tandf.xyz/
172.67.220.195301 Moved Permanently 0 B IP 172.67.220.195:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: tandf.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 09:32:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 04 Oct 2022 10:32:49 GMT
Location: https://tandf.xyz/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ST96Zj3b0eJRs1hyUDVf43TlpzTIUaTzdIH0qq5MouBu%2FOYQSW3hA%2FA1ha1ThX1Ddoywpjp4gvz5L2mHz9k5KUtiiGW77N%2BURyM93r4GLcBYirhqmGZhGg7ML0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754ce998fbe9b4eb-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8873
Expires: Tue, 04 Oct 2022 12:00:42 GMT
Date: Tue, 04 Oct 2022 09:32:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 08:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bDbOHnh0J5sfGo6e1SZGnfKZZ8jDcamJ9J2zTZmSUIvr5FDFX-hkSg==
Age: 2745
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BKQIL_dLSYYLlVYb_AuNoEaUP61kPQBhDE4D1lKBlR0VIDLB0v451A==
age: 14662
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 09:32:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 39f5d931311053c855bc6f9385e245d3
51190e13b96381ced4577c959622843b915d1c5e
203bbf54352e7524ef94a85bd440462ff7c7c955af49045e2aa97eeea70f3c00
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "203BBF54352E7524EF94A85BD440462FF7C7C955AF49045E2AA97EEEA70F3C00"
Last-Modified: Tue, 04 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 04 Oct 2022 15:32:49 GMT
Date: Tue, 04 Oct 2022 09:32:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 09:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 10:27:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZbdomtlQGNtBvdgvt_LBmawCHOc8573AtovxC422T3sX1RhPMIWZAw==
Age: 197
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 39f5d931311053c855bc6f9385e245d3
51190e13b96381ced4577c959622843b915d1c5e
203bbf54352e7524ef94a85bd440462ff7c7c955af49045e2aa97eeea70f3c00
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "203BBF54352E7524EF94A85BD440462FF7C7C955AF49045E2AA97EEEA70F3C00"
Last-Modified: Tue, 04 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Tue, 04 Oct 2022 15:32:49 GMT
Date: Tue, 04 Oct 2022 09:32:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4201
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:32:50 GMT
Last-Modified: Tue, 04 Oct 2022 08:22:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.190.4101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.190.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 48/FTC1pSF/tXQC/qgYAMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: m4zwavd5XFyY0GoVaN8kPGZsBGQ=
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.80200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.80:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Tue, 04 Oct 2022 05:35:19 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jRJfaUvU2e2P5N5ANSFKXPQQSqDBuLr5rmZmnd2OpXtExK4Wm6LxyA==
age: 14253
X-Firefox-Spdy: h2
cdn3.dan.com/packs/js/46-88556e9e50d17812c1f4.chunk.js
143.204.55.93200 OK 4.0 kB URL HTTP/2 cdn3.dan.com/packs/js/46-88556e9e50d17812c1f4.chunk.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (11830)
Hash 7d8c723f4a9ef7b8b5299775d07f9755
630dab463d765daa41e714a8d43e0b95525eab6b
7a6f5609beffd6f22afb0d746402c49db439812344907a11320d212a3381bca9
GET /packs/js/46-88556e9e50d17812c1f4.chunk.js HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 4033
server: openresty
date: Thu, 29 Sep 2022 11:57:37 GMT
last-modified: Thu, 29 Sep 2022 11:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xVFy5b0V4nzwR6B2WCoGwslUNJu4it9tkmzNs_dhkpyAxxwb-GdJgg==
age: 423314
X-Firefox-Spdy: h2
dan.com/buy-domain/Tandf.xyz
3.70.113.20200 OK 80 kB URL HTTP/2 dan.com/buy-domain/Tandf.xyz
IP 3.70.113.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19172)
Hash 04a79c5395a76b9fa82a9b4e7372fcf5
1936d1cc8dec99242589dab59c6f5488a0405920
477d9e670a67e333ccb8fc3804c7383641bf92c3630994fd3069888d97581a86
GET /buy-domain/Tandf.xyz HTTP/1.1
Host: dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tandf.xyz/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Tue, 04 Oct 2022 09:32:51 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"d4f36ded3eae02457be0f6c3ca45430c"
cache-control: max-age=0, private, must-revalidate
set-cookie: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=Oek9QtlzPTiwSCZfjpZhbwYZcP1HiB9fqKP8%2Bq13luhqiaogVlhVUzKz%2FTYsMI7LEZa04KxgLXx2zkdZJx4joEh3aAq2EJDg3maaXrzkmbv85PpQCxn8IgUW9yEMOhLQez%2FslObnUgypJdaQFg3m%2FIQJgZV2Yd3ZgiGeoZ7JYX9HKfdTV%2FySJmPoAAGNYC19u4SSMv%2Bf7aqxQr5qOyYKGgOULhOAcJRxFju1mQ4P2in2sSDIzkwbYY2SdazVSCBdaw7uPWM17e9S2my%2F29mHtOXF78kfMV1QWMo8r%2FqcOk%2FbtbwiW9cA1yZL88cCzvjOZkirFhOLwFZomnbOE7YYkyWLCrVwOEpBIiiXHXc9QliCyhRi117nNYrx7r4ARqLFLIkGPA16abhCaYotaApKsNgK3k3SynKifrm57z3unuPMFCvqau12lyuaisxetxuONduYfZuHVxu0c7JPgHoDgQ%3D%3D--tskBmZi0%2FafH6L8P--Sw2hzBXKfSKIBZXpK9%2B13A%3D%3D; path=/; secure; HttpOnly
x-request-id: 1a42df53-d5c5-4a08-9fea-09325082dd5c
x-runtime: 0.067842
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
X-Firefox-Spdy: h2
cdn3.dan.com/packs/js/runtime~public/product-4702ba4ef082c873b6a6.js
143.204.55.93200 OK 790 B URL HTTP/2 cdn3.dan.com/packs/js/runtime~public/product-4702ba4ef082c873b6a6.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (1516)
Hash fbd89b78012cf3943d91a7f70d3279bb
51b248e9fd3fe352a4a05718ee31652cf798f133
8225a704be213f912247d318cf12aec48b31d0e85d32d4159134337e81cdac17
GET /packs/js/runtime~public/product-4702ba4ef082c873b6a6.js HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 790
server: openresty
date: Thu, 15 Sep 2022 08:51:17 GMT
last-modified: Thu, 15 Sep 2022 08:49:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BIFakuXp2N1ldNEPbECqSe9CKHIq9MmLhhVkOWb2DER61R5ecpMOaQ==
age: 1644094
X-Firefox-Spdy: h2
cdn1.dan.com/assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js
143.204.55.5200 OK 982 B URL HTTP/2 cdn1.dan.com/assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js
IP 143.204.55.5:0
File type ASCII text, with very long lines (1896), with no line terminators
Hash 7e27a1f78cf2901cf631835d1abdd80d
2a470ea7454f0d0da5d3f8c22052f96fdf949eb4
1b1e6270bc0e76e8f70a5024015b12e3833db1d9a3d8252a343b57edd2efdf2f
GET /assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 982
server: openresty
date: Wed, 29 Jun 2022 10:34:24 GMT
last-modified: Thu, 09 Dec 2021 13:49:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3FLRccwEsDL8GSVq1PWgU_jRsQAAyH2MSzQd7lT7dQWTJkthby5tKw==
age: 8377107
X-Firefox-Spdy: h2
cdn1.dan.com/packs/js/runtime~public/fonts-04f2a61e6e81642757eb.js
143.204.55.5200 OK 789 B URL HTTP/2 cdn1.dan.com/packs/js/runtime~public/fonts-04f2a61e6e81642757eb.js
IP 143.204.55.5:0
File type ASCII text, with very long lines (1516)
Hash c82708ee382bce4ec512fa33a05514e0
c8a0280d9f76f76d0ef0ce1f5e0bbc89e0c5a2fa
8c8555685f29704f6f96133c2e0e3be90297b57196aa1f1aa08041828e59f588
GET /packs/js/runtime~public/fonts-04f2a61e6e81642757eb.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 789
server: openresty
date: Thu, 15 Sep 2022 08:51:12 GMT
last-modified: Thu, 15 Sep 2022 08:49:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MxYGl7sJLvTAGrBZQOuT9hfuMVe6ubAB8mdZpFNgCwB6oKqytDj8GA==
age: 1644099
X-Firefox-Spdy: h2
cdn1.dan.com/packs/js/public/product-e7a69531b52efa151f7b.chunk.js
143.204.55.5200 OK 8.6 kB URL HTTP/2 cdn1.dan.com/packs/js/public/product-e7a69531b52efa151f7b.chunk.js
IP 143.204.55.5:0
File type ASCII text, with very long lines (32635)
Hash 364192a0fcc49096658a22be97f74a21
5ea6ebe645ce8a141412b4bf7bb62f48a9ccba3f
c2a4345572bd6a9f18e8f0774bc22c3c74aa464fe9819a5292e299249bc12b03
GET /packs/js/public/product-e7a69531b52efa151f7b.chunk.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 8566
server: openresty
date: Thu, 29 Sep 2022 11:57:37 GMT
last-modified: Thu, 29 Sep 2022 11:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Gbnt8t3Qu7jeDtTJwaMSQrxC98ivPwL5fNYaQteyU5Al42gS9HHv3A==
age: 423314
X-Firefox-Spdy: h2
cdn0.dan.com/packs/js/public/shared-74da3e5383b71e12842e.chunk.js
143.204.55.93200 OK 188 B URL HTTP/2 cdn0.dan.com/packs/js/public/shared-74da3e5383b71e12842e.chunk.js
IP 143.204.55.93:0
Hash 0b9b39c5e1cf352fb0aa6875351a35b2
005d8f794803235aba6d8b613805a89f1494e726
0293a69c13671d5b7782d98022f505078bb531c59c6b149a3d183c32225caa29
GET /packs/js/public/shared-74da3e5383b71e12842e.chunk.js HTTP/1.1
Host: cdn0.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 188
server: openresty
date: Thu, 29 Sep 2022 11:57:37 GMT
last-modified: Thu, 29 Sep 2022 11:55:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xiWoFsdZGDea1R4m9DIMrJ-3-vcrWH1xVRgOosygv9PbypPCJEI8Rw==
age: 423314
X-Firefox-Spdy: h2
cdn1.dan.com/packs/js/runtime~public/shared-029da93a03dc79cb1656.js
143.204.55.5200 OK 790 B URL HTTP/2 cdn1.dan.com/packs/js/runtime~public/shared-029da93a03dc79cb1656.js
IP 143.204.55.5:0
File type ASCII text, with very long lines (1516)
Hash 87f9ac11f115f3f8fb0a5e1485574661
42d32861a37910f8a19da8d903f8732dde1f61b5
90ca0d9952c69199fc1d38309910369d304829eb278f6e3a6bb17948f43e95cc
GET /packs/js/runtime~public/shared-029da93a03dc79cb1656.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 790
server: openresty
date: Thu, 15 Sep 2022 08:51:17 GMT
last-modified: Thu, 15 Sep 2022 08:49:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sExZfAT7IPeDKaEq40gFj8doGHoXDGssu2xFoFrzZ2HaxIp65xVuvA==
age: 1644094
X-Firefox-Spdy: h2
cdn0.dan.com/packs/js/40-ba0bd55b74268690301e.chunk.js
143.204.55.93200 OK 50 kB URL HTTP/2 cdn0.dan.com/packs/js/40-ba0bd55b74268690301e.chunk.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ebb8df9d0261411af8d436ec22835dfc
a21231e2af87fa2c2e9e7adf271574e2f6ac862c
cfe262ffbe743b6efec7f649748081251acb3ec8d6bea9a49f1a5920a042be64
GET /packs/js/40-ba0bd55b74268690301e.chunk.js HTTP/1.1
Host: cdn0.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 50096
server: openresty
date: Thu, 29 Sep 2022 11:57:37 GMT
last-modified: Thu, 29 Sep 2022 11:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MLCjPz_D4cyaLMcpHPGxoFMN_Iong6h1RQRAZn0JAqx3NyV9658MXQ==
age: 423314
X-Firefox-Spdy: h2
cdn1.dan.com/assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js
143.204.55.5200 OK 4.4 kB URL HTTP/2 cdn1.dan.com/assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js
IP 143.204.55.5:0
File type ASCII text, with very long lines (15400), with no line terminators
Hash de2f4a801d555fd16c042093f091acd4
86110e7d996ff7d52e1bbb9f0083f5369c965634
8d772411db1b7ce8f803656bdc1e7e0dfb299eb51371d957fe5ef8656a4819c6
GET /assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 4434
server: openresty
date: Thu, 11 Aug 2022 03:48:47 GMT
last-modified: Thu, 09 Dec 2021 13:49:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XQPdyI3AXxaY74XEJQ6KEbz-d5NDAuoN6G2rZgKdpo_vf8dQQKGgEg==
age: 4686244
X-Firefox-Spdy: h2
cdn3.dan.com/packs/js/public/fonts-5c8b6b7bf32ee70f92c4.chunk.js
143.204.55.93200 OK 426 B URL HTTP/2 cdn3.dan.com/packs/js/public/fonts-5c8b6b7bf32ee70f92c4.chunk.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (591)
Hash 22920c44500ad01b50cdbb114f79a3a1
c900dcd51683b9ffd9864ef55b6c72d7937b5cfd
803f11165364b374c7a7c6ba9e1f3368b756657fb04174bd4d1b8c85137958e6
GET /packs/js/public/fonts-5c8b6b7bf32ee70f92c4.chunk.js HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 426
server: openresty
date: Thu, 29 Sep 2022 11:57:37 GMT
last-modified: Thu, 29 Sep 2022 11:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V4BhQF-GKcy8WaVTAyaTGQMk5we8tuVA2WXtG0_L-N0De38RSFzyaA==
age: 423314
X-Firefox-Spdy: h2
cdn1.dan.com/assets/public/payment_logos-5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387.png
143.204.55.5200 OK 3.2 kB URL HTTP/2 cdn1.dan.com/assets/public/payment_logos-5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387.png
IP 143.204.55.5:0
File type PNG image data, 272 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 1a20ff7a7df04a852f968c5c988dd6fa
260328a70eeb31d942e6bf3afdc3ba0abf9534f7
5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387
GET /assets/public/payment_logos-5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387.png HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/assets/public-5650085f38bef8daac460d9524da67e9d8cc6bb263cdf3c743ca3862820951e2.css
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3181
server: openresty
date: Sun, 28 Aug 2022 01:45:55 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: svqrQkkstLLzf721x8rKB2OWvFYfgAYbxSfJa9RSR5OJ8BVEETtBZg==
age: 3224816
X-Firefox-Spdy: h2
cdn1.dan.com/assets/public/benefits-transfers-374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606.svg
143.204.55.5200 OK 2.5 kB URL HTTP/2 cdn1.dan.com/assets/public/benefits-transfers-374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606.svg
IP 143.204.55.5:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2008)
Hash 60377485c532698023ddb3324aafaff7
9fa2b7b0ee6792bdf3641cb45446b6d72496de1a
374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606
GET /assets/public/benefits-transfers-374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606.svg HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/assets/public-5650085f38bef8daac460d9524da67e9d8cc6bb263cdf3c743ca3862820951e2.css
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2452
server: openresty
date: Fri, 24 Jun 2022 21:23:32 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MeQnpJVt1QY06AezqpEZGCSJZzLWzTjzR1qkGFmlPwOHR3UOfq5mrg==
age: 8770159
X-Firefox-Spdy: h2
cdn0.dan.com/assets/public/benefits-payments-fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851.svg
143.204.55.93200 OK 4.3 kB URL HTTP/2 cdn0.dan.com/assets/public/benefits-payments-fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851.svg
IP 143.204.55.93:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (633)
Hash 4663788bd6ea455409d8d873a1a67005
96bb83e405812d18655e9211ad390d0fbde6a7b1
fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851
GET /assets/public/benefits-payments-fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851.svg HTTP/1.1
Host: cdn0.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4341
server: openresty
date: Sat, 20 Aug 2022 05:57:56 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8wCYOTskuHKvsoConkQ66dosjWmwA6mJytnoPz1JL-cGRuZn4-OHHw==
age: 3900895
X-Firefox-Spdy: h2
cdn2.dan.com/assets/logos/Main@2x-0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379.svg
143.204.55.93200 OK 12 kB URL HTTP/2 cdn2.dan.com/assets/logos/Main@2x-0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379.svg
IP 143.204.55.93:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4396)
Hash 386fcff0359a238feae3616089163f60
3861370145d1176cdbeb8d44c70638efd49507e7
0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379
GET /assets/logos/Main@2x-0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379.svg HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 11658
server: openresty
date: Mon, 22 Aug 2022 01:42:32 GMT
last-modified: Mon, 18 Jul 2022 15:41:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pMBXmnMfoTu60p2aAL6ZefJEpNG_Jtw_7QfpjKxt5EEhXl5KiBCnGg==
age: 3743419
X-Firefox-Spdy: h2
cdn2.dan.com/assets/public/benefits-protection-523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f.svg
143.204.55.93200 OK 4.3 kB URL HTTP/2 cdn2.dan.com/assets/public/benefits-protection-523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f.svg
IP 143.204.55.93:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (898)
Hash b4a9f0ba344eb285f99ea324daeab7d0
82020383fea04966c27241f53e7aad2a74eab53a
523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f
GET /assets/public/benefits-protection-523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f.svg HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn1.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4277
server: openresty
date: Tue, 16 Aug 2022 02:42:41 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Q05ad9cojShnH4cwLOgCakjCAVqYGZ9Uu8vpDDprhU9QOtWZW36RgQ==
age: 4258210
X-Firefox-Spdy: h2
cdn3.dan.com/assets/GraphikDan-Semibold-Web-560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc.woff2
143.204.55.93200 OK 42 kB URL HTTP/2 cdn3.dan.com/assets/GraphikDan-Semibold-Web-560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc.woff2
IP 143.204.55.93:0
File type Web Open Font Format (Version 2), TrueType, length 42052, version 1.0\012- data
Hash 7d992431ee5e40d98d9ab99cb5cde954
3e82b380c81c2f83e143e4bb1a4437903c689f05
560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc
GET /assets/GraphikDan-Semibold-Web-560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc.woff2 HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 42052
server: openresty
date: Fri, 22 Jul 2022 02:18:01 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RMgQv1X5EJzKImyOiEgzGzVItl6DkW2tamSjkX7jko1WzfkqHxvqww==
age: 6419690
X-Firefox-Spdy: h2
cdn1.dan.com/assets/GraphikDan-Regular-Web-1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6.woff2
143.204.55.5200 OK 37 kB URL HTTP/2 cdn1.dan.com/assets/GraphikDan-Regular-Web-1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6.woff2
IP 143.204.55.5:0
File type Web Open Font Format (Version 2), TrueType, length 37172, version 1.0\012- data
Hash 6b2f88dd1fc37ad2228bc4b0e12bb011
088cd68a9ce402835ff00e8e2c8ef2ccf4081a3b
1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6
GET /assets/GraphikDan-Regular-Web-1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6.woff2 HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 37172
server: openresty
date: Thu, 25 Aug 2022 03:15:09 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: peAlQlNTHwZc0pzydAoAzcE4ekyYAec8sgSIBGaaDBOsn7GR4cAgKQ==
age: 3478662
X-Firefox-Spdy: h2
cdn2.dan.com/assets/GraphikDan-Bold-Web-11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a.woff2
143.204.55.93200 OK 39 kB URL HTTP/2 cdn2.dan.com/assets/GraphikDan-Bold-Web-11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a.woff2
IP 143.204.55.93:0
File type Web Open Font Format (Version 2), TrueType, length 38556, version 1.0\012- data
Hash 15e0a4e9b6fc2834eec6ccba1973aa45
080a7126b7fb4063ea36c06beca3ebfdc4cc63ef
11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a
GET /assets/GraphikDan-Bold-Web-11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a.woff2 HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 38556
server: openresty
date: Sun, 19 Jun 2022 18:24:57 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8Csp_SGB5w6tQqR6sKuaBuBedbl9tx5-vImoSVqL-az6grYbiipSfA==
age: 9212874
X-Firefox-Spdy: h2
cdn2.dan.com/assets/GraphikDan-Medium-Web-cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3.woff2
143.204.55.93200 OK 36 kB URL HTTP/2 cdn2.dan.com/assets/GraphikDan-Medium-Web-cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3.woff2
IP 143.204.55.93:0
File type Web Open Font Format (Version 2), TrueType, length 36308, version 1.0\012- data
Hash 47f09a78e5d17d771fb06bc91e174499
b335fe0226d224782678ff7bea49773993e6f052
cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3
GET /assets/GraphikDan-Medium-Web-cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3.woff2 HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn1.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 36308
server: openresty
date: Fri, 15 Jul 2022 18:12:31 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XvbksL89YHhMICn17csCrJqVRLV4YxC6DU-fmdqHkE9hSSPQcCoaDA==
age: 6967220
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dan.com/packs/spritemap.svg
3.70.113.20200 OK 52 kB URL HTTP/2 dan.com/packs/spritemap.svg
IP 3.70.113.20:0
Hash b929c38af2f72290d8f066be36c7294c
55813c788ce0c1e3ba9d3b7ffcf69ac65d6b188f
f74469f6d648096fc047f6d9c560c6f0b2ac9b695b8b35375de066f0c98d3b64
GET /packs/spritemap.svg HTTP/1.1
Host: dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/buy-domain/Tandf.xyz
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0; bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=Oek9QtlzPTiwSCZfjpZhbwYZcP1HiB9fqKP8%2Bq13luhqiaogVlhVUzKz%2FTYsMI7LEZa04KxgLXx2zkdZJx4joEh3aAq2EJDg3maaXrzkmbv85PpQCxn8IgUW9yEMOhLQez%2FslObnUgypJdaQFg3m%2FIQJgZV2Yd3ZgiGeoZ7JYX9HKfdTV%2FySJmPoAAGNYC19u4SSMv%2Bf7aqxQr5qOyYKGgOULhOAcJRxFju1mQ4P2in2sSDIzkwbYY2SdazVSCBdaw7uPWM17e9S2my%2F29mHtOXF78kfMV1QWMo8r%2FqcOk%2FbtbwiW9cA1yZL88cCzvjOZkirFhOLwFZomnbOE7YYkyWLCrVwOEpBIiiXHXc9QliCyhRi117nNYrx7r4ARqLFLIkGPA16abhCaYotaApKsNgK3k3SynKifrm57z3unuPMFCvqau12lyuaisxetxuONduYfZuHVxu0c7JPgHoDgQ%3D%3D--tskBmZi0%2FafH6L8P--Sw2hzBXKfSKIBZXpK9%2B13A%3D%3D; time_zone_offset=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 04 Oct 2022 09:32:51 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 30 Sep 2022 12:13:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-P9NHQJ
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-P9NHQJ
IP 142.250.74.168:0
File type ASCII text, with very long lines (2688)
Hash 7eeaa5526bdbd2a05fa9db447b379a6e
74a6d0334a7eb8c35d8c4f89e0ff3b3a77c31338
fb76c6a677607f42dabc710533975910f44b3c7f82b65348c6db9c05ff97d81a
GET /gtm.js?id=GTM-P9NHQJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 04 Oct 2022 09:32:51 GMT
expires: Tue, 04 Oct 2022 09:32:51 GMT
cache-control: private, max-age=900
last-modified: Tue, 04 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41653
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn3.dan.com/assets/icons/favicon-17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f.ico
143.204.55.93200 OK 15 kB URL HTTP/2 cdn3.dan.com/assets/icons/favicon-17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f.ico
IP 143.204.55.93:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 91b5b75e4f52df43982200873c1feef6
8a01193959229d10a361d4965e305490544c428c
17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f
GET /assets/icons/favicon-17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f.ico HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 15406
server: openresty
date: Fri, 02 Sep 2022 02:50:15 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gbpUH0A5uWyAOM4XDO9t_N-AHNGr9g6KW2kwCHj2Ppzt2-NGeNIWEw==
age: 2788956
X-Firefox-Spdy: h2
cdn2.dan.com/assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png
143.204.55.93200 OK 3.1 kB URL HTTP/2 cdn2.dan.com/assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png
IP 143.204.55.93:0
File type PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c59777f5725af9a1d2d9153da1d7176
bc06fbcbf2170fe049279b7a1b6003eef8d6986a
56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290
GET /assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3054
server: openresty
date: Tue, 06 Sep 2022 00:23:51 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CaaLEI00t8laG0v0OshAMfDQOljG3wiHne6ASN9RoX4hetVl2k453Q==
age: 2452140
X-Firefox-Spdy: h2
d1lr4y73neawid.cloudfront.net/clients/pictures/000/012/546/thumb/789.png?1633982593
54.230.245.55200 OK 4.3 kB URL HTTP/2 d1lr4y73neawid.cloudfront.net/clients/pictures/000/012/546/thumb/789.png?1633982593
IP 54.230.245.55:0
File type PNG image data, 100 x 97, 8-bit/color RGBA, non-interlaced\012- data
Hash 789c528463dd081487fe3ce90c72ad01
5245906359641ca7cf89b43f694d176a0f4902e7
baebdfbff4a93b9f82000a42da824d8102173ea67d6c8683bde8973461d52b82
GET /clients/pictures/000/012/546/thumb/789.png?1633982593 HTTP/1.1
Host: d1lr4y73neawid.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 4278
date: Tue, 04 Oct 2022 09:31:15 GMT
last-modified: Mon, 11 Oct 2021 20:03:14 GMT
etag: "789c528463dd081487fe3ce90c72ad01"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J2JUNPprSXrIOdyzRo5UQynXcmaWI5Radw36hiXG6gycz328Wi6yQA==
age: 97
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 04 Oct 2022 08:41:09 GMT
expires: Tue, 04 Oct 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 3102
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=51172686&t=pageview&_s=1&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FTandf.xyz&dr=https%3A%2F%2Ftandf.xyz%2F&dp=%2Fbuy-domain%2FTandf.xyz&ul=en-us&de=UTF-8&dt=The%20domain%20name%20Tandf.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDAgEABAAAAAAAAI~&jid=174365694&gjid=1709308380&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=513849297.1664875971&z=1309039644
142.250.74.174200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=51172686&t=pageview&_s=1&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FTandf.xyz&dr=https%3A%2F%2Ftandf.xyz%2F&dp=%2Fbuy-domain%2FTandf.xyz&ul=en-us&de=UTF-8&dt=The%20domain%20name%20Tandf.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDAgEABAAAAAAAAI~&jid=174365694&gjid=1709308380&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=513849297.1664875971&z=1309039644
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j98&aip=1&a=51172686&t=pageview&_s=1&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FTandf.xyz&dr=https%3A%2F%2Ftandf.xyz%2F&dp=%2Fbuy-domain%2FTandf.xyz&ul=en-us&de=UTF-8&dt=The%20domain%20name%20Tandf.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDAgEABAAAAAAAAI~&jid=174365694&gjid=1709308380&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=513849297.1664875971&z=1309039644 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Mon, 03 Oct 2022 16:32:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 61236
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.intercom.io/widget/e2frgfyw
54.230.111.53302 Found 0 B URL HTTP/2 widget.intercom.io/widget/e2frgfyw
IP 54.230.111.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widget/e2frgfyw HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://js.intercomcdn.com/shim.latest.js
date: Tue, 04 Oct 2022 06:49:21 GMT
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T95SjNUuNF3gcNarNG3FLXJ-k1iQZvIxeKo7xyCWsYpAsX1qcjY1hw==
age: 9811
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.intercomcdn.com/shim.latest.js
143.204.55.72200 OK 6.2 kB URL HTTP/2 js.intercomcdn.com/shim.latest.js
IP 143.204.55.72:0
File type Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Hash 2cd6d75767f7b98c0c54fef4d7c7abcf
85652a6208ef75fb9154cf2753d85420d627e71a
40ffa2586c6032152f01224c15bfe2388c2201781057db97ea60d2fa55efde4b
GET /shim.latest.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6172
date: Tue, 04 Oct 2022 09:29:13 GMT
last-modified: Tue, 04 Oct 2022 09:09:09 GMT
x-amz-server-side-encryption: AES256
cache-control: max-age=300, s-maxage=300, public
content-encoding: gzip
x-amz-version-id: hJFgiGfuX.pFAzBgb1jOqD4nXHtjkY_V
accept-ranges: bytes
server: AmazonS3
etag: "2cd6d75767f7b98c0c54fef4d7c7abcf"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SR-dH41dLRNTdSBpimNKsyQoSHzMtMcNqUSAs2br1iFuVzzlV_Mh8A==
age: 219
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=174365694&gjid=1709308380&_gid=513849297.1664875971&_u=YCDAgEABAAAAAEAAI~&z=1504317525
74.125.131.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=174365694&gjid=1709308380&_gid=513849297.1664875971&_u=YCDAgEABAAAAAEAAI~&z=1504317525
IP 74.125.131.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=174365694&gjid=1709308380&_gid=513849297.1664875971&_u=YCDAgEABAAAAAEAAI~&z=1504317525 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://dan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://dan.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 09:32:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.intercomcdn.com/frame.c0722a25.js
143.204.55.72200 OK 130 kB URL HTTP/2 js.intercomcdn.com/frame.c0722a25.js
IP 143.204.55.72:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 130 kB (130532 bytes)
Hash 042921a7858addb6c4e65c5bbb4af48c
cfa970323da60094af60779039b3285c026ac247
5381b512ed8d8c81ff3f3e13f941a04b456e94db27ce3bf24b56e9a37d7637ac
GET /frame.c0722a25.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 130532
date: Tue, 04 Oct 2022 09:09:11 GMT
last-modified: Tue, 04 Oct 2022 09:07:54 GMT
etag: "042921a7858addb6c4e65c5bbb4af48c"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, s-maxage=7200, public
content-encoding: gzip
x-amz-version-id: MZqKp4WcaDsM53aPjzE5BLU24.oLd4rY
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QWStYPkUvzKufuf4zMr1SQhS_OwDZlHq95c0dyMCspNwFJwSulbrGA==
age: 1421
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15947
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 09:32:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15947
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 09:32:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15947
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 09:32:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 42511
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bec66cf-b911-4eb8-95d6-27e5f2afb6c7.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bec66cf-b911-4eb8-95d6-27e5f2afb6c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash de29d0d95d22e4e246a90feed644baf0
4ac6c5691df804078d5da54233cf4d8e7012f9ca
8e34ad07e098df14f7001d1ee538479de11afa4c255006cb6e8e2207c0e50a47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bec66cf-b911-4eb8-95d6-27e5f2afb6c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 3348b2e8-915a-492b-8241-89c13a21232c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqFlFyyoAMFz_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b56f0-2baf7ac2213c31fc384e8317;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 50AX7dGWRTOAi1Z4dP9cROGeKlz-g0oXDncFUYmuPOSwpZRWWcNo4g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:32 GMT
age: 42499
etag: "4ac6c5691df804078d5da54233cf4d8e7012f9ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 42498
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 17400
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 42511
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34f2dfb2faff276db1d4a57739db2450
f5ce815082043a4efce28fc790ae7d8b3a8531f8
e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5083
x-amzn-requestid: ed99df03-5d15-4e09-9aea-bbf77a705323
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI0HT0IAMFxvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556b-422197147d76caac6e910664;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:35 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZFVTt0eV3kpIaS4KAIZlgaTJxHb2hPxyP4BBRAZCE-cCAWJM44fZxw==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:38:28 GMT
age: 39263
etag: "f5ce815082043a4efce28fc790ae7d8b3a8531f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=174365694&_u=YCDAgEABAAAAAEAAI~&z=2023973710
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=174365694&_u=YCDAgEABAAAAAEAAI~&z=2023973710
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=174365694&_u=YCDAgEABAAAAAEAAI~&z=2023973710 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:32:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=174365694&_u=YCDAgEABAAAAAEAAI~&z=2023973710
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=174365694&_u=YCDAgEABAAAAAEAAI~&z=2023973710
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=174365694&_u=YCDAgEABAAAAAEAAI~&z=2023973710 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:32:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 09:32:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api-iam.intercom.io/messenger/web/ping
3.224.231.149200 OK 2.0 kB URL HTTP/2 api-iam.intercom.io/messenger/web/ping
IP 3.224.231.149:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6715), with no line terminators
Hash 977b3a3bec56ac35cd4e18470f603c06
aeb8f56d2b5875b9787bd6110e196944f8c1bc27
6cff1f0238d9d802220664cfcb26d1321d341833efa009bd699e650fe7434031
POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 465
Origin: https://dan.com
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:32:52 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1664875980
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13309
access-control-allow-origin: https://dan.com
vary: Accept,Accept-Encoding
x-intercom-version: eb32ba8d6be28dbbfa6ec75abc98749535ee0542
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 003536o8fh2um5a8aam0
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"6f0b5b112f1e0d5450f99811b02b872d"
x-runtime: 0.270453
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-0cfcfd89bf8b8e104
X-Firefox-Spdy: h2
js.intercomcdn.com/vendor.378f26fc.js
143.204.55.72200 OK 0 B URL HTTP/2 js.intercomcdn.com/vendor.378f26fc.js
IP 143.204.55.72:0
GET /vendor.378f26fc.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 103318
date: Tue, 04 Oct 2022 09:09:11 GMT
last-modified: Tue, 04 Oct 2022 09:07:54 GMT
etag: "211b73d669f33a2a0565a0bdf262dba6"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, s-maxage=7200, public
content-encoding: gzip
x-amz-version-id: srA0qEhfx564JIc4X8mPI32ues3WNY8n
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lbV-zWa1AeXqaL6sdOWL_TGg_Jr8gljnOT2m5e1El3HrjMSM8vS06w==
age: 1421
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
cdn3.dan.com/packs/js/3-5af6aefb07c4560e22ac.chunk.js
143.204.55.93200 OK 0 B URL HTTP/2 cdn3.dan.com/packs/js/3-5af6aefb07c4560e22ac.chunk.js
IP 143.204.55.93:0
GET /packs/js/3-5af6aefb07c4560e22ac.chunk.js HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 120427
server: openresty
date: Thu, 29 Sep 2022 11:57:37 GMT
last-modified: Thu, 29 Sep 2022 11:55:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: obCtpATxg3eIQmK0o8KqYAfa2qXXj-XxvziIBXE5OZotwQKLyJqs-w==
age: 423314
X-Firefox-Spdy: h2
dan.com/domain_views
3.70.113.20200 OK 0 B IP 3.70.113.20:0
POST /domain_views HTTP/1.1
Host: dan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/buy-domain/Tandf.xyz
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 137
Origin: https://dan.com
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0; bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=Oek9QtlzPTiwSCZfjpZhbwYZcP1HiB9fqKP8%2Bq13luhqiaogVlhVUzKz%2FTYsMI7LEZa04KxgLXx2zkdZJx4joEh3aAq2EJDg3maaXrzkmbv85PpQCxn8IgUW9yEMOhLQez%2FslObnUgypJdaQFg3m%2FIQJgZV2Yd3ZgiGeoZ7JYX9HKfdTV%2FySJmPoAAGNYC19u4SSMv%2Bf7aqxQr5qOyYKGgOULhOAcJRxFju1mQ4P2in2sSDIzkwbYY2SdazVSCBdaw7uPWM17e9S2my%2F29mHtOXF78kfMV1QWMo8r%2FqcOk%2FbtbwiW9cA1yZL88cCzvjOZkirFhOLwFZomnbOE7YYkyWLCrVwOEpBIiiXHXc9QliCyhRi117nNYrx7r4ARqLFLIkGPA16abhCaYotaApKsNgK3k3SynKifrm57z3unuPMFCvqau12lyuaisxetxuONduYfZuHVxu0c7JPgHoDgQ%3D%3D--tskBmZi0%2FafH6L8P--Sw2hzBXKfSKIBZXpK9%2B13A%3D%3D; time_zone_offset=0; _gid=GA1.2.513849297.1664875971; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 04 Oct 2022 09:32:52 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
set-cookie: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=KfExEn6lojBk69FCMBejEkp%2BVReyIbHTWd0Q2Ai%2B41gPc0iYsdyUU4wcCpkPBccWQcrYzByQM578nMvYGk8hNFfoj9gFS%2FyxzDG8EkQBKOWDNBsLZNS%2Bmx%2FLfjrIH4HIruj9grPrqEMThWhfy6st3FAXzDQy5%2FgfC7YOri4wcuWt8TvHdmJMLuOcyNwV3lkJW26Jr%2FdiPBfmNizmrwXTgPJHfhdKGg8t2Cqnl2FJ83BPa6PEgLW%2F6iF3UhedlP3vdesoLofyTmeORhm7cgdbHYxMh74yp240ZIvmwF6nMhVBW5B92LZdQVypw%2BCzHn%2Ftz76uu%2B2I%2BDOF300QURIISB%2FsYzO8fnxqlXhm3M96mPWe%2BfddK2TCbICUL1taQ45V8diV991v1ume2TG6g4CCFeUIdsdwjr3zjuY9gpRP4aTJlm%2FT6KThcVp5GHGu79Rby2wugJHGpb8GEXkBHKtoCzT%2F9P9FJTCS5dlwpS9xW8T1T%2FfPPeoNnKSwScDSJ%2Bp9599%2FOD1uPqe299vf--6cuDbiPrkTxDZc61--fTHHXvaXZkG9wskhqUzGAQ%3D%3D; path=/; secure; HttpOnly
x-request-id: 7cb628d6-fcee-4895-99ba-e660c74904f9
x-runtime: 0.016043
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
X-Firefox-Spdy: h2
tandf.xyz/
104.21.38.81200 OK 0 B IP 104.21.38.81:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: tandf.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 04 Oct 2022 09:32:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVy8LH4uEQFpzKP8IZ2kYiX96eVgv3EhYGfr52S5iicU3x7kWOjU%2FdCV1PDpaem94yaxbiiFQd1%2BGZ4p9WNPoDLrVAOeWI3R%2ByYDSuhsqgr%2FNMnqzfBC13j01R0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754ce99b7eafb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2