firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 15 Oct 2022 08:50:04 GMT
Expires: Sat, 15 Oct 2022 09:40:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8lByXqEP70tdqKwvvz59jMWQ722UyCrkZ4Sz630viC9gYBhk2VF8rg==
Age: 670
dancedynamics.com/
96.126.123.244200 OK 7.0 kB IP 96.126.123.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (303)
Hash f2dc11f9d0233c12825331b2495bed8c
429be439525c5fae4e26df82bcff824155933239
26d0834b5e7c30858efb8dcfec1eeb3054b08b1c0648c9cdcc532b555f5b1aab
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: dancedynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 15 Oct 2022 09:01:14 GMT
content-type: text/html; charset=utf-8
content-length: 7043
vary: Accept-Language
content-language: en
connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b424d8c01b211c56d5b44b92e4e4153
b1fdab18f23271eee58ae1482f8af25badc2ffda
1c82a5fd2bc3f16a66becb5e1924e8c9edd39386622dc2e5ed296442f4307b2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C82A5FD2BC3F16A66BECB5E1924E8C9EDD39386622DC2E5ED296442F4307B2B"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9915
Expires: Sat, 15 Oct 2022 11:46:29 GMT
Date: Sat, 15 Oct 2022 09:01:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20008
Expires: Sat, 15 Oct 2022 14:34:42 GMT
Date: Sat, 15 Oct 2022 09:01:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vBSwCIy0ZUg2M321F58oZkIZFqLH1FkVeHM8sWkrUg9Qj8sDujf17Hoos0S8Y+TsF3d8/Mlawe4=
x-amz-request-id: NB4PV2E0X3361PC9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 15 Oct 2022 08:02:31 GMT
age: 3523
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 09:01:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dancedynamics.com/mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZBx3dZSfiQuBCHuTgqs2M280XvCkgUOYMEA5qk0bJR55Mz5K3Mseg7ouemAgXh4NBMqPUW_3og4aYvKVe2s3hlMyQmhSgy2rsum_q_eHa-nbb834nFiizcZf3jnSzKd7T59B683NPk2tw:1ojd2g:0YiBEBz7K4coMVVVuKM9oNpIg-4/1/0
96.126.123.244200 OK 426 B URL HTTP/1.1 dancedynamics.com/mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZBx3dZSfiQuBCHuTgqs2M280XvCkgUOYMEA5qk0bJR55Mz5K3Mseg7ouemAgXh4NBMqPUW_3og4aYvKVe2s3hlMyQmhSgy2rsum_q_eHa-nbb834nFiizcZf3jnSzKd7T59B683NPk2tw:1ojd2g:0YiBEBz7K4coMVVVuKM9oNpIg-4/1/0
IP 96.126.123.244:0
File type ASCII text, with very long lines (426), with no line terminators
Hash c7d8adbfc2c704ef7cecd712cb8c0d60
b2dd8c451ce7e148d834d9efcb69c2b719312294
a8de73252127cd9ca722549fa052c57c75b67b407f4061c6d4a308696e777a3d
Analyzer Verdict Alert fortinet Malware
GET /mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZBx3dZSfiQuBCHuTgqs2M280XvCkgUOYMEA5qk0bJR55Mz5K3Mseg7ouemAgXh4NBMqPUW_3og4aYvKVe2s3hlMyQmhSgy2rsum_q_eHa-nbb834nFiizcZf3jnSzKd7T59B683NPk2tw:1ojd2g:0YiBEBz7K4coMVVVuKM9oNpIg-4/1/0 HTTP/1.1
Host: dancedynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dancedynamics.com/
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 15 Oct 2022 09:01:14 GMT
content-type: text/html; charset=utf-8
content-length: 426
x-mtm-path: 4
x-mtm-prov: 300:0.00;308:0.01
x-mtm-rd: 0.94
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJkYW5jZWR5bmFtaWNzLmNvbSIsImh0dHA6Ly93d3cxLmRhbmNlZHluYW1pY3MuY29tLz90bT0xJnN1YmlkND0xNjY1ODI0NDc0LjAyMzQyMjAwMDAmS1cxPU9ubGluZSUyMENhcmVlciUyMENvdW5zZWxpbmclMjBQcm9ncmFtcyZLVzI9R2V0JTIwQW4lMjBPbmxpbmUlMjBEZWdyZWUmS1czPUIyQiUyMFRyYXZlbCUyMEJvb2tpbmclMjBTeXN0ZW0mS1c0PU1ha2UlMjBNb25leSUyMEZyb20lMjBIb21lJktXNT1Mb3dlc3QlMjBDYXIlMjBJbnN1cmFuY2UlMjBSYXRlcyZLVzY9T25saW5lJTIwQ2FyZWVyJTIwQ291bnNlbGluZyUyMFByb2dyYW1zJktXNz1CZXN0JTIwTW9ydGdhZ2UlMjBSZWZpbmFuY2luZyUyMFJhdGVzJktXOD1Mb3dlc3QlMjBDYXIlMjBJbnN1cmFuY2UlMjBSYXRlcyZLVzk9TG93ZXN0JTIwQ2FyJTIwSW5zdXJhbmNlJTIwUmF0ZXMmc2VhcmNoYm94PTAmYmFja2ZpbGw9MCIsMSwiMjAyMi0xMC0xNSAwOTowMToxNCIsMSwiMTY2NTgyNDQ3NC4wMjM0MjIwMDAwIiwzMDgsbnVsbCxudWxsXQ:1ojd2g:UCJPNpAekSJ-uDYJChzjrKFY6Qc; expires=Sat, 15-Oct-2022 10:01:14 GMT; Max-Age=3600; Path=/
connection: close
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 15 Oct 2022 08:07:43 GMT
Cache-Control: max-age=3600
Expires: Sat, 15 Oct 2022 08:49:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JAg13mOurWrlWJX_ljXWcspLTmKzOPD_md-kqfyfdk3UruRX-R5KHA==
Age: 3212
www1.dancedynamics.com/?tm=1&subid4=1665824474.0234220000&KW1=Online%20Career%20Counseling%20Programs&KW2=Get%20An%20Online%20Degree&KW3=B2B%20Travel%20Booking%20System&KW4=Make%20Money%20From%20Home&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Online%20Career%20Counseling%20Programs&KW7=Best%20Mortgage%20Refinancing%20Rates&KW8=Lowest%20Car%20Insurance%20Rates&KW9=Lowest%20Car%20Insurance%20Rates&searchbox=0&backfill=0
76.223.26.96200 OK 5.6 kB URL HTTP/1.1 www1.dancedynamics.com/?tm=1&subid4=1665824474.0234220000&KW1=Online%20Career%20Counseling%20Programs&KW2=Get%20An%20Online%20Degree&KW3=B2B%20Travel%20Booking%20System&KW4=Make%20Money%20From%20Home&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Online%20Career%20Counseling%20Programs&KW7=Best%20Mortgage%20Refinancing%20Rates&KW8=Lowest%20Car%20Insurance%20Rates&KW9=Lowest%20Car%20Insurance%20Rates&searchbox=0&backfill=0
IP 76.223.26.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3098)
Hash 6ebbbe3ea5e59e6bfbd669ffe55d5251
84bd468bacef6ece1891d0a4f5874852460a3ee3
e2c51f63d31be0b985697f2705cd4809c56fe6b370f20d19f2fd7860495f4c6d
GET /?tm=1&subid4=1665824474.0234220000&KW1=Online%20Career%20Counseling%20Programs&KW2=Get%20An%20Online%20Degree&KW3=B2B%20Travel%20Booking%20System&KW4=Make%20Money%20From%20Home&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Online%20Career%20Counseling%20Programs&KW7=Best%20Mortgage%20Refinancing%20Rates&KW8=Lowest%20Car%20Insurance%20Rates&KW9=Lowest%20Car%20Insurance%20Rates&searchbox=0&backfill=0 HTTP/1.1
Host: www1.dancedynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dancedynamics.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 09:01:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_EL7Rhrq5z6Fub1fTUcPbiHz5iSC5dqiTamv+7quqNp3ab+EqLfvkfWbZDI8IEWLPNJZWhod8OQeVdKKQPcUwCw==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 90336661a2936bdb9efcc26998693b34
bee3b0e35ce901bff835d43a0f22eb0765ab8264
717bf09925581cc0668632ad10dfc2b714e77f9ba2c3852e8cf3ead552fde950
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5440
Cache-Control: max-age=88576
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 09:01:15 GMT
Etag: "6349189b-1d7"
Expires: Sun, 16 Oct 2022 09:37:31 GMT
Last-Modified: Fri, 14 Oct 2022 08:06:51 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
d38psrni17bvxu.cloudfront.net/themes/assets/style.css
54.230.245.22200 OK 343 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/assets/style.css
IP 54.230.245.22:0
Hash 03a4a8c322fc0c99b0ee7cbbcc9eabcd
6fc193276de2a3458cd853c474cb9269b900e00d
a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7
GET /themes/assets/style.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.dancedynamics.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Sat, 15 Oct 2022 07:34:23 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
ETag: W/"5ebab1f0-33d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EjDDRs8V6Uq4cQXTDxD758fQILGzx1P-KMEB-AWL-EjRE-FOarICVg==
Age: 5212
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
54.230.245.22200 OK 580 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
IP 54.230.245.22:0
Hash b9f539b0058b3916aad60a6b50a6b662
1a28bfde5267b2ac4c6de028c3d01ff4d84dbf29
35cc39ab61d8326d0b0105a4420b11f4106685a0d67d609454ef4ef252c48b7b
GET /themes/cleanPeppermintBlack_657d9013/style.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.dancedynamics.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Sat, 15 Oct 2022 06:34:10 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Content-Encoding: gzip
ETag: W/"62b4441b-555"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1JQOJ_XqOI9BYbNdA5azRP4ZdH9aIif2YYPyti8PEd-M0-O-4RDNJw==
Age: 8825
d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
54.230.245.22200 OK 7.0 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
IP 54.230.245.22:0
File type ASCII text, with very long lines (316)
Hash cce7f943ec8e7b4ba13be4aba6b463d9
220f3e8ca723daa91fd040cf518991a65f2bf110
ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44
GET /scripts/js3caf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.dancedynamics.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7000
Connection: keep-alive
Server: nginx
Date: Sat, 15 Oct 2022 02:32:47 GMT
Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT
Accept-Ranges: bytes
ETag: "600022c9-1b58"
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: p2ucqDyBuYrENDYukBuueJlmJu4bfuJVUoyJTBnUV7gN-qXSMqe_MA==
Age: 23308
www.google.com/adsense/domains/caf.js
142.250.74.164200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1885)
Hash b043ee86c4bfa2f192a00c8ddcbbf8dc
9e2733066bd488853dedc65f8e8ed9da77dec833
6d6c9a495e396649c1713efdaba5c4814d15656ebdba036b532ab52602b0186b
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.dancedynamics.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sat, 15 Oct 2022 09:01:15 GMT
Expires: Sat, 15 Oct 2022 09:01:15 GMT
Cache-Control: private, max-age=3600
ETag: "10340724968549784418"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
c.parkingcrew.net/scripts/sale_form.js
185.53.178.30200 OK 761 B URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js
IP 185.53.178.30:0
Hash 64f809e06446647e192fce8d1ec34e09
5b7ced07da42e205067afa88615317a277a4a82c
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.dancedynamics.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 15 Oct 2022 09:01:15 GMT
Content-Type: application/javascript
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes
push.services.mozilla.com/
34.210.158.59101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TahM6RxQzdL25H0gcEwD2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MY1Xq4hWvKiQHZlipxO632gn9pw=
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
54.230.245.22200 OK 11 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP 54.230.245.22:0
File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Fri, 14 Oct 2022 09:14:37 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DkCgM4NFma5PiI6V0CCCFluzrlX2F4MQuXlGHSI6AgDkflW1KiABNQ==
Age: 85598
www1.dancedynamics.com/favicon.ico
76.223.26.96200 OK 0 B URL HTTP/1.1 www1.dancedynamics.com/favicon.ico
IP 76.223.26.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www1.dancedynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.dancedynamics.com/?tm=1&subid4=1665824474.0234220000&KW1=Online%20Career%20Counseling%20Programs&KW2=Get%20An%20Online%20Degree&KW3=B2B%20Travel%20Booking%20System&KW4=Make%20Money%20From%20Home&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Online%20Career%20Counseling%20Programs&KW7=Best%20Mortgage%20Refinancing%20Rates&KW8=Lowest%20Car%20Insurance%20Rates&KW9=Lowest%20Car%20Insurance%20Rates&searchbox=0&backfill=0
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 09:01:16 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
www1.dancedynamics.com/track.php?domain=dancedynamics.com&toggle=browserjs&uid=MTY2NTgyNDQ3NS4yOTM6OWE5ZTVmYmU4ZjllNzFiYjA2NWFmYjhjMjc2ZjQ3MWZjYWUyNGUxM2U2M2Y2MmIxYmY2NjM3ZDI3MGFlNzRjNTo2MzRhNzZkYjQ3ODZk
76.223.26.96200 OK 20 B URL HTTP/1.1 www1.dancedynamics.com/track.php?domain=dancedynamics.com&toggle=browserjs&uid=MTY2NTgyNDQ3NS4yOTM6OWE5ZTVmYmU4ZjllNzFiYjA2NWFmYjhjMjc2ZjQ3MWZjYWUyNGUxM2U2M2Y2MmIxYmY2NjM3ZDI3MGFlNzRjNTo2MzRhNzZkYjQ3ODZk
IP 76.223.26.96:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=dancedynamics.com&toggle=browserjs&uid=MTY2NTgyNDQ3NS4yOTM6OWE5ZTVmYmU4ZjllNzFiYjA2NWFmYjhjMjc2ZjQ3MWZjYWUyNGUxM2U2M2Y2MmIxYmY2NjM3ZDI3MGFlNzRjNTo2MzRhNzZkYjQ3ODZk HTTP/1.1
Host: www1.dancedynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.dancedynamics.com/?tm=1&subid4=1665824474.0234220000&KW1=Online%20Career%20Counseling%20Programs&KW2=Get%20An%20Online%20Degree&KW3=B2B%20Travel%20Booking%20System&KW4=Make%20Money%20From%20Home&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Online%20Career%20Counseling%20Programs&KW7=Best%20Mortgage%20Refinancing%20Rates&KW8=Lowest%20Car%20Insurance%20Rates&KW9=Lowest%20Car%20Insurance%20Rates&searchbox=0&backfill=0
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 09:01:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 48c8ca7abddebd077f8d5655ab885b11
1daa9bb3c1434275bbd57b9237000b72e59e1fcc
95e3c6bd5eb86b7805c5899ebd2157f214a5aec3c180830c1db3e0256097ee6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 09:01:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0847763c339012de0d95777e8a4272d4
e232ee250caca9221381b2f05458c2da636d52c1
d52ffd5ea2345dd6b4af061313663024e1fd2f621266a445d52e6def91d87a10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 09:01:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C001023%2Cbucket103&client=dp-teaminternet12_3ph&r=m&hl=en&terms=Online%20Career%20Counseling%20Programs%2CGet%20An%20Online%20Degree%2CB2B%20Travel%20Booking%20System%2CMake%20Money%20From%20Home%2CLowest%20Car%20Insurance%20Rates%2COnline%20Career%20Counseling%20Programs%2CBest%20Mortgage%20Refinancing%20Rates%2CLowest%20Car%20Insurance%20Rates%2CLowest%20Car%20Insurance%20Rates&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2514429714757505&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300953%2C17300956%2C17301068%2C17301071%2C17301094%2C17301097&format=r9%7Cs&nocache=6881665824477374&num=0&output=afd_ads&domain_name=www1.dancedynamics.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1665824477375&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&cl=480127119&uio=--&cont=tc&jsid=caf&jsv=480127119&rurl=http%3A%2F%2Fwww1.dancedynamics.com%2F%3Ftm%3D1%26subid4%3D1665824474.0234220000%26KW1%3DOnline%2520Career%2520Counseling%2520Programs%26KW2%3DGet%2520An%2520Online%2520Degree%26KW3%3DB2B%2520Travel%2520Booking%2520System%26KW4%3DMake%2520Money%2520From%2520Home%26KW5%3DLowest%2520Car%2520Insurance%2520Rates%26KW6%3DOnline%2520Career%2520Counseling%2520Programs%26KW7%3DBest%2520Mortgage%2520Refinancing%2520Rates%26KW8%3DLowest%2520Car%2520Insurance%2520Rates%26KW9%3DLowest%2520Car%2520Insurance%2520Rates%26searchbox%3D0%26backfill%3D0&referer=http%3A%2F%2Fdancedynamics.com%2F&adbw=master-1%3A530
142.250.74.164200 OK 2.5 kB URL HTTP/2 www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C001023%2Cbucket103&client=dp-teaminternet12_3ph&r=m&hl=en&terms=Online%20Career%20Counseling%20Programs%2CGet%20An%20Online%20Degree%2CB2B%20Travel%20Booking%20System%2CMake%20Money%20From%20Home%2CLowest%20Car%20Insurance%20Rates%2COnline%20Career%20Counseling%20Programs%2CBest%20Mortgage%20Refinancing%20Rates%2CLowest%20Car%20Insurance%20Rates%2CLowest%20Car%20Insurance%20Rates&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2514429714757505&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300953%2C17300956%2C17301068%2C17301071%2C17301094%2C17301097&format=r9%7Cs&nocache=6881665824477374&num=0&output=afd_ads&domain_name=www1.dancedynamics.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1665824477375&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&cl=480127119&uio=--&cont=tc&jsid=caf&jsv=480127119&rurl=http%3A%2F%2Fwww1.dancedynamics.com%2F%3Ftm%3D1%26subid4%3D1665824474.0234220000%26KW1%3DOnline%2520Career%2520Counseling%2520Programs%26KW2%3DGet%2520An%2520Online%2520Degree%26KW3%3DB2B%2520Travel%2520Booking%2520System%26KW4%3DMake%2520Money%2520From%2520Home%26KW5%3DLowest%2520Car%2520Insurance%2520Rates%26KW6%3DOnline%2520Career%2520Counseling%2520Programs%26KW7%3DBest%2520Mortgage%2520Refinancing%2520Rates%26KW8%3DLowest%2520Car%2520Insurance%2520Rates%26KW9%3DLowest%2520Car%2520Insurance%2520Rates%26searchbox%3D0%26backfill%3D0&referer=http%3A%2F%2Fdancedynamics.com%2F&adbw=master-1%3A530
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8289)
Hash d916a4e225764333269b8628b249d24d
a298ce57ad1ac63cda87154a8d05ea1ca74c9f6b
70d3c73b962146c4efe4fa4ca9cdea02846cc17aad34ee39a178443004399f73
GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C001023%2Cbucket103&client=dp-teaminternet12_3ph&r=m&hl=en&terms=Online%20Career%20Counseling%20Programs%2CGet%20An%20Online%20Degree%2CB2B%20Travel%20Booking%20System%2CMake%20Money%20From%20Home%2CLowest%20Car%20Insurance%20Rates%2COnline%20Career%20Counseling%20Programs%2CBest%20Mortgage%20Refinancing%20Rates%2CLowest%20Car%20Insurance%20Rates%2CLowest%20Car%20Insurance%20Rates&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2514429714757505&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17300953%2C17300956%2C17301068%2C17301071%2C17301094%2C17301097&format=r9%7Cs&nocache=6881665824477374&num=0&output=afd_ads&domain_name=www1.dancedynamics.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1665824477375&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&cl=480127119&uio=--&cont=tc&jsid=caf&jsv=480127119&rurl=http%3A%2F%2Fwww1.dancedynamics.com%2F%3Ftm%3D1%26subid4%3D1665824474.0234220000%26KW1%3DOnline%2520Career%2520Counseling%2520Programs%26KW2%3DGet%2520An%2520Online%2520Degree%26KW3%3DB2B%2520Travel%2520Booking%2520System%26KW4%3DMake%2520Money%2520From%2520Home%26KW5%3DLowest%2520Car%2520Insurance%2520Rates%26KW6%3DOnline%2520Career%2520Counseling%2520Programs%26KW7%3DBest%2520Mortgage%2520Refinancing%2520Rates%26KW8%3DLowest%2520Car%2520Insurance%2520Rates%26KW9%3DLowest%2520Car%2520Insurance%2520Rates%26searchbox%3D0%26backfill%3D0&referer=http%3A%2F%2Fdancedynamics.com%2F&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.dancedynamics.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 15 Oct 2022 09:01:16 GMT
expires: Sat, 15 Oct 2022 09:01:16 GMT
cache-control: private, max-age=3600
content-encoding: br
server: gws
content-length: 2451
x-xss-protection: 0
set-cookie: CONSENT=PENDING+273; expires=Mon, 14-Oct-2024 09:01:16 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=www1.dancedynamics.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
172.217.21.162200 OK 188 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www1.dancedynamics.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 9077b0f93c9aa4fc9645f73da0edc3e1
1dcb08f177bf2e13c968aac6d5808fe6754f15e9
c5448e0943af27cd475506322e4047a0d26efe46b871c32ae67c0124380d8977
GET /gampad/cookie.js?domain=www1.dancedynamics.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.dancedynamics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 15 Oct 2022 09:01:16 GMT
server: cafe
cache-control: private
content-length: 188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bac53a9e47b402471127f290b676b367
d5aa4a8d0571a6c8519d8ab9d369c040ede52ca1
8985fb669fe4022d05158aa7a8fd8033d9b4ae4f9011f3f947e2365d4ebe19f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 09:01:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0847763c339012de0d95777e8a4272d4
e232ee250caca9221381b2f05458c2da636d52c1
d52ffd5ea2345dd6b4af061313663024e1fd2f621266a445d52e6def91d87a10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 09:01:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e2795bbe61af34c174a2c35d6ecdabf3
51cd45b2e579a493139cbb9f92b0af5052f00b86
c41cd8d984449c5a74e5c85350bb2fa1ae00767b5cec0451367a93076eded3a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 09:01:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e2795bbe61af34c174a2c35d6ecdabf3
51cd45b2e579a493139cbb9f92b0af5052f00b86
c41cd8d984449c5a74e5c85350bb2fa1ae00767b5cec0451367a93076eded3a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 09:01:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
142.250.74.33200 OK 270 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP 142.250.74.33:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 5100391430a00e10ce60aa159f525b5c
231a4492d73b225f441b1e9028dc33c89862e498
52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 14 Oct 2022 21:02:56 GMT
expires: Sat, 15 Oct 2022 20:02:56 GMT
cache-control: public, max-age=82800
age: 43100
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
142.250.74.33200 OK 174 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP 142.250.74.33:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 15 Oct 2022 06:04:21 GMT
expires: Sun, 16 Oct 2022 05:04:21 GMT
cache-control: public, max-age=82800
age: 10615
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e2795bbe61af34c174a2c35d6ecdabf3
51cd45b2e579a493139cbb9f92b0af5052f00b86
c41cd8d984449c5a74e5c85350bb2fa1ae00767b5cec0451367a93076eded3a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 09:01:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9986
Expires: Sat, 15 Oct 2022 11:47:42 GMT
Date: Sat, 15 Oct 2022 09:01:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9986
Expires: Sat, 15 Oct 2022 11:47:42 GMT
Date: Sat, 15 Oct 2022 09:01:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9986
Expires: Sat, 15 Oct 2022 11:47:42 GMT
Date: Sat, 15 Oct 2022 09:01:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9986
Expires: Sat, 15 Oct 2022 11:47:42 GMT
Date: Sat, 15 Oct 2022 09:01:16 GMT
Connection: keep-alive
www1.dancedynamics.com/?tm=1&subid4=1665824474.0234220000&KW1=Online%20Career%20Counseling%20Programs&KW2=Get%20An%20Online%20Degree&KW3=B2B%20Travel%20Booking%20System&KW4=Make%20Money%20From%20Home&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Online%20Career%20Counseling%20Programs&KW7=Best%20Mortgage%20Refinancing%20Rates&KW8=Lowest%20Car%20Insurance%20Rates&KW9=Lowest%20Car%20Insurance%20Rates&searchbox=0&backfill=0
76.223.26.96200 OK 5.6 kB URL HTTP/1.1 www1.dancedynamics.com/?tm=1&subid4=1665824474.0234220000&KW1=Online%20Career%20Counseling%20Programs&KW2=Get%20An%20Online%20Degree&KW3=B2B%20Travel%20Booking%20System&KW4=Make%20Money%20From%20Home&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Online%20Career%20Counseling%20Programs&KW7=Best%20Mortgage%20Refinancing%20Rates&KW8=Lowest%20Car%20Insurance%20Rates&KW9=Lowest%20Car%20Insurance%20Rates&searchbox=0&backfill=0
IP 76.223.26.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3070)
Hash df9f8cc1d534479a745a488af8cd7cf7
8bb06fd1aa8b20dc018efa0b2cd295f031b270e5
732deb26fc57cf7d42f92b9b564996c1ffa2c188f138e9cff005798e5e829468
GET /?tm=1&subid4=1665824474.0234220000&KW1=Online%20Career%20Counseling%20Programs&KW2=Get%20An%20Online%20Degree&KW3=B2B%20Travel%20Booking%20System&KW4=Make%20Money%20From%20Home&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Online%20Career%20Counseling%20Programs&KW7=Best%20Mortgage%20Refinancing%20Rates&KW8=Lowest%20Car%20Insurance%20Rates&KW9=Lowest%20Car%20Insurance%20Rates&searchbox=0&backfill=0 HTTP/1.1
Host: www1.dancedynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __gsas=ID=2ab29dcec101661b:T=1665824476:S=ALNI_MbzoixXCnqXn9KKr-cCxmHYS_PA3A
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 09:01:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_EL7Rhrq5z6Fub1fTUcPbiHz5iSC5dqiTamv+7quqNp3ab+EqLfvkfWbZDI8IEWLPNJZWhod8OQeVdKKQPcUwCw==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac5c50f8ffe0da11f1adb9f67d811cf
2b586d1c26208d6fe7df3a4cec286e28f21807ca
12414dcf4afa766503c9328fe626c2d1317a0d6838887e0dd30e9b56e85ea3d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8120
x-amzn-requestid: 42dc2299-203a-4269-a252-e239978fe80d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7EhLHX0IAMF89g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347813a-1357899758d9403e4b920418;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 03:08:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WTKaFQ0rZbiSiVD_qjSwbcvMoCoWsf8hfsXsC7cVkT-hm04EXHWASA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 03:39:37 GMT
age: 19299
etag: "2b586d1c26208d6fe7df3a4cec286e28f21807ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 319cbf11bba3f159e5c9f606deded924
13f29acb7a694030fc2de0b42c0d95c4be49deb7
09aa7d94e4829f4daf33d5e2aed077afcc59628839c5d6e877172e8455879062
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15855
x-amzn-requestid: 6cd31f4a-e8b2-4258-9b64-2fad83a606c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3ekFH1-IAMFTDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6346114d-5fd284f41be669a972e84ed4;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 00:58:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4PfJD4ZyH4fg4H6C1kQK_MHuWp4DdzA768vaMNt98y3_hKwkFbIpYg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 05:09:16 GMT
age: 13920
etag: "13f29acb7a694030fc2de0b42c0d95c4be49deb7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bc7ad2e-41c5-44cc-9b23-384438efa885.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bc7ad2e-41c5-44cc-9b23-384438efa885.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24dec16207dda0b6b532e9190d8cad9e
bf9ce3a7c8e6bc142b2e2b8895c5a81cc8f73582
58475b28467c2545d0bc682f0bbecee72bbc440c0e41979fb5a511eafabc7627
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bc7ad2e-41c5-44cc-9b23-384438efa885.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7686
x-amzn-requestid: 2b8c0bdb-2caa-4728-b088-f383385b4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7EhNGPlIAMFXxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347813a-4b86ae7d4bd0331d3e7db790;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 03:08:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FoOgext694kszAxg4Pn5eGVseF3PoBOd5QK1sP_SfwqlsVTxolupnQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 03:37:03 GMT
age: 19453
etag: "bf9ce3a7c8e6bc142b2e2b8895c5a81cc8f73582"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7999439-dc4a-4cbd-853d-5a0822913e35.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7999439-dc4a-4cbd-853d-5a0822913e35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70e7ecb94b9d3b14d240fbbcf97b04a9
d38357e003fa7e3b0d73d62a0db3367af2151790
2e9e42f107e200cdcd2fd18ace09c396da1aa4504da97796757ee317e05b9e02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7999439-dc4a-4cbd-853d-5a0822913e35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5289
x-amzn-requestid: 32ceec61-c109-4bc8-a174-0aac12d32004
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3IN7H1qoAMFwRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345ed8c-3bcffbb73e31871e3a61ba00;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 22:26:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: A2piL9pD-D4XogwWKe4GrQ0uYkJX2lH7U2hnvUV-Jz0o5eD9Fyh_fw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 22:24:13 GMT
age: 38223
etag: "d38357e003fa7e3b0d73d62a0db3367af2151790"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd268c3-27b8-467e-bdc3-ab2dab1a3b6d.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd268c3-27b8-467e-bdc3-ab2dab1a3b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 644dadbc61528fb78d6a4d37809a4da1
46c2110541fe6eec046efea92940d17b69e410dc
6cdb2203d1ddb0e17728a5cede16bb7cf058172b0c61ca6e5082a514a447bf88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd268c3-27b8-467e-bdc3-ab2dab1a3b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3894
x-amzn-requestid: f46ef5cf-34c4-4024-a1cb-7a46985a0225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aA5pWEHeoAMFkKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6349d63b-26b43ef606fd070f153225a3;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 21:35:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KZCAQXda5v816O20Q8-UKTh7nxPm0SSU1EGkNXEEharLsGzA1ifMDw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 21:49:43 GMT
age: 40293
etag: "46c2110541fe6eec046efea92940d17b69e410dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0ccfd7-6dc6-469b-bee1-7de141fecb1c.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0ccfd7-6dc6-469b-bee1-7de141fecb1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 902f6b585d65d720ff096817ca1f2233
9b73cbeff3361c30600bea9f12a862ae2c4f1e01
8669095b4abaab1bbe1a9f65eb61e7caf713c36f8a24ed0979f482bb3356b79c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0ccfd7-6dc6-469b-bee1-7de141fecb1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6454
x-amzn-requestid: 4774f611-4ee1-40e7-804b-229bfff6c5a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjS3MGmdoAMFqKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfe94-451518b50ab53f2538d0c13f;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 22:00:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2Ra0AP60Ts4OidLByrMWpcUixuPQZGP8QliETUca6vdyqZfO9oxGDQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 21:43:14 GMT
age: 40682
etag: "9b73cbeff3361c30600bea9f12a862ae2c4f1e01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
54.230.245.22304 Not Modified 0 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/js3caf.js
IP 54.230.245.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/js3caf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.dancedynamics.com/
If-Modified-Since: Thu, 14 Jan 2021 10:54:01 GMT
If-None-Match: "600022c9-1b58"
Cache-Control: max-age=0
HTTP/1.1 304 Not Modified
Connection: keep-alive
Server: nginx
Date: Sat, 15 Oct 2022 02:32:47 GMT
Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT
ETag: "600022c9-1b58"
X-Cache: Hit from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IOSPEICAHQ0pGy2sm1dVoinDxvvevwImjEigYAaZAfw8KI8vf4iClg==
Age: 23309
www.google.com/adsense/domains/caf.js
142.250.74.164200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1885)
Hash d29c5d00fd614b63b78a60c70f78832d
e4a837fa5a5ac2e49a3782715161dc43d43aa236
0503e81f09e98fe655fb533d45a19e05aadac278bb94f1365a57c3b7751ecdc4
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.dancedynamics.com/
If-None-Match: "10340724968549784418"
Cache-Control: max-age=0
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sat, 15 Oct 2022 09:01:16 GMT
Expires: Sat, 15 Oct 2022 09:01:16 GMT
Cache-Control: private, max-age=3600
ETag: "4420676515375997948"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
www1.dancedynamics.com/track.php?domain=dancedynamics.com&toggle=browserjs&uid=MTY2NTgyNDQ3Ni44NDIxOjYwM2FkMTgxN2VmYTBkY2NhZDg0ZWM4NjY4YzVhNWI2MTdjMGExNDUwNDFmMDgxOTZmNTc5MDQ3MWQ0YmQwY2Q6NjM0YTc2ZGNjZDk1Mw%3D%3D
76.223.26.96200 OK 20 B URL HTTP/1.1 www1.dancedynamics.com/track.php?domain=dancedynamics.com&toggle=browserjs&uid=MTY2NTgyNDQ3Ni44NDIxOjYwM2FkMTgxN2VmYTBkY2NhZDg0ZWM4NjY4YzVhNWI2MTdjMGExNDUwNDFmMDgxOTZmNTc5MDQ3MWQ0YmQwY2Q6NjM0YTc2ZGNjZDk1Mw%3D%3D
IP 76.223.26.96:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=dancedynamics.com&toggle=browserjs&uid=MTY2NTgyNDQ3Ni44NDIxOjYwM2FkMTgxN2VmYTBkY2NhZDg0ZWM4NjY4YzVhNWI2MTdjMGExNDUwNDFmMDgxOTZmNTc5MDQ3MWQ0YmQwY2Q6NjM0YTc2ZGNjZDk1Mw%3D%3D HTTP/1.1
Host: www1.dancedynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.dancedynamics.com/?tm=1&subid4=1665824474.0234220000&KW1=Online%20Career%20Counseling%20Programs&KW2=Get%20An%20Online%20Degree&KW3=B2B%20Travel%20Booking%20System&KW4=Make%20Money%20From%20Home&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Online%20Career%20Counseling%20Programs&KW7=Best%20Mortgage%20Refinancing%20Rates&KW8=Lowest%20Car%20Insurance%20Rates&KW9=Lowest%20Car%20Insurance%20Rates&searchbox=0&backfill=0
Cookie: __gsas=ID=2ab29dcec101661b:T=1665824476:S=ALNI_MbzoixXCnqXn9KKr-cCxmHYS_PA3A
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 09:01:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www1.dancedynamics.com/ls.php
76.223.26.96201 Created 0 B URL HTTP/1.1 www1.dancedynamics.com/ls.php
IP 76.223.26.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /ls.php HTTP/1.1
Host: www1.dancedynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 3022
Origin: http://www1.dancedynamics.com
Connection: keep-alive
Referer: http://www1.dancedynamics.com/?tm=1&subid4=1665824474.0234220000&KW1=Online%20Career%20Counseling%20Programs&KW2=Get%20An%20Online%20Degree&KW3=B2B%20Travel%20Booking%20System&KW4=Make%20Money%20From%20Home&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Online%20Career%20Counseling%20Programs&KW7=Best%20Mortgage%20Refinancing%20Rates&KW8=Lowest%20Car%20Insurance%20Rates&KW9=Lowest%20Car%20Insurance%20Rates&searchbox=0&backfill=0
Cookie: __gsas=ID=2ab29dcec101661b:T=1665824476:S=ALNI_MbzoixXCnqXn9KKr-cCxmHYS_PA3A; GoogleAdServingTest=Good
Cache-Control: max-age=0
HTTP/1.1 201 Created
Date: Sat, 15 Oct 2022 09:01:17 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 634a76dda4c17c62040de0e8
Charset: utf-8
Access-Control-Allow-Origin: http://www1.dancedynamics.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_l/zRE+pshe8ZDse/JEfLu0cHbWC74FDwcvg+qYCCAofSpuLgXf9t/A9LM1NZ041gVthZMKREAJ3h7V9Uu3zlMQ==
www1.dancedynamics.com/track.php?domain=dancedynamics.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2NTgyNDQ3Ni44NDIxOjYwM2FkMTgxN2VmYTBkY2NhZDg0ZWM4NjY4YzVhNWI2MTdjMGExNDUwNDFmMDgxOTZmNTc5MDQ3MWQ0YmQwY2Q6NjM0YTc2ZGNjZDk1Mw%3D%3D
76.223.26.96200 OK 20 B URL HTTP/1.1 www1.dancedynamics.com/track.php?domain=dancedynamics.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2NTgyNDQ3Ni44NDIxOjYwM2FkMTgxN2VmYTBkY2NhZDg0ZWM4NjY4YzVhNWI2MTdjMGExNDUwNDFmMDgxOTZmNTc5MDQ3MWQ0YmQwY2Q6NjM0YTc2ZGNjZDk1Mw%3D%3D
IP 76.223.26.96:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=dancedynamics.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2NTgyNDQ3Ni44NDIxOjYwM2FkMTgxN2VmYTBkY2NhZDg0ZWM4NjY4YzVhNWI2MTdjMGExNDUwNDFmMDgxOTZmNTc5MDQ3MWQ0YmQwY2Q6NjM0YTc2ZGNjZDk1Mw%3D%3D HTTP/1.1
Host: www1.dancedynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.dancedynamics.com/?tm=1&subid4=1665824474.0234220000&KW1=Online%20Career%20Counseling%20Programs&KW2=Get%20An%20Online%20Degree&KW3=B2B%20Travel%20Booking%20System&KW4=Make%20Money%20From%20Home&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Online%20Career%20Counseling%20Programs&KW7=Best%20Mortgage%20Refinancing%20Rates&KW8=Lowest%20Car%20Insurance%20Rates&KW9=Lowest%20Car%20Insurance%20Rates&searchbox=0&backfill=0
Cookie: __gsas=ID=2ab29dcec101661b:T=1665824476:S=ALNI_MbzoixXCnqXn9KKr-cCxmHYS_PA3A
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 09:01:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www.google.com/adsense/domains/caf.js
142.250.74.164200 OK 0 B URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 142.250.74.164:0
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 15 Oct 2022 09:01:16 GMT
expires: Sat, 15 Oct 2022 09:01:16 GMT
cache-control: private, max-age=3600
etag: "11401515062765827127"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2