138383
Date: Wed, 30 Nov 2022 09:16:58 GMT
Etag: "63869919-1d7"
Expires: Thu, 01 Dec 2022 23:43:21 GMT
Last-Modified: Tue, 29 Nov 2022 23:43:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: N5Ec_opeRHZGlp5ySpcjNp0SB9rPQBsmgRy3uNvXd1gZKUJUahFiig==
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 8d827734ce620dd4d88e0dd06f5216ec
98a06964a4e35d592e932e53d578e4b875dcd835
81b4fc71caa30abc1ac4ba99a1c8879f9ffa0c14a88dece979d5f02dcf9751a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138383
Date: Wed, 30 Nov 2022 09:16:58 GMT
Etag: "63869919-1d7"
Expires: Thu, 01 Dec 2022 23:43:21 GMT
Last-Modified: Tue, 29 Nov 2022 23:43:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mW536DFyeAAasuyHrqJeEaib-azektyLSRVjhAdPwp4-S6RFdMKCJA==
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 8d827734ce620dd4d88e0dd06f5216ec
98a06964a4e35d592e932e53d578e4b875dcd835
81b4fc71caa30abc1ac4ba99a1c8879f9ffa0c14a88dece979d5f02dcf9751a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138383
Date: Wed, 30 Nov 2022 09:16:58 GMT
Etag: "63869919-1d7"
Expires: Thu, 01 Dec 2022 23:43:21 GMT
Last-Modified: Tue, 29 Nov 2022 23:43:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: czuND6510_bG0ptmIPGMzRUv8XCFyQjuaBXWYJaOIZpXZif_AjLPPg==
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 8d827734ce620dd4d88e0dd06f5216ec
98a06964a4e35d592e932e53d578e4b875dcd835
81b4fc71caa30abc1ac4ba99a1c8879f9ffa0c14a88dece979d5f02dcf9751a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138383
Date: Wed, 30 Nov 2022 09:16:58 GMT
Etag: "63869919-1d7"
Expires: Thu, 01 Dec 2022 23:43:21 GMT
Last-Modified: Tue, 29 Nov 2022 23:43:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2lD335HDzUNqUC4pn0OFsG5Y8sZjM1bu51tPi7zaj8ByifvvMkRzyw==
st.formulead.com/assets/img/spinner/blue.gif
54.230.111.106200 OK 99 kB URL HTTP/2 st.formulead.com/assets/img/spinner/blue.gif
IP 54.230.111.106:0
File type GIF image data, version 89a, 221 x 221\012- data
Hash 2c0c5093f8c8575e7dccc10c26032456
a2d01c73fe11ca9d9c07bde8f8870738b6d7e77f
7a044d149bbcff78f26f8d32076a5a93781917e47c0f606c1db441d460f25c39
GET /assets/img/spinner/blue.gif HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 98823
server: nginx/1.19.0
date: Tue, 29 Nov 2022 21:34:12 GMT
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
etag: "6329dbed-18207"
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -uZey8ITrYk0Bp8HQ9_ajAxiFD3tM9PupMjNRoN7I2d_6i8DScnd_Q==
age: 42166
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4511
Cache-Control: max-age=90300
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:16:58 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:21:58 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
st.formulead.com/assets/fonts/myriad-pro/MyriadPro-Regular.woff
54.230.111.106200 OK 52 kB URL HTTP/2 st.formulead.com/assets/fonts/myriad-pro/MyriadPro-Regular.woff
IP 54.230.111.106:0
File type Web Open Font Format, CFF, length 51572, version 0.0\012- data
Hash 6a324f29ef3efabd2176f8b697ad71ed
dd696f0c713eb491c6e16bec9fda63f3f23999ba
6d64c461708b8f11e06451c96779d22fc2b8de582214c77493ecc57c32ede06e
GET /assets/fonts/myriad-pro/MyriadPro-Regular.woff HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 51572
server: nginx/1.19.0
date: Wed, 30 Nov 2022 09:16:58 GMT
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
etag: "6329dbed-c974"
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jZQbkU8C0oeZSs-f0mDo5FesjI48qnykN7qihkUkcmq50gzCgnU9vA==
X-Firefox-Spdy: h2
st.formulead.com/assets/fonts/myriad-pro/MyriadPro-Light.woff
54.230.111.106200 OK 51 kB URL HTTP/2 st.formulead.com/assets/fonts/myriad-pro/MyriadPro-Light.woff
IP 54.230.111.106:0
File type Web Open Font Format, CFF, length 50836, version 0.0\012- data
Hash 2fa3049613788ce468d3cf3942fef7df
c39a24d21bba273ab8e6de07cf694950a4ab3a19
03232ad9934ac651926b71be790954fd53a9fe10a0dd1b366597df47ebd25382
GET /assets/fonts/myriad-pro/MyriadPro-Light.woff HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 50836
server: nginx/1.19.0
date: Wed, 30 Nov 2022 09:16:58 GMT
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
etag: "6329dbed-c694"
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ei_19TCohLR1Pu-KGGDdOluIBn6DA3eSbx9F3QFYxfG3uk1rxRRXcQ==
X-Firefox-Spdy: h2
cdn.formulead.com/v/country
34.78.252.25200 OK 51 B URL HTTP/1.1 cdn.formulead.com/v/country
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 91440c116c92d75cfc02cd72bd060a82
591d3adc1d1d80e012b0dd0214df1f0438ae37f5
1b35c679adcfb2f8fbf92afcaf9f7a741f3c6273503a54b6c55448e1b2807c80
GET /v/country HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 51
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"33-WR063B0dgOASsN0CFN8fBDiuN/U"
set-cookie: qst.sid=s%3ACNJHHAfxkgdhsl-3RPdU0VVogR0xZoP4.FbRmg6bynMlqu1lhzcbdPYATuaXlXicYh11wvmyaXFc; Path=/; HttpOnly
Vary: Accept-Encoding
push.services.mozilla.com/
52.43.253.52101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.253.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H4k5hGFj/GZ+RmhhcT6hjw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RfZp82RrDLzZCSoNyHICjlBNo1k=
samsung-galaxy-note10.clientoffer.site/favicon.ico
54.230.111.102200 OK 1.2 kB URL HTTP/1.1 samsung-galaxy-note10.clientoffer.site/favicon.ico
IP 54.230.111.102:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 2b41416e68dcc31606e749cc9da0e7e4
7801b077f31134407e429aa5d3cfd65ed2197e59
934e627d59f1a7b1d98df885aa0d09603b4027b25d29e5ddeaadd15fdd318c6b
GET /favicon.ico HTTP/1.1
Host: samsung-galaxy-note10.clientoffer.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/n/32/1/au/galaxynote10_blk_friday/index.html?p_id=574ff3a738b1020100a8dbe1&_c_id=aff_code:LDA;aff_offer_id:1105;request_id:5859935300ad140008546d0f2a375245;aff_tid:;aff_goal_id:5296;aff_goal_id2:5297;aff_id:1339;aff_version:default;aff_adv_id:2;aff_inc:samsunggalaxy%20note10&_c_user=ld_first_name:;ld_last_name:;ld_email:;ld_title:;ld_gender:;ld_phone_cell:&_c_loc=ld_zip_code:;ld_address_line1:;ld_street_name:;ld_street_number:;ld_city:&_c_dob=ld_dob:;ld_dayob:;ld_monthob:;ld_yearob:&aff_click_id=&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_fbp=&aff_tt=dp&ch=&aff_ttp=&request_id=5859935300ad140008546d0f2a375245&aff_id=1339
HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 1150
Connection: keep-alive
Server: nginx/1.19.0
Last-Modified: Mon, 28 Nov 2022 15:20:27 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Date: Wed, 30 Nov 2022 09:16:59 GMT
ETag: "6384d1bb-47e"
Vary: Accept-Encoding
X-Cache: RefreshHit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PJPCzQTMb9CQNFIuGZLylOIZ6oHv5F0AE3V28JZCYGOla0vyE3dPdg==
cdn.formulead.com/p/574ff3a738b1020100a8dbe1/feed?sc_domain=samsung-galaxy-note10.clientoffer.site&cl_ip=91.90.42.154&qb_placement_id=574ff3a738b1020100a8dbe1&qb_offer_id=5b0695aa302f8c0100bc17d7&qb_flow_id=5b0695aa302f8c0100bc17d7&qb_vendor_id=570e5c924ce290010026cc24&qb_country=AU&ql_session_id=kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs&p_id=574ff3a738b1020100a8dbe1&aff_code=LDA&aff_offer_id=1105&request_id=5859935300ad140008546d0f2a375245&aff_goal_id=5296&aff_goal_id2=5297&aff_id=1339&aff_version=default&aff_adv_id=2&aff_inc=samsunggalaxy%20note10&aff_tt=dp&sc_url=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2F&sc_campaign_domain=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&stp=1&feed_type=initial
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/p/574ff3a738b1020100a8dbe1/feed?sc_domain=samsung-galaxy-note10.clientoffer.site&cl_ip=91.90.42.154&qb_placement_id=574ff3a738b1020100a8dbe1&qb_offer_id=5b0695aa302f8c0100bc17d7&qb_flow_id=5b0695aa302f8c0100bc17d7&qb_vendor_id=570e5c924ce290010026cc24&qb_country=AU&ql_session_id=kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs&p_id=574ff3a738b1020100a8dbe1&aff_code=LDA&aff_offer_id=1105&request_id=5859935300ad140008546d0f2a375245&aff_goal_id=5296&aff_goal_id2=5297&aff_id=1339&aff_version=default&aff_adv_id=2&aff_inc=samsunggalaxy%20note10&aff_tt=dp&sc_url=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2F&sc_campaign_domain=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&stp=1&feed_type=initial
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /p/574ff3a738b1020100a8dbe1/feed?sc_domain=samsung-galaxy-note10.clientoffer.site&cl_ip=91.90.42.154&qb_placement_id=574ff3a738b1020100a8dbe1&qb_offer_id=5b0695aa302f8c0100bc17d7&qb_flow_id=5b0695aa302f8c0100bc17d7&qb_vendor_id=570e5c924ce290010026cc24&qb_country=AU&ql_session_id=kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs&p_id=574ff3a738b1020100a8dbe1&aff_code=LDA&aff_offer_id=1105&request_id=5859935300ad140008546d0f2a375245&aff_goal_id=5296&aff_goal_id2=5297&aff_id=1339&aff_version=default&aff_adv_id=2&aff_inc=samsunggalaxy%20note10&aff_tt=dp&sc_url=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2F&sc_campaign_domain=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&stp=1&feed_type=initial HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-iivmxswc,x-request-id,x-session-id
Referer: http://samsung-galaxy-note10.clientoffer.site/
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:59 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f58cd30443a495eed3ec0d9827550c1
fd0f53d2acc63ae015b7b42155136ade5841ebc7
333a3cae36081ea37371e32dc9587faacfda5970daa476b3b36cd6f587ce1594
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:16:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
142.250.74.164200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu-
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 2a1f1b94d15f7574926aaf6b01fd9134
c2ae255da35bd16ba364e83bbdf88d03b64e435c
3cdeb8f735f3a56a71b449ae7f2dcf5e70a6110d16ec6673926da9b373dda90c
GET /recaptcha/api.js?render=6Le28S4hAAAAAA_HM_1PgW6fsQqLb2dZORF4Hbu- HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 30 Nov 2022 09:16:59 GMT
date: Wed, 30 Nov 2022 09:16:59 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:16:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.formulead.com/p/574ff3a738b1020100a8dbe1/feed?sc_domain=samsung-galaxy-note10.clientoffer.site&cl_ip=91.90.42.154&qb_placement_id=574ff3a738b1020100a8dbe1&qb_offer_id=5b0695aa302f8c0100bc17d7&qb_flow_id=5b0695aa302f8c0100bc17d7&qb_vendor_id=570e5c924ce290010026cc24&qb_country=AU&ql_session_id=kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs&p_id=574ff3a738b1020100a8dbe1&aff_code=LDA&aff_offer_id=1105&request_id=5859935300ad140008546d0f2a375245&aff_goal_id=5296&aff_goal_id2=5297&aff_id=1339&aff_version=default&aff_adv_id=2&aff_inc=samsunggalaxy%20note10&aff_tt=dp&sc_url=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2F&sc_campaign_domain=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&stp=1&feed_type=initial
34.78.252.25200 OK 4.8 kB URL HTTP/1.1 cdn.formulead.com/p/574ff3a738b1020100a8dbe1/feed?sc_domain=samsung-galaxy-note10.clientoffer.site&cl_ip=91.90.42.154&qb_placement_id=574ff3a738b1020100a8dbe1&qb_offer_id=5b0695aa302f8c0100bc17d7&qb_flow_id=5b0695aa302f8c0100bc17d7&qb_vendor_id=570e5c924ce290010026cc24&qb_country=AU&ql_session_id=kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs&p_id=574ff3a738b1020100a8dbe1&aff_code=LDA&aff_offer_id=1105&request_id=5859935300ad140008546d0f2a375245&aff_goal_id=5296&aff_goal_id2=5297&aff_id=1339&aff_version=default&aff_adv_id=2&aff_inc=samsunggalaxy%20note10&aff_tt=dp&sc_url=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2F&sc_campaign_domain=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&stp=1&feed_type=initial
IP 34.78.252.25:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (20641), with no line terminators
Hash ef17dae6b6aa84ba706ca2efe2254cc3
3462d484da0a656857899fb9fc378853e6d5b585
6fcd861f43f196d850a7a47a774c0b3257b377ab8b01cd84f68f167267cf4d0f
GET /p/574ff3a738b1020100a8dbe1/feed?sc_domain=samsung-galaxy-note10.clientoffer.site&cl_ip=91.90.42.154&qb_placement_id=574ff3a738b1020100a8dbe1&qb_offer_id=5b0695aa302f8c0100bc17d7&qb_flow_id=5b0695aa302f8c0100bc17d7&qb_vendor_id=570e5c924ce290010026cc24&qb_country=AU&ql_session_id=kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs&p_id=574ff3a738b1020100a8dbe1&aff_code=LDA&aff_offer_id=1105&request_id=5859935300ad140008546d0f2a375245&aff_goal_id=5296&aff_goal_id2=5297&aff_id=1339&aff_version=default&aff_adv_id=2&aff_inc=samsunggalaxy%20note10&aff_tt=dp&sc_url=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2F&sc_campaign_domain=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&stp=1&feed_type=initial HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs.bmqFLUKitoUK5zuPjHnPdG2ofdRTHvRj2Fh7Bvk2YoM
X-Request-Id: 6e64bbd1c674ad61046fb275
X-iivmxswc: 6b0ded36bcda8f18eb7894dae8cd563fc07c583aaffca900785e9676c8072d32
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Cookie: plc=574ff3a738b1020100a8dbe1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:59 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: stp=1; Path=/; Expires=Fri, 29 Nov 2024 09:16:59 GMT; Secure; SameSite=None
ck_tsp=2022-11-30T09%3A16%3A59.347Z; Path=/; Expires=Fri, 29 Nov 2024 09:16:59 GMT; Secure; SameSite=None
sip=91.90.42.154; Path=/; Expires=Fri, 29 Nov 2024 09:16:59 GMT; Secure; SameSite=None
ETag: W/"517c-RwbfYriHg38XgVe/sGOugKRHtqo"
Vary: Accept-Encoding
Content-Encoding: gzip
cdn.formulead.com/v/reverse-dns-lookup
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/reverse-dns-lookup
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/reverse-dns-lookup HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: http://samsung-galaxy-note10.clientoffer.site/
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:59 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/fingerprint-cache?vl_fp=391e872fcb1ac8f165404c80dff63646&vl_fp_cljs=803716228
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/fingerprint-cache?vl_fp=391e872fcb1ac8f165404c80dff63646&vl_fp_cljs=803716228
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/fingerprint-cache?vl_fp=391e872fcb1ac8f165404c80dff63646&vl_fp_cljs=803716228 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: http://samsung-galaxy-note10.clientoffer.site/
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:59 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/reverse-dns-lookup
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/v/reverse-dns-lookup
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /v/reverse-dns-lookup HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: 6e64bbd1c674ad61046fb275
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Cookie: plc=574ff3a738b1020100a8dbe1; stp=1; ck_tsp=2022-11-30T09%3A16%3A59.347Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:16:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
set-cookie: qst.sid=s%3AAXuysfPpgLHi-SB8W00UmA1rlrXVbHAW.y5YvT%2BC7CvL1SUtf8J0wddB6NS40EsokmowAbBrFzvw; Path=/; HttpOnly
Vary: Accept-Encoding
cdn.formulead.com/v/fingerprint-cache?vl_fp=391e872fcb1ac8f165404c80dff63646&vl_fp_cljs=803716228
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/v/fingerprint-cache?vl_fp=391e872fcb1ac8f165404c80dff63646&vl_fp_cljs=803716228
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
GET /v/fingerprint-cache?vl_fp=391e872fcb1ac8f165404c80dff63646&vl_fp_cljs=803716228 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: 6e64bbd1c674ad61046fb275
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Cookie: plc=574ff3a738b1020100a8dbe1; stp=1; ck_tsp=2022-11-30T09%3A16%3A59.347Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:17:00 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
set-cookie: qst.sid=s%3Arvsl4xX6sVuqlPaBx6pL18isbpQyNUB6.pOrcKABN%2FDRje59V%2Bqqqm8yt34XTWBlP7mTpAu4kfoA; Path=/; HttpOnly
Vary: Accept-Encoding
cdn.formulead.com/p/574ff3a738b1020100a8dbe1/feed?sc_domain=samsung-galaxy-note10.clientoffer.site&cl_ip=91.90.42.154&qb_placement_id=574ff3a738b1020100a8dbe1&qb_offer_id=5b0695aa302f8c0100bc17d7&qb_flow_id=5b0695aa302f8c0100bc17d7&qb_vendor_id=570e5c924ce290010026cc24&qb_country=AU&ql_session_id=kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs&p_id=574ff3a738b1020100a8dbe1&aff_code=LDA&aff_offer_id=1105&request_id=5859935300ad140008546d0f2a375245&aff_goal_id=5296&aff_goal_id2=5297&aff_id=1339&aff_version=default&aff_adv_id=2&aff_inc=samsunggalaxy%20note10&aff_tt=dp&sc_url=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2F&sc_campaign_domain=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&stp=1&feed_type=full
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/p/574ff3a738b1020100a8dbe1/feed?sc_domain=samsung-galaxy-note10.clientoffer.site&cl_ip=91.90.42.154&qb_placement_id=574ff3a738b1020100a8dbe1&qb_offer_id=5b0695aa302f8c0100bc17d7&qb_flow_id=5b0695aa302f8c0100bc17d7&qb_vendor_id=570e5c924ce290010026cc24&qb_country=AU&ql_session_id=kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs&p_id=574ff3a738b1020100a8dbe1&aff_code=LDA&aff_offer_id=1105&request_id=5859935300ad140008546d0f2a375245&aff_goal_id=5296&aff_goal_id2=5297&aff_id=1339&aff_version=default&aff_adv_id=2&aff_inc=samsunggalaxy%20note10&aff_tt=dp&sc_url=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2F&sc_campaign_domain=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&stp=1&feed_type=full
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /p/574ff3a738b1020100a8dbe1/feed?sc_domain=samsung-galaxy-note10.clientoffer.site&cl_ip=91.90.42.154&qb_placement_id=574ff3a738b1020100a8dbe1&qb_offer_id=5b0695aa302f8c0100bc17d7&qb_flow_id=5b0695aa302f8c0100bc17d7&qb_vendor_id=570e5c924ce290010026cc24&qb_country=AU&ql_session_id=kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs&p_id=574ff3a738b1020100a8dbe1&aff_code=LDA&aff_offer_id=1105&request_id=5859935300ad140008546d0f2a375245&aff_goal_id=5296&aff_goal_id2=5297&aff_id=1339&aff_version=default&aff_adv_id=2&aff_inc=samsunggalaxy%20note10&aff_tt=dp&sc_url=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2F&sc_campaign_domain=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&stp=1&feed_type=full HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-iivmxswc,x-request-id,x-session-id
Referer: http://samsung-galaxy-note10.clientoffer.site/
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:17:00 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/t/errors
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/t/errors
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/errors HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://samsung-galaxy-note10.clientoffer.site/
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:17:00 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/t/errors
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/t/errors
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/errors HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs.bmqFLUKitoUK5zuPjHnPdG2ofdRTHvRj2Fh7Bvk2YoM
Content-Type: application/json
Content-Length: 168
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:17:00 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11212
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 09:17:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11212
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 09:17:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11212
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 09:17:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11212
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 09:17:00 GMT
Connection: keep-alive
st.formulead.com/assets/js/helpers.js
54.230.111.106200 OK 15 kB URL HTTP/2 st.formulead.com/assets/js/helpers.js
IP 54.230.111.106:0
Hash 15a261b757a8483c214c860a5d9ad5cf
7741ed9f688ec592e78580d9ab6beed434116cff
c800c70df52d3e801401595876fc36ab06b8e1678127a437bf48ee97247750b1
GET /assets/js/helpers.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 29 Nov 2022 13:11:21 GMT
etag: W/"6329dbed-fefc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PtdW81-GfGrzryFPRjMFRXAAHUy88MdspadQSMgTTVMXTjodcaZpSQ==
age: 72337
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/zqd2ojv4ek
172.64.168.3200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/zqd2ojv4ek
IP 172.64.168.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /register/event_log/zqd2ojv4ek HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://samsung-galaxy-note10.clientoffer.site/
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:17:00 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: http://samsung-galaxy-note10.clientoffer.site
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tThoxMbJdwotIh2KO8yXcORXajUataMUqf4KI7l1tXGphQGYuKORwUP4Aez3NCSe%2FCxszoFHXG5ScuFEX81R%2B2SgFklIjPHuA3EJBkLybsPN6eSR3%2FJJmbitfJVtev8Ml6VhMm9PGW77yA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77227ccd6f7b8e32-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f621857774e4b4adda95f58081644859
639165dc66d171b8266f22cd495181427112bc80
341fd33d3d9486079c182d60e21c355244b6597e6e09ba51ecee2e331b38ca2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10068
x-amzn-requestid: 7f386e94-3c17-44a1-a36b-3d0eeff4623d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEQQoAMFihA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-5069acfd038ffb2c124b7bd8;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Bh6VQ3BLEXcZKHFyJxHVGQWVQm-w2s0786t8SQOcHQUaNvSFc1rg-A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
etag: "639165dc66d171b8266f22cd495181427112bc80"
content-type: image/jpeg
age: 41049
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 41249
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:35:09 GMT
age: 38511
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e135c29a8769eb12ef8c26f99097400
87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:58:15 GMT
age: 40725
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 41049
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ceb8e975fb408de32c43f55febaa6414
453067f6ab356aa87a3ad3b56e33545376597852
e0ecbb6052b4fef75f58da8dae589c81ab9ec9d304de08f26c144a2c3ce9eaac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3719
x-amzn-requestid: 6fab3454-fedd-4a1e-ae47-468ddd6233bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaGQ4IAMFUkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-4b313cf054d6301e71cdc0c1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: phw8DXQgjOyH5g4gvbqgZk-2sHr2n9cHVr4lqqPXfXtyhG32gs2pIg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 41055
etag: "453067f6ab356aa87a3ad3b56e33545376597852"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/zqd2ojv4ek
172.64.168.3200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/zqd2ojv4ek
IP 172.64.168.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/zqd2ojv4ek HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://samsung-galaxy-note10.clientoffer.site/
Content-type: application/json
Origin: http://samsung-galaxy-note10.clientoffer.site
Content-Length: 103
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:17:00 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: http://samsung-galaxy-note10.clientoffer.site
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SOmaOPL0LKqvS%2FphjsjWzAO2Ur00zir%2FzZDYqRooWUUn1KUczge9Xk%2FEmaj8Jijmh4coTIYOv1CjXEySkUrzjcNd72j78bMjVj1OILgqI%2FXM%2FMirvy3Bu5MSOOPwwe2tG0xgCseNSgVQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77227cce28638e32-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.99200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 08:36:31 GMT
expires: Thu, 30 Nov 2023 08:36:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 2429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.formulead.com/t/validator
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/t/validator
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/validator HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://samsung-galaxy-note10.clientoffer.site/
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:17:00 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/t/page
34.78.252.25200 OK 2 B IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /t/page HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-session-id
Referer: http://samsung-galaxy-note10.clientoffer.site/
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:17:01 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/t/validator
34.78.252.25200 OK 16 B URL HTTP/1.1 cdn.formulead.com/t/validator
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/validator HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs.bmqFLUKitoUK5zuPjHnPdG2ofdRTHvRj2Fh7Bvk2YoM
Content-Type: application/json
Content-Length: 1854
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:17:01 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:48:03 GMT
expires: Fri, 24 Nov 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 473338
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:43 GMT
expires: Fri, 24 Nov 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 491778
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.formulead.com/v/recaptcha3?token=03AEkXODALlNGwV2WKQe3B0XopqsmjnZiKtlMzKWHUNLZd9_bwuho9iQ26PiNguYVk6gq9-4NHqLtEfm5C5ePkQk4CmuXTY9y0ItrpGvX50SE4iSchYHoYDtvS75as0UDP8028gSqz-Q4GMqs1TDo7mXKAzBWwvRDINuEvIIMgHTBZ3dgvOg1s78uOJbkh0IUkE8uF74eVzLNsErM_PmE3EIsR-rhvAXVuZ72s__a_EMxffuoUZ9UwsrIraIRYMicu0jL2lxXdyFs9aWAOEePRi86SkSSs2x_as9Lak0wv52CNjrxc4vYDhs2zs7B8BCE8uw1tD0IMRaSDSawPN2O8WMIwDKxGcxgUjCOr42GROpoBX5SmglQhn_ew3MyyIYtynfi3qJQxNIjauWCeM6jq8so9mSm6aMDfkZfJS3skDz-P9LakQ2Giwr1RjcEqerPP581n1Ja8xSAU49I5UJo6hb-EFsd8YNEfcI7rml0EA7GZbQcHz3Eylo1sku8WTkKU_kM86sHyrFsX-72R7CBHWL2dLCMFtODkZOMKaaDl2pUL5ZNf5ScoW94&step=1
34.78.252.25200 OK 2 B URL HTTP/1.1 cdn.formulead.com/v/recaptcha3?token=03AEkXODALlNGwV2WKQe3B0XopqsmjnZiKtlMzKWHUNLZd9_bwuho9iQ26PiNguYVk6gq9-4NHqLtEfm5C5ePkQk4CmuXTY9y0ItrpGvX50SE4iSchYHoYDtvS75as0UDP8028gSqz-Q4GMqs1TDo7mXKAzBWwvRDINuEvIIMgHTBZ3dgvOg1s78uOJbkh0IUkE8uF74eVzLNsErM_PmE3EIsR-rhvAXVuZ72s__a_EMxffuoUZ9UwsrIraIRYMicu0jL2lxXdyFs9aWAOEePRi86SkSSs2x_as9Lak0wv52CNjrxc4vYDhs2zs7B8BCE8uw1tD0IMRaSDSawPN2O8WMIwDKxGcxgUjCOr42GROpoBX5SmglQhn_ew3MyyIYtynfi3qJQxNIjauWCeM6jq8so9mSm6aMDfkZfJS3skDz-P9LakQ2Giwr1RjcEqerPP581n1Ja8xSAU49I5UJo6hb-EFsd8YNEfcI7rml0EA7GZbQcHz3Eylo1sku8WTkKU_kM86sHyrFsX-72R7CBHWL2dLCMFtODkZOMKaaDl2pUL5ZNf5ScoW94&step=1
IP 34.78.252.25:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /v/recaptcha3?token=03AEkXODALlNGwV2WKQe3B0XopqsmjnZiKtlMzKWHUNLZd9_bwuho9iQ26PiNguYVk6gq9-4NHqLtEfm5C5ePkQk4CmuXTY9y0ItrpGvX50SE4iSchYHoYDtvS75as0UDP8028gSqz-Q4GMqs1TDo7mXKAzBWwvRDINuEvIIMgHTBZ3dgvOg1s78uOJbkh0IUkE8uF74eVzLNsErM_PmE3EIsR-rhvAXVuZ72s__a_EMxffuoUZ9UwsrIraIRYMicu0jL2lxXdyFs9aWAOEePRi86SkSSs2x_as9Lak0wv52CNjrxc4vYDhs2zs7B8BCE8uw1tD0IMRaSDSawPN2O8WMIwDKxGcxgUjCOr42GROpoBX5SmglQhn_ew3MyyIYtynfi3qJQxNIjauWCeM6jq8so9mSm6aMDfkZfJS3skDz-P9LakQ2Giwr1RjcEqerPP581n1Ja8xSAU49I5UJo6hb-EFsd8YNEfcI7rml0EA7GZbQcHz3Eylo1sku8WTkKU_kM86sHyrFsX-72R7CBHWL2dLCMFtODkZOMKaaDl2pUL5ZNf5ScoW94&step=1 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-lead-id
Referer: http://samsung-galaxy-note10.clientoffer.site/
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:17:01 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Vary: Accept-Encoding
cdn.formulead.com/v/recaptcha3?token=03AEkXODALlNGwV2WKQe3B0XopqsmjnZiKtlMzKWHUNLZd9_bwuho9iQ26PiNguYVk6gq9-4NHqLtEfm5C5ePkQk4CmuXTY9y0ItrpGvX50SE4iSchYHoYDtvS75as0UDP8028gSqz-Q4GMqs1TDo7mXKAzBWwvRDINuEvIIMgHTBZ3dgvOg1s78uOJbkh0IUkE8uF74eVzLNsErM_PmE3EIsR-rhvAXVuZ72s__a_EMxffuoUZ9UwsrIraIRYMicu0jL2lxXdyFs9aWAOEePRi86SkSSs2x_as9Lak0wv52CNjrxc4vYDhs2zs7B8BCE8uw1tD0IMRaSDSawPN2O8WMIwDKxGcxgUjCOr42GROpoBX5SmglQhn_ew3MyyIYtynfi3qJQxNIjauWCeM6jq8so9mSm6aMDfkZfJS3skDz-P9LakQ2Giwr1RjcEqerPP581n1Ja8xSAU49I5UJo6hb-EFsd8YNEfcI7rml0EA7GZbQcHz3Eylo1sku8WTkKU_kM86sHyrFsX-72R7CBHWL2dLCMFtODkZOMKaaDl2pUL5ZNf5ScoW94&step=1
34.78.252.25200 OK 185 B URL HTTP/1.1 cdn.formulead.com/v/recaptcha3?token=03AEkXODALlNGwV2WKQe3B0XopqsmjnZiKtlMzKWHUNLZd9_bwuho9iQ26PiNguYVk6gq9-4NHqLtEfm5C5ePkQk4CmuXTY9y0ItrpGvX50SE4iSchYHoYDtvS75as0UDP8028gSqz-Q4GMqs1TDo7mXKAzBWwvRDINuEvIIMgHTBZ3dgvOg1s78uOJbkh0IUkE8uF74eVzLNsErM_PmE3EIsR-rhvAXVuZ72s__a_EMxffuoUZ9UwsrIraIRYMicu0jL2lxXdyFs9aWAOEePRi86SkSSs2x_as9Lak0wv52CNjrxc4vYDhs2zs7B8BCE8uw1tD0IMRaSDSawPN2O8WMIwDKxGcxgUjCOr42GROpoBX5SmglQhn_ew3MyyIYtynfi3qJQxNIjauWCeM6jq8so9mSm6aMDfkZfJS3skDz-P9LakQ2Giwr1RjcEqerPP581n1Ja8xSAU49I5UJo6hb-EFsd8YNEfcI7rml0EA7GZbQcHz3Eylo1sku8WTkKU_kM86sHyrFsX-72R7CBHWL2dLCMFtODkZOMKaaDl2pUL5ZNf5ScoW94&step=1
IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c5aca860fe2dd40de6fa3c22a4aa2b73
d37298baffd85a1a15f18fa9c8d600b8abd18fce
b250c4ddd4e350df3f6c007a5231ef4c6fcb566e095b9fcf12318d40cc11715c
GET /v/recaptcha3?token=03AEkXODALlNGwV2WKQe3B0XopqsmjnZiKtlMzKWHUNLZd9_bwuho9iQ26PiNguYVk6gq9-4NHqLtEfm5C5ePkQk4CmuXTY9y0ItrpGvX50SE4iSchYHoYDtvS75as0UDP8028gSqz-Q4GMqs1TDo7mXKAzBWwvRDINuEvIIMgHTBZ3dgvOg1s78uOJbkh0IUkE8uF74eVzLNsErM_PmE3EIsR-rhvAXVuZ72s__a_EMxffuoUZ9UwsrIraIRYMicu0jL2lxXdyFs9aWAOEePRi86SkSSs2x_as9Lak0wv52CNjrxc4vYDhs2zs7B8BCE8uw1tD0IMRaSDSawPN2O8WMIwDKxGcxgUjCOr42GROpoBX5SmglQhn_ew3MyyIYtynfi3qJQxNIjauWCeM6jq8so9mSm6aMDfkZfJS3skDz-P9LakQ2Giwr1RjcEqerPP581n1Ja8xSAU49I5UJo6hb-EFsd8YNEfcI7rml0EA7GZbQcHz3Eylo1sku8WTkKU_kM86sHyrFsX-72R7CBHWL2dLCMFtODkZOMKaaDl2pUL5ZNf5ScoW94&step=1 HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Lead-Id: 6e64bbd1c674ad61046fb275
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Cookie: plc=574ff3a738b1020100a8dbe1; stp=1; ck_tsp=2022-11-30T09%3A16%3A59.347Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:17:01 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 185
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"b9-03KYuv/YWhoV8Y+pyNYAuKvRj84"
set-cookie: qst.sid=s%3ABvv1dJMZBTKpQVGdF2KvwwS6WEscTE7W.4%2F7jLBigEK2VqNwU4BjRo5Ds3W8RyT2sBdvUxGkEDtU; Path=/; HttpOnly
Vary: Accept-Encoding
cdn.formulead.com/p/574ff3a738b1020100a8dbe1/feed?sc_domain=samsung-galaxy-note10.clientoffer.site&cl_ip=91.90.42.154&qb_placement_id=574ff3a738b1020100a8dbe1&qb_offer_id=5b0695aa302f8c0100bc17d7&qb_flow_id=5b0695aa302f8c0100bc17d7&qb_vendor_id=570e5c924ce290010026cc24&qb_country=AU&ql_session_id=kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs&p_id=574ff3a738b1020100a8dbe1&aff_code=LDA&aff_offer_id=1105&request_id=5859935300ad140008546d0f2a375245&aff_goal_id=5296&aff_goal_id2=5297&aff_id=1339&aff_version=default&aff_adv_id=2&aff_inc=samsunggalaxy%20note10&aff_tt=dp&sc_url=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2F&sc_campaign_domain=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&stp=1&feed_type=full
34.78.252.25200 OK 13 kB URL HTTP/1.1 cdn.formulead.com/p/574ff3a738b1020100a8dbe1/feed?sc_domain=samsung-galaxy-note10.clientoffer.site&cl_ip=91.90.42.154&qb_placement_id=574ff3a738b1020100a8dbe1&qb_offer_id=5b0695aa302f8c0100bc17d7&qb_flow_id=5b0695aa302f8c0100bc17d7&qb_vendor_id=570e5c924ce290010026cc24&qb_country=AU&ql_session_id=kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs&p_id=574ff3a738b1020100a8dbe1&aff_code=LDA&aff_offer_id=1105&request_id=5859935300ad140008546d0f2a375245&aff_goal_id=5296&aff_goal_id2=5297&aff_id=1339&aff_version=default&aff_adv_id=2&aff_inc=samsunggalaxy%20note10&aff_tt=dp&sc_url=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2F&sc_campaign_domain=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&stp=1&feed_type=full
IP 34.78.252.25:0
File type Unicode text, UTF-8 text, with very long lines (65329), with no line terminators
Hash 467698fcc7a1d050481db0542959b6e8
57369c73a1a4998658e547e62dea27ee6a48588c
bf6b4f68246cad968c4253e15c6d1dc42ed5c80076ec4eefb0e93b09668a4073
GET /p/574ff3a738b1020100a8dbe1/feed?sc_domain=samsung-galaxy-note10.clientoffer.site&cl_ip=91.90.42.154&qb_placement_id=574ff3a738b1020100a8dbe1&qb_offer_id=5b0695aa302f8c0100bc17d7&qb_flow_id=5b0695aa302f8c0100bc17d7&qb_vendor_id=570e5c924ce290010026cc24&qb_country=AU&ql_session_id=kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs&p_id=574ff3a738b1020100a8dbe1&aff_code=LDA&aff_offer_id=1105&request_id=5859935300ad140008546d0f2a375245&aff_goal_id=5296&aff_goal_id2=5297&aff_id=1339&aff_version=default&aff_adv_id=2&aff_inc=samsunggalaxy%20note10&aff_tt=dp&sc_url=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&sc_campaign_page=index.html&sc_campaign_path=%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2F&sc_campaign_domain=http%3A%2F%2Fsamsung-galaxy-note10.clientoffer.site&sc_url_wl=https%3A%2F%2Flp.nectarjunkie.com%2Fn%2F32%2F1%2Fau%2Fgalaxynote10_blk_friday%2Findex.html&stp=1&feed_type=full HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs.bmqFLUKitoUK5zuPjHnPdG2ofdRTHvRj2Fh7Bvk2YoM
X-Request-Id: 6e64bbd1c674ad61046fb275
X-iivmxswc: 6b0ded36bcda8f18eb7894dae8cd563fc07c583aaffca900785e9676c8072d32
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Cookie: plc=574ff3a738b1020100a8dbe1; stp=1; ck_tsp=2022-11-30T09%3A16%3A59.347Z; sip=91.90.42.154
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:17:03 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
Set-Cookie: stp=1; Path=/; Expires=Fri, 29 Nov 2024 09:17:00 GMT; Secure; SameSite=None
ck_tsp=2022-11-30T09%3A17%3A00.148Z; Path=/; Expires=Fri, 29 Nov 2024 09:17:00 GMT; Secure; SameSite=None
sip=91.90.42.154; Path=/; Expires=Fri, 29 Nov 2024 09:17:00 GMT; Secure; SameSite=None
ETag: W/"10e9d-z6HyFDVJUrTwgigOh0+XDgr67Kk"
Vary: Accept-Encoding
Content-Encoding: gzip
cdn.formulead.com/t/page
34.78.252.25200 OK 16 B IP 34.78.252.25:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
POST /t/page HTTP/1.1
Host: cdn.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Session-Id: s:kMEWTV5osi9dPtuoW6WpT6mYYzBJ1eMs.bmqFLUKitoUK5zuPjHnPdG2ofdRTHvRj2Fh7Bvk2YoM
Content-Type: application/json
Content-Length: 135
Origin: http://samsung-galaxy-note10.clientoffer.site
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.0
Date: Wed, 30 Nov 2022 09:17:04 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 16
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: http://samsung-galaxy-note10.clientoffer.site
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type, X-CSRF-Token, X-Session-Id, X-Offer-Id, X-Flow-Id, X-Flow_Id, X-Placement-Id, X-Placement_Id, X-Lead-Id, X-Sig, X-iivmxswc, X-Request-id, X-zqhkygow, X-ofvuinwk
Pragma: no-cache
Cache-Control: no-cache
ETag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
Vary: Accept-Encoding
st.formulead.com/assets/js/bioep.min.js
54.230.111.106200 OK 0 B URL HTTP/2 st.formulead.com/assets/js/bioep.min.js
IP 54.230.111.106:0
GET /assets/js/bioep.min.js HTTP/1.1
Host: st.formulead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf8
server: nginx/1.19.0
last-modified: Tue, 20 Sep 2022 15:27:41 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 29 Nov 2022 13:11:21 GMT
etag: W/"6329dbed-14c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B7ie0t_CK0mNzCJfC-tIVAZSMvuTgiHJcWKPOW9vZLPjg8_y2Lx4OA==
age: 72337
X-Firefox-Spdy: h2
trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=samsung-galaxy-note10.clientoffer.site
172.64.169.3200 OK 0 B URL HTTP/2 trk-consulatu.com/scripts/push/script/z75dnkdk4q?url=samsung-galaxy-note10.clientoffer.site
IP 172.64.169.3:0
GET /scripts/push/script/z75dnkdk4q?url=samsung-galaxy-note10.clientoffer.site HTTP/1.1
Host: trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://samsung-galaxy-note10.clientoffer.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:17:00 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkYq24%2FrEf9OlHBI9i%2Fj5nplrlSMJNdWde0u6t1KkFL9kYVF6rD3l%2BbcYqwNZh6TRok62HlgEiA5UZlaac8IlsuXJ0kTMUwy62XXRzmNIkDdWFoFV2A3wDnjOSZQmIQ6XUQj2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77227ccb3d190672-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2