www.c9ikptk.com/5LMHK7/BP658/?__rpt=0&__po=29&__ptid=44935912c66840949bb84ab9dc7dc0f1&__rpa=0&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
34.107.199.247302 Found 57 B URL HTTP/1.1 www.c9ikptk.com/5LMHK7/BP658/?__rpt=0&__po=29&__ptid=44935912c66840949bb84ab9dc7dc0f1&__rpa=0&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
IP 34.107.199.247:0
File type HTML document, ASCII text
Hash fac34a702735ac79294c0ff2645951dc
bb025946516e373af1fb36abe2e300af88fda6be
a4cbd7e80e4d2c050331282c60cd52fb8af96d7f86f71c61a0da55d6d1a4e9f6
GET /5LMHK7/BP658/?__rpt=0&__po=29&__ptid=44935912c66840949bb84ab9dc7dc0f1&__rpa=0&__rc=1&sub1=&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP/1.1
Host: www.c9ikptk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
server: nginx
date: Wed, 25 Jan 2023 23:13:37 GMT
content-type: text/html; charset=utf-8
content-length: 57
location: http://p.npcad.com/go/89517/482729
set-cookie: uniqueClick_BP658=8b5566b1-b881-4f36-a0bb-fe502dee4e66:1674688417; Path=/; Expires=Wed, 01 Feb 2023 23:13:37 GMT; SameSite=None
transaction_id=2dc43819f7e14be3a9b98d7822198b03; Path=/; Expires=Tue, 25 Apr 2023 23:13:37 GMT; SameSite=None
vary: Origin
x-eflow-request-id: e2cadd67-98e2-41d4-bdd4-d3f1d81ea1db
Via: 1.1 google
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2975
Expires: Thu, 26 Jan 2023 00:03:12 GMT
Date: Wed, 25 Jan 2023 23:13:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14368
Expires: Thu, 26 Jan 2023 03:13:05 GMT
Date: Wed, 25 Jan 2023 23:13:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 22:35:13 GMT
content-type: application/json
age: 2304
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17397
Expires: Thu, 26 Jan 2023 04:03:34 GMT
Date: Wed, 25 Jan 2023 23:13:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bkZqsqObaY/SP11b8SS9zFWbp9wIFA6VER7g/uPXb+ZO16llnsR6pLIcQAmOI2fsHGVPsPPiPOs=
x-amz-request-id: 44GJT8XA8RYNSY5M
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 22:37:04 GMT
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
age: 2193
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 23:13:37 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
p.npcad.com/go/89517/482729
3.228.63.1200 OK 271 B URL HTTP/1.1 p.npcad.com/go/89517/482729
IP 3.228.63.1:0
File type HTML document, ASCII text
Hash 66744285b025cb5753e4a97a76cf67fa
62bf1cccfb0862e3cd92e07e2c31e01490288ad3
0e3bd801da3290fcf02fe915436237ddf029126fbd23cba4c5a5720259b29f39
Analyzer Verdict Alert fortinet Phishing
GET /go/89517/482729 HTTP/1.1
Host: p.npcad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 25 Jan 2023 23:13:37 GMT
Server: nginx
Vary: Accept-Encoding
Content-Length: 271
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 22:41:40 GMT
age: 1917
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3967
Expires: Thu, 26 Jan 2023 00:19:44 GMT
Date: Wed, 25 Jan 2023 23:13:37 GMT
Connection: keep-alive
p.npcad.com/ad/ad?p=89517&w=482729&t=37f2497956c6da8d&r=&vw=1280&vh=0
3.228.63.1303 See Other 0 B URL HTTP/1.1 p.npcad.com/ad/ad?p=89517&w=482729&t=37f2497956c6da8d&r=&vw=1280&vh=0
IP 3.228.63.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ad/ad?p=89517&w=482729&t=37f2497956c6da8d&r=&vw=1280&vh=0 HTTP/1.1
Host: p.npcad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://p.npcad.com/go/89517/482729
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Date: Wed, 25 Jan 2023 23:13:38 GMT
Location: http://xml.poprtb.pro/click?i=ViwO6XB4oyg_0#pc224398
Server: nginx
Content-Length: 0
Connection: keep-alive
push.services.mozilla.com/
34.215.55.199101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.55.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hkiK/aBbx9nmGgEL/P3J/w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: USzwLLVA0b5Mf/uvAiolQcro4Vs=
xml.poprtb.pro/click?i=ViwO6XB4oyg_0
174.137.133.18302 Found 0 B URL HTTP/1.1 xml.poprtb.pro/click?i=ViwO6XB4oyg_0
IP 174.137.133.18:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=ViwO6XB4oyg_0 HTTP/1.1
Host: xml.poprtb.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://p.npcad.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://orest-vlv.com/zcvisitor/e5f32d34-9d05-11ed-82a4-1237b0a32ca1/1091bff0-8a8a-11ec-80f2-0a0a528900a9?campaignid=6de12c70-97e2-11ed-9150-12beee04f19b
Pragma: no-cache
orest-vlv.com/zcvisitor/e5f32d34-9d05-11ed-82a4-1237b0a32ca1/1091bff0-8a8a-11ec-80f2-0a0a528900a9?campaignid=6de12c70-97e2-11ed-9150-12beee04f19b
54.237.193.255200 1.1 kB URL HTTP/1.1 orest-vlv.com/zcvisitor/e5f32d34-9d05-11ed-82a4-1237b0a32ca1/1091bff0-8a8a-11ec-80f2-0a0a528900a9?campaignid=6de12c70-97e2-11ed-9150-12beee04f19b
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9302281fc8be785dc32e9e7a5c7a8ff4
5b6eb1737bc0645b33b1d0d65391f691f8fb59bd
4f22b1791210a3bc7ecc07a65fa31632345a9972fce4368d6e713187a96d0933
GET /zcvisitor/e5f32d34-9d05-11ed-82a4-1237b0a32ca1/1091bff0-8a8a-11ec-80f2-0a0a528900a9?campaignid=6de12c70-97e2-11ed-9150-12beee04f19b HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://p.npcad.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Wed, 25 Jan 2023 23:13:38 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: qUbbaEqw
orest-vlv.com/zcredirect?visitid=e5f32d34-9d05-11ed-82a4-1237b0a32ca1&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
54.237.193.255200 642 B URL HTTP/1.1 orest-vlv.com/zcredirect?visitid=e5f32d34-9d05-11ed-82a4-1237b0a32ca1&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b23d5a63cb473d389deb031129f5d352
f59313ae513ee3c1822f1be1bf9728d613f0d861
8189e88074822f4c37d3bd44e381aefd7b933411c43a44b4d2b94b380ce90826
GET /zcredirect?visitid=e5f32d34-9d05-11ed-82a4-1237b0a32ca1&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/e5f32d34-9d05-11ed-82a4-1237b0a32ca1/1091bff0-8a8a-11ec-80f2-0a0a528900a9?campaignid=6de12c70-97e2-11ed-9150-12beee04f19b
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Wed, 25 Jan 2023 23:13:38 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: yHUUYaPT
orest-vlv.com/favicon.ico
54.237.193.255404 653 B URL HTTP/1.1 orest-vlv.com/favicon.ico
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=e5f32d34-9d05-11ed-82a4-1237b0a32ca1&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Wed, 25 Jan 2023 23:13:39 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: amBnSSru
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18892
Expires: Thu, 26 Jan 2023 04:28:31 GMT
Date: Wed, 25 Jan 2023 23:13:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18892
Expires: Thu, 26 Jan 2023 04:28:31 GMT
Date: Wed, 25 Jan 2023 23:13:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18892
Expires: Thu, 26 Jan 2023 04:28:31 GMT
Date: Wed, 25 Jan 2023 23:13:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18892
Expires: Thu, 26 Jan 2023 04:28:31 GMT
Date: Wed, 25 Jan 2023 23:13:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18892
Expires: Thu, 26 Jan 2023 04:28:31 GMT
Date: Wed, 25 Jan 2023 23:13:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377b8e8b-f550-4274-9793-f7c7ae2dc208.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377b8e8b-f550-4274-9793-f7c7ae2dc208.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4346c1dacad291243ef79ba66e6e9040
fdb82da3dee21a1dbd4387381074b23eeeb4a810
20838f600b2749627d0e013f7248e3f62786c92aa642088e2995e84cf642691c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377b8e8b-f550-4274-9793-f7c7ae2dc208.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13606
x-amzn-requestid: 823a9979-1097-4f9f-a79f-423c93872eeb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfEr9oAMFc8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-2acff24836bad6533b0601e9;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EEu_pHR6hRhe7idyWimx99IbAzkBVU9wkgl5Ngg4M717RjGcO0aTZQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:51:33 GMT
age: 4926
etag: "fdb82da3dee21a1dbd4387381074b23eeeb4a810"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F733dfbca-7d8b-4f4f-ba0f-4532797efa30.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F733dfbca-7d8b-4f4f-ba0f-4532797efa30.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash acdc532aa5d43a7d0b77c13c5d0ec2ec
51540c2f99198a366d92c1a0be37392b9d4ecc28
f74cd8d72107cf7bf8919069c2d96e1d8a29330e978c72f032374330beee2020
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F733dfbca-7d8b-4f4f-ba0f-4532797efa30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10260
x-amzn-requestid: b80d09e0-2667-4b84-a180-b3ca997efda5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwiExLIAMFsjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a003-7eecacba4944d6975c317964;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GHYWRBoGxL54wz-UV9sd_fdbBy1GDgWdxqt3RgzXk0yu96i39sDLXA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:51:26 GMT
etag: "51540c2f99198a366d92c1a0be37392b9d4ecc28"
content-type: image/jpeg
age: 4933
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b242645f0cc22e3b12c132e6d03722ac
dec70f83182de58e03bfcb95fc240b7c33f20674
59a2d8c972d27598dfe38637197f90053186c4f68b80a5a90283cb11ddaf8a31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6609
x-amzn-requestid: 129067f4-c79b-493d-8863-2eb6c1565ee6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZABF4IIAMFsig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d533-4908ab6e5c751213084de3c6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wjUfYG_uxTe4x91OXaKxABbPpmQ1rmscm3ANlGqW20OyarNjJFcjVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:34:47 GMT
age: 56332
etag: "dec70f83182de58e03bfcb95fc240b7c33f20674"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41fd0074a6ce752b1271302feade4cee
6311d1365504f06cb7516606c56c502d553c9d16
544c508899fe8855b0975a87cb0bf35663ab4ad0ec8fd057b3962d50cc001b8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7365
x-amzn-requestid: c2a8ae3d-47f8-415f-bf08-78dd12ede3d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYRwEUbIAMFnag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0d7-38f72fec78120cf113c7a4f7;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rB4HXb1BDKiMZ5Xsb_U1UzBInPftuAryrVUhcE7v6C5qprrGRFooFg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:51:26 GMT
age: 4933
etag: "6311d1365504f06cb7516606c56c502d553c9d16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:48:42 GMT
age: 5097
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:33:54 GMT
age: 56385
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 8b69491c09c5764de4bdfa9313164d8b
17b1909243685c0e8477ba3fab1697d5013b5385
3870280c5418001d26bed3807532cadd2c6929fd5610d21e3668e33617240daf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 23:13:39 GMT
Last-Modified: Wed, 25 Jan 2023 21:30:36 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: c84NzYxndobpoAelbNeKghZw1LbZiDMge98VDXYrJIJ4_8-6VOts7g==
Age: 6184
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cc2b9a26cf016c0cf9e73531f6004051
408990c14ea8af4c979a277da755c89771672356
36e955bd017c3febc7623ad388bb260757294ca612b94ae5417de6cc04073a82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 23:13:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
216.58.207.228200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 216.58.207.228:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 4fcc8cffc198bb1436d5e909506b0b2a
a6269c7bf1d3614a78b9ba99cfec2b29e0b6ab7e
33b2950d981dcb3af46004be957506985ea0c185b5436fc6435efcdea7699d89
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 25 Jan 2023 23:13:39 GMT
date: Wed, 25 Jan 2023 23:13:39 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/public/fonts/Stolzl-Bold.woff2
18.159.164.79200 OK 24 kB URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/public/fonts/Stolzl-Bold.woff2
IP 18.159.164.79:0
File type Web Open Font Format (Version 2), TrueType, length 24012, version 1.0\012- data
Hash fd4655d12101d3452b106d9836ce49da
063309b99f53a5ece50f2484731422a50eb3f39f
62a10a7ccd37cd712bb60884224bf1ece6ccd204835bb97deb74527a6bc7c848
GET /uploads/landings/en-63aacb05a1c69/public/fonts/Stolzl-Bold.woff2 HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://smarttds.org/uploads/landings/en-63aacb05a1c69/public/css/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: font/woff2
content-length: 24012
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: "63ab010c-5dcc"
accept-ranges: bytes
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/public/fonts/Stolzl-Medium.woff2
18.159.164.79200 OK 26 kB URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/public/fonts/Stolzl-Medium.woff2
IP 18.159.164.79:0
File type Web Open Font Format (Version 2), TrueType, length 26076, version 1.0\012- data
Hash 00b5a10d2904d19aaba1c32d052baf37
b0dbb5ecee9d9702c47169bccc4dd6f375507621
83e4dcc50288ef8a23c9e36089b59d0054023079c31f93fc68641049dc9d0625
GET /uploads/landings/en-63aacb05a1c69/public/fonts/Stolzl-Medium.woff2 HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://smarttds.org/uploads/landings/en-63aacb05a1c69/public/css/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: font/woff2
content-length: 26076
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: "63ab010c-65dc"
accept-ranges: bytes
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/public/js/jquery.min.js
18.159.164.79200 OK 48 kB URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/public/js/jquery.min.js
IP 18.159.164.79:0
Hash 65377710f7bca4d18c4d683638847fb9
9a7698ef867d6a53cdbaa7a442a18a8ae09a9e36
35afd362ddf60667b50138ce5cab5e737b92cc8b1e4d1ad001029395e594216f
GET /uploads/landings/en-63aacb05a1c69/public/js/jquery.min.js HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/r/G85L?track_id=50997280&pid=64145&geo=3144096&utm_source=heliotrope-eel&utm_medium=2328&utm_campaign=fs_zeropark_no_pops_desk_19012023&utm_term=mike-eel-kgjg549nrj&utm_content=Firefox¶m1=zeropark¶m2=popup¶m3=cpm¶m4=2022-13
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: application/javascript
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-14e06"
content-encoding: gzip
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/public/css/styles.css
18.159.164.79200 OK 3.8 kB URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/public/css/styles.css
IP 18.159.164.79:0
Hash 0c9daef1d5a25afaf34e8e4751792e6b
647cebab73a22181fcaa640396ac5a13ca08d928
ac8d53e7121529783941a75eed09130e71df047771be4467c29ddcbe2b069d98
GET /uploads/landings/en-63aacb05a1c69/public/css/styles.css HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/r/G85L?track_id=50997280&pid=64145&geo=3144096&utm_source=heliotrope-eel&utm_medium=2328&utm_campaign=fs_zeropark_no_pops_desk_19012023&utm_term=mike-eel-kgjg549nrj&utm_content=Firefox¶m1=zeropark¶m2=popup¶m3=cpm¶m4=2022-13
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: text/css
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-2750"
content-encoding: gzip
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/public/js/script.js
18.159.164.79200 OK 4.0 kB URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/public/js/script.js
IP 18.159.164.79:0
Hash ed977ed41b47763242d174bb52b31675
a02a9b30ac8bc496aa1f6220711aff086e0cec27
184e556fbcc82467521ca996674a4c8a2e751c0531034bc5a11a970c8512f664
GET /uploads/landings/en-63aacb05a1c69/public/js/script.js HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/r/G85L?track_id=50997280&pid=64145&geo=3144096&utm_source=heliotrope-eel&utm_medium=2328&utm_campaign=fs_zeropark_no_pops_desk_19012023&utm_term=mike-eel-kgjg549nrj&utm_content=Firefox¶m1=zeropark¶m2=popup¶m3=cpm¶m4=2022-13
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: application/javascript
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-2c86"
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
142.250.74.99200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (636)
Size 164 kB (163892 bytes)
Hash f2995e9cc3eedf3359420fb8d714b2ca
bdc68875ff161b35dbe9d8d85241e41c862ec8e3
fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://smarttds.org
Connection: keep-alive
Referer: https://smarttds.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 18:12:36 GMT
expires: Thu, 25 Jan 2024 18:12:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
age: 18063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 23:13:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe22ec7be-6a69-4dd9-9340-9be6624c7434.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe22ec7be-6a69-4dd9-9340-9be6624c7434.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ed67ca9bce75476cc13c83abe463bc7
242e26653f691852678a2a32fd17d58fb4747126
a54b909a228e7ac3c6a98e553445905cac7664a2a9208af9abba149f11881d1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe22ec7be-6a69-4dd9-9340-9be6624c7434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4513
x-amzn-requestid: 4caaaf23-4e35-4a1e-983a-5c556d009ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOi2OG15IAMFxKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf4b5a-643a67517111200131d532f6;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DC1yx2ngTkDe6jX4jwmNVfOxDR6CXmw0fF_wgsM5E-kdMw21u25v0g==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 04:07:54 GMT
age: 68752
etag: "242e26653f691852678a2a32fd17d58fb4747126"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/public/img/wheel-bg.png
18.159.164.79200 OK 0 B URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/public/img/wheel-bg.png
IP 18.159.164.79:0
GET /uploads/landings/en-63aacb05a1c69/public/img/wheel-bg.png HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/uploads/landings/en-63aacb05a1c69/public/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: image/png
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-108e3"
content-encoding: gzip
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/public/img/wheel-button-glow.png
18.159.164.79200 OK 0 B URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/public/img/wheel-button-glow.png
IP 18.159.164.79:0
GET /uploads/landings/en-63aacb05a1c69/public/img/wheel-button-glow.png HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/uploads/landings/en-63aacb05a1c69/public/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: image/png
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-43d2"
content-encoding: gzip
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/js/runtime.f55752200e33d8e90da4.bundle.js
18.159.164.79200 OK 0 B URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/js/runtime.f55752200e33d8e90da4.bundle.js
IP 18.159.164.79:0
GET /uploads/landings/en-63aacb05a1c69/js/runtime.f55752200e33d8e90da4.bundle.js HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/r/G85L?track_id=50997280&pid=64145&geo=3144096&utm_source=heliotrope-eel&utm_medium=2328&utm_campaign=fs_zeropark_no_pops_desk_19012023&utm_term=mike-eel-kgjg549nrj&utm_content=Firefox¶m1=zeropark¶m2=popup¶m3=cpm¶m4=2022-13
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: application/javascript
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-42e"
content-encoding: gzip
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/js/main.1d9f2ffaaf3ebf16d46a.bundle.js
18.159.164.79200 OK 0 B URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/js/main.1d9f2ffaaf3ebf16d46a.bundle.js
IP 18.159.164.79:0
GET /uploads/landings/en-63aacb05a1c69/js/main.1d9f2ffaaf3ebf16d46a.bundle.js HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/r/G85L?track_id=50997280&pid=64145&geo=3144096&utm_source=heliotrope-eel&utm_medium=2328&utm_campaign=fs_zeropark_no_pops_desk_19012023&utm_term=mike-eel-kgjg549nrj&utm_content=Firefox¶m1=zeropark¶m2=popup¶m3=cpm¶m4=2022-13
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: application/javascript
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-12199"
content-encoding: gzip
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/styles/main.01134c67fb8c3323632f.css
18.159.164.79200 OK 0 B URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/styles/main.01134c67fb8c3323632f.css
IP 18.159.164.79:0
GET /uploads/landings/en-63aacb05a1c69/styles/main.01134c67fb8c3323632f.css HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/r/G85L?track_id=50997280&pid=64145&geo=3144096&utm_source=heliotrope-eel&utm_medium=2328&utm_campaign=fs_zeropark_no_pops_desk_19012023&utm_term=mike-eel-kgjg549nrj&utm_content=Firefox¶m1=zeropark¶m2=popup¶m3=cpm¶m4=2022-13
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: text/css
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-7594"
content-encoding: gzip
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/public/js/intl-tel-utils.js
18.159.164.79200 OK 0 B URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/public/js/intl-tel-utils.js
IP 18.159.164.79:0
GET /uploads/landings/en-63aacb05a1c69/public/js/intl-tel-utils.js HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/r/G85L?track_id=50997280&pid=64145&geo=3144096&utm_source=heliotrope-eel&utm_medium=2328&utm_campaign=fs_zeropark_no_pops_desk_19012023&utm_term=mike-eel-kgjg549nrj&utm_content=Firefox¶m1=zeropark¶m2=popup¶m3=cpm¶m4=2022-13
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:40 GMT
content-type: application/javascript
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-3cce0"
content-encoding: gzip
X-Firefox-Spdy: h2
bonafides.club/64145/8?l=3726¶m1=zeropark¶m2=popup¶m3=cpm¶m4=2022-13&utm_medium=2328&utm_source=heliotrope-eel&utm_term=mike-eel-kgjg549nrj&utm_content=Firefox&utm_campaign=fs_zeropark_no_pops_desk_19012023
52.59.124.141302 Found 0 B URL HTTP/2 bonafides.club/64145/8?l=3726¶m1=zeropark¶m2=popup¶m3=cpm¶m4=2022-13&utm_medium=2328&utm_source=heliotrope-eel&utm_term=mike-eel-kgjg549nrj&utm_content=Firefox&utm_campaign=fs_zeropark_no_pops_desk_19012023
IP 52.59.124.141:0
GET /64145/8?l=3726¶m1=zeropark¶m2=popup¶m3=cpm¶m4=2022-13&utm_medium=2328&utm_source=heliotrope-eel&utm_term=mike-eel-kgjg549nrj&utm_content=Firefox&utm_campaign=fs_zeropark_no_pops_desk_19012023 HTTP/1.1
Host: bonafides.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
content-type: text/html; charset=UTF-8
location: https://smarttds.org/r/G85L?track_id=50997280&pid=64145&geo=3144096&utm_source=heliotrope-eel&utm_medium=2328&utm_campaign=fs_zeropark_no_pops_desk_19012023&utm_term=mike-eel-kgjg549nrj&utm_content=Firefox¶m1=zeropark¶m2=popup¶m3=cpm¶m4=2022-13
cache-control: no-cache, private
date: Wed, 25 Jan 2023 23:13:39 GMT
set-cookie: 2b30eb962003529aa1d435285d39b1c0=MzgxMDE5ODA%3D; path=/; httponly
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/public/img/race.jpg
18.159.164.79200 OK 0 B URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/public/img/race.jpg
IP 18.159.164.79:0
GET /uploads/landings/en-63aacb05a1c69/public/img/race.jpg HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/r/G85L?track_id=50997280&pid=64145&geo=3144096&utm_source=heliotrope-eel&utm_medium=2328&utm_campaign=fs_zeropark_no_pops_desk_19012023&utm_term=mike-eel-kgjg549nrj&utm_content=Firefox¶m1=zeropark¶m2=popup¶m3=cpm¶m4=2022-13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: image/jpeg
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-ace9"
content-encoding: gzip
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/public/img/win-frame.png
18.159.164.79200 OK 0 B URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/public/img/win-frame.png
IP 18.159.164.79:0
GET /uploads/landings/en-63aacb05a1c69/public/img/win-frame.png HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/uploads/landings/en-63aacb05a1c69/public/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: image/png
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-168c"
content-encoding: gzip
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/public/img/wheel-button-bg1b26.png
18.159.164.79200 OK 0 B URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/public/img/wheel-button-bg1b26.png
IP 18.159.164.79:0
GET /uploads/landings/en-63aacb05a1c69/public/img/wheel-button-bg1b26.png HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/uploads/landings/en-63aacb05a1c69/public/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: image/png
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-da5b"
content-encoding: gzip
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/public/apple-icon-120x120.png
18.159.164.79200 OK 0 B URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/public/apple-icon-120x120.png
IP 18.159.164.79:0
GET /uploads/landings/en-63aacb05a1c69/public/apple-icon-120x120.png HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/r/G85L?track_id=50997280&pid=64145&geo=3144096&utm_source=heliotrope-eel&utm_medium=2328&utm_campaign=fs_zeropark_no_pops_desk_19012023&utm_term=mike-eel-kgjg549nrj&utm_content=Firefox¶m1=zeropark¶m2=popup¶m3=cpm¶m4=2022-13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: image/png
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-2242"
content-encoding: gzip
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/public/img/lion.png
18.159.164.79200 OK 0 B URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/public/img/lion.png
IP 18.159.164.79:0
GET /uploads/landings/en-63aacb05a1c69/public/img/lion.png HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/uploads/landings/en-63aacb05a1c69/public/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: image/png
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-e24d"
content-encoding: gzip
X-Firefox-Spdy: h2
smarttds.org/uploads/landings/en-63aacb05a1c69/007b2705c0a8f69dfdf6.png
18.159.164.79200 OK 0 B URL HTTP/2 smarttds.org/uploads/landings/en-63aacb05a1c69/007b2705c0a8f69dfdf6.png
IP 18.159.164.79:0
GET /uploads/landings/en-63aacb05a1c69/007b2705c0a8f69dfdf6.png HTTP/1.1
Host: smarttds.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smarttds.org/uploads/landings/en-63aacb05a1c69/styles/main.01134c67fb8c3323632f.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 23:13:39 GMT
content-type: image/png
server: nginx/1.20.2
last-modified: Tue, 27 Dec 2022 14:28:28 GMT
etag: W/"63ab010c-114c9"
content-encoding: gzip
X-Firefox-Spdy: h2