Overview

URLs.anadm.link/170909/8373/0/?aff_sub=;&aff_sub2=17290&aff_sub3=wg4uo5j6ijh9p7qk25pfccb0&source=102301f9654de17c098316ed61105f&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_
IP 54.230.111.50 (United States)
ASN#16509 AMAZON-02
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-28 23:02:16 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (29)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
smartsecuredt.com (1) 0 2022-06-03 01:48:10 UTC 2022-11-28 18:39:51 UTC 45.91.67.98 Unknown ranking
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-28 20:10:04 UTC 142.250.74.168
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-28 21:28:05 UTC 142.250.74.174
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
e1.o.lencr.org (2) 6159 No data No data 23.36.77.32
tracking.t0r4.com (1) 0 2022-05-18 20:26:48 UTC 2022-11-28 11:07:20 UTC 104.21.19.241 Unknown ranking
ocsp.r2m01.amazontrust.com (1) 0 2022-10-12 20:43:53 UTC 2022-11-28 09:20:44 UTC 54.230.80.227 Domain (amazontrust.com) ranked at: 581
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-28 05:53:26 UTC 34.117.237.239
zzotrack.com (1) 470411 No data No data 18.184.38.55
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-28 19:50:17 UTC 142.250.150.157
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.148.69.31
cdn.smrt-assets.com (6) 0 No data No data 23.36.76.144 Unknown ranking
s.anadm.link (2) 0 2022-04-08 20:37:13 UTC 2022-11-28 23:01:50 UTC 54.230.111.117 Unknown ranking
ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-28 05:55:58 UTC 34.102.187.140
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
www.gstatic.com (2) 0 2016-07-26 09:37:06 UTC 2022-11-28 19:40:44 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
tsyndicate.com (1) 13042 2017-03-16 09:04:54 UTC 2022-11-28 19:38:49 UTC 136.243.130.121
static.trafficjunky.com (1) 13961 2015-03-25 11:36:27 UTC 2020-05-04 07:52:25 UTC 205.185.208.79
guard.cdtbox.rocks (1) 240008 2020-08-11 05:30:44 UTC 2022-11-28 14:51:20 UTC 54.164.22.60
statisticresearch.com (1) 584767 2019-05-28 07:17:54 UTC 2022-11-28 14:51:16 UTC 52.204.249.38
s.anadm.link (2) 0 2022-04-08 20:37:13 UTC 2022-11-28 23:01:50 UTC 54.230.111.38 Unknown ranking
v2.trckguardlnk.com (3) 0 No data No data 3.66.74.238 Unknown ranking
code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2020-04-21 12:46:20 UTC 69.16.175.42
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-28 16:39:41 UTC 142.250.74.10
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-28 06:50:41 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-28 2 trckguardlnk.com Sinkholed
2022-11-28 2 trckguardlnk.com Sinkholed
2022-11-28 2 trckguardlnk.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 54.230.111.50
Date UQ / IDS / BL URL IP
2023-01-27 13:52:06 +0000 0 - 0 - 0 www.loom.com/share/ffda0cd044c046498ec42c95b2 (...) 54.230.111.50
2023-01-26 14:15:31 +0000 0 - 0 - 0 www.loom.com/share/ba47787f6dc7443c83a5b818e7 (...) 54.230.111.50
2023-01-22 22:22:35 +0000 0 - 0 - 2 aa96tz.fe88.fdske.com/ec/gAAAAABjzKqqhL-OT0hf (...) 54.230.111.50
2023-01-16 00:57:35 +0000 0 - 0 - 0 www.aging-us.com/article/202188/text 54.230.111.50
2023-01-14 22:49:34 +0000 0 - 1 - 0 www.blinklearning.com/coursePlayer/clases2.ph (...) 54.230.111.50


Last 5 reports on ASN: AMAZON-02
Date UQ / IDS / BL URL IP
2023-01-29 15:00:31 +0000 5 - 0 - 10 www.mediacdnc.com/go/f0e7977a-c452-4a5e-88ed- (...) 3.70.16.242
2023-01-29 14:59:04 +0000 0 - 1 - 3 www.aversus.site/go/cada65f6-924c-409d-b676-2 (...) 3.70.16.242
2023-01-29 14:48:39 +0000 0 - 0 - 3 3.69.224.49/ 3.69.224.49
2023-01-29 14:46:59 +0000 0 - 0 - 1 redeembux.one/ 54.67.42.145
2023-01-29 14:45:18 +0000 0 - 0 - 1 islandentertainers.com/copy/copy/error.php 3.140.13.188


Last 3 reports on domain: anadm.link
Date UQ / IDS / BL URL IP
2022-11-28 23:02:16 +0000 0 - 0 - 3 s.anadm.link/170909/8373/0/?aff_sub=;&aff_sub (...) 54.230.111.50
2022-10-09 19:16:32 +0000 0 - 0 - 2 s.anadm.link/44542/7549/24458/ 54.230.111.50
2022-09-09 06:32:33 +0000 0 - 0 - 2 s.anadm.link/44542/8435/29774/ 54.230.111.50


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-22 06:20:43 +0000 0 - 0 - 2 kristina78yx.cyber-fuck.mom/ 192.64.119.254
2023-01-19 05:29:37 +0000 0 - 0 - 1 ringo-halloween.com/ 72.52.179.174
2023-01-16 08:31:26 +0000 0 - 0 - 1 dt-smrt.com/smartlink/?a=184407&sm=29491&sl=8 (...) 45.91.67.98
2023-01-14 18:42:40 +0000 0 - 0 - 2 uryzklpa.wy5532.com/ 207.244.67.214
2023-01-11 08:34:15 +0000 0 - 0 - 1 dt-smrt.com/smartlink/?a=184407&sm=29491&sl=8 (...) 45.91.67.98

JavaScript

Executed Scripts (18)

Executed Evals (1)
#1 JavaScript::Eval (size: 2) - SHA256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
ok

Executed Writes (0)


HTTP Transactions (61)


Request Response
                                        
                                            GET /170909/8373/0/?aff_sub=;&aff_sub2=17290&aff_sub3=wg4uo5j6ijh9p7qk25pfccb0&source=102301f9654de17c098316ed61105f&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_ HTTP/1.1 
Host: s.anadm.link
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         54.230.111.117
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Mon, 28 Nov 2022 23:02:05 GMT
Content-Length: 167
Connection: keep-alive
Location: https://s.anadm.link/170909/8373/0/?aff_sub=;&aff_sub2=17290&aff_sub3=wg4uo5j6ijh9p7qk25pfccb0&source=102301f9654de17c098316ed61105f&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_
X-Cache: Redirect from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CP3Cs0_ybGc1cpZWMlOagW1-MrLNbw6VeFr9rD6eEhqmRXz93A1PNQ==


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8173
Expires: Tue, 29 Nov 2022 01:18:18 GMT
Date: Mon, 28 Nov 2022 23:02:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5735
Cache-Control: max-age=133491
Date: Mon, 28 Nov 2022 23:02:05 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:06:56 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 22:19:33 GMT
cache-control: public,max-age=3600
age: 2552
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8859
Expires: Tue, 29 Nov 2022 01:29:44 GMT
Date: Mon, 28 Nov 2022 23:02:05 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: O6Ewuu70NHCxUTWrJBJwEAqJBfCuuTcBXLV8SAWUl3Q08iTOp9GJJm9cQblJLsYoV/1RgspW/sM=
x-amz-request-id: MAGMRM4MH5MX9N3J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 22:42:15 GMT
age: 1190
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 28 Nov 2022 23:02:05 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 22:08:55 GMT
cache-control: public,max-age=3600
age: 3191
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /170909/8373/0/?aff_sub=;&aff_sub2=17290&aff_sub3=wg4uo5j6ijh9p7qk25pfccb0&source=102301f9654de17c098316ed61105f&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_ HTTP/1.1 
Host: s.anadm.link
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         54.230.111.38
HTTP/2 303 See Other
content-type: text/html; charset=utf-8
                                        
content-length: 420
location: https://tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170909&sub2=102301f9654de17c098316ed61105f&sub3=102b20cfba4a6390ad6a4d93ea200a&bo=2753%2C2754%2C2755%2C2756
server: nginx/1.19.0
date: Mon, 28 Nov 2022 23:02:05 GMT
set-cookie: enc_aff_session_8373=ENC0324e2592dc7bfba9b721f976282f3494e6cb7f4cd6bcddd1a492691a38f9a26cd3413bf7ac91ebdeeb4dfa785c8068b6561b92047e6fd2697cf137e5db76158c63a66dcb1878d29ee15cabdb21a181dca6055f7b011a5ef2957cab09c756f124dea1de0134c8d129a09ef8d594af2c297d517f5c3e4a103ed0745da5b14dd171b06fef53d758d6eb1b6a7c33e176bb3f73dc23d4abd417ced38902b297003ceb4d696c22b8e24b54d95918413e1052f0610d574fe5e6671fdf10e3f4342db943805bc2931; Path=/; Expires=Wed, 27 Nov 2024 23:02:05 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Thu, 23 Oct 2025 09:42:05 GMT; Secure
tracking_id: 102b20cfba4a6390ad6a4d93ea200a
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v9PAWZAE4Zd6hwz1J1FE8BsZLZIB5bWyYnZHdLrP2RtsicGoBzbAEQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (420), with no line terminators
Size:   420
Md5:    f58930630d3b3424db8851690c9797a3
Sha1:   f1319a00a8871a74d6118bc5aba55fa7df9c48b4
Sha256: 88ea0c32e5077e3bad3fb6b324203a952262d2afe53d050e155f1a6cc766cfe9
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "52DD901F4BA52369BFE3FF9922B6BD271005002CFBC026CEAF9F236F26D8790E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5712
Expires: Tue, 29 Nov 2022 00:37:18 GMT
Date: Mon, 28 Nov 2022 23:02:06 GMT
Connection: keep-alive

                                        
                                            GET /click?pid=781&offer_id=1085&sub1=170909&sub2=102301f9654de17c098316ed61105f&sub3=102b20cfba4a6390ad6a4d93ea200a&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 
Host: tracking.t0r4.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.21.19.241
HTTP/2 302 Found
                                        
date: Mon, 28 Nov 2022 23:02:06 GMT
content-length: 0
location: https://zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170909&sub2=102301f9654de17c098316ed61105f&campaign=&sum=&clickid=63853deee57c060001fce767
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63853deee57c060001fce767; expires=Tue, 28 Nov 2023 23:02:06 GMT; secure; SameSite=None afoffers={"1085":1669676526}; expires=Tue, 28 Nov 2023 23:02:06 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gH9mTn67%2FG4Sj23n1tGedJN%2BJl%2FKyEGfXOg2Nt8FNv17mhvarT9bKSaKHdBsBvUJSaX55J%2F1SvJupttD3pIeaaIs6xxdi3HRfv2QcFfmEdQa%2F4MHsLOFq2PoFs8WkMEi9uCOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716bab05b36b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "52DD901F4BA52369BFE3FF9922B6BD271005002CFBC026CEAF9F236F26D8790E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5712
Expires: Tue, 29 Nov 2022 00:37:18 GMT
Date: Mon, 28 Nov 2022 23:02:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4662
Cache-Control: max-age=127351
Date: Mon, 28 Nov 2022 23:02:06 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:24:37 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170909&sub2=102301f9654de17c098316ed61105f&campaign=&sum=&clickid=63853deee57c060001fce767 HTTP/1.1 
Host: zzotrack.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         18.184.38.55
HTTP/2 302 Found
                                        
server: nginx
date: Mon, 28 Nov 2022 23:02:06 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wcj5j949j0g0s7qkiudnnb4u&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781
pragma: no-cache
set-cookie: 381f1b1b-7ced-4eef-857b-418b4c176094-v4=tdfvIQDHOm-aE5MpQQYsvVl9fl6FvBwz8fi9OtDAMVc; Max-Age=86400; Expires=Tue, 29-Nov-2022 23:02:06 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=vT3lSevzs56x1g3oyE85SmNkTkTpjCcFkvYpY5p34fXXaSYwRJjM9OF4RPRQ5YYiM1ECREwp1enWemm1r%2Fbqm%2FpZTDDRx6IZ2pwDwRuqpFp%2FTqDog%2B0lqYJtf%2FpFH1VAtQBLJtGjL9s4yJp3uRDb1Q%3D%3D; Max-Age=31536000; Expires=Tue, 28-Nov-2023 23:02:06 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.r2m01.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.80.227
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=125925
Date: Mon, 28 Nov 2022 23:02:06 GMT
Etag: "638486d3-1d7"
Expires: Wed, 30 Nov 2022 10:00:51 GMT
Last-Modified: Mon, 28 Nov 2022 10:00:51 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6K_V6_CnvU2nFGKMhe2p4e2fFkgy5vPTSFQ0fmtprlhzX4yqT_t3Iw==

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HJK0nZgmhXCLTeJKoxBUKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.148.69.31
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Rn5qwZ8XBgRIJOkFJ31wWLq5w7U=

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: v2.trckguardlnk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; U-13111c20aee51aeb480ecbd988cd8cc9=unique; o_13111c20aee51aeb480ecbd988cd8cc9=62a805bf-cdfc-42c1-8727-bac55177b1b5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         3.66.74.238
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Mon, 28 Nov 2022 23:02:07 GMT
content-length: 318
server: nginx/1.20.0
last-modified: Tue, 04 May 2021 06:35:26 GMT
etag: "6090eb2e-13e"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Size:   318
Md5:    a976d227e5d1dcf62f5f7e623211dd1b
Sha1:   a2a9dc1abdd3d888484678663928cb024c359ee6
Sha256: 66332859bd8e3441a019e073a318b62a47014ba244121301034b510dc7532271

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /smartlink/?a=89072&sm=9474&mt=2&s1=381f1b1b-7ced-4eef-857b-418b4c176094_781&s2=5ff1fe9db93a1d1cc26bc9cd982a17ab&s3=558 HTTP/1.1 
Host: smartsecuredt.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         45.91.67.98
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx
Date: Mon, 28 Nov 2022 23:02:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Set-Cookie: v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5Z9Hw5CmPhEz/MpYewD3v84=; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 23:02:07 GMT; Path=/ v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5Z9Hw5CmPhEz/MpYewD3v84=; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 23:02:07 GMT; Path=/; Secure; SameSite=None gdm_visit_freq_v2_1_001=gJLhXJbXqrGXm/hn4dYEDYPADjpHMZpfZ55FFCz7MqZzls2TjmK153bqSZHMyLHl; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 23:02:07 GMT; Path=/; Secure; SameSite=None gdm_uid_v2_1_001=m+/iDHMwN7WWw+3gcSekvxaPvdx1IjLJBr04vHmccZnXXnkaI7Y14Jai6zi5Vy3q; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 23:02:07 GMT; Path=/; Secure; SameSite=None gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 23:02:07 GMT; Path=/ gdm_visit_freq_v1_1_001=gJLhXJbXqrGXm/hn4dYEDYPADjpHMZpfZ55FFCz7MqZzls2TjmK153bqSZHMyLHl; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 23:02:07 GMT; Path=/ gdm_uid_v1_1_001=m+/iDHMwN7WWw+3gcSekvxaPvdx1IjLJBr04vHmccZnXXnkaI7Y14Jai6zi5Vy3q; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 23:02:07 GMT; Path=/ gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.smartsecuredt.com; Expires=Sun, 26-Feb-2023 23:02:07 GMT; Path=/; Secure; SameSite=None
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: Sat, 1 May 2020 12:00:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (598), with CRLF line terminators
Size:   2225
Md5:    1912e1ce7e68d94e50577c240c0762f4
Sha1:   a67cb5e497d6af28e13ba40f18151ba20fd3f760
Sha256: d1f204b10d5b372dfb962c4a3f721f9305c74f9c85f01f806482af04828c5389
                                        
                                            GET /jquery-3.6.0.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Mon, 28 Nov 2022 23:02:07 GMT
content-encoding: gzip
content-length: 30875
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669676527.dop230.sk1.t,1669676527.cds227.sk1.hn,1669676527.cds210.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30875
Md5:    899f0189aaf034bbba5340f724d91dfa
Sha1:   210ea9de03968edb9d839ba4a0ce2d48666a8ab8
Sha256: 949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EAD4BEDD16AE2F0326940EE7E1AD715DF14564EA15889E0940A7FA0ED93C8F43"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14310
Expires: Tue, 29 Nov 2022 03:00:37 GMT
Date: Mon, 28 Nov 2022 23:02:07 GMT
Connection: keep-alive

                                        
                                            GET /prod/push-subscriber.js HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Tue, 29 Mar 2022 15:19:51 GMT
ETag: "6b5bccad39f7057909ad0660f33cc2fa"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: 35kqMJuJ1u5RjAKtxbnFwd5U4zZZCXGXjyOLiAvqNh6C3w79fp8VLA==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 23:02:07 GMT
Content-Length: 4395
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text
Size:   4395
Md5:    d87a44d0aa0b54e75b2eb54c76bcf152
Sha1:   f765110fd22c73d181d9a2ea1b20de424b3d9e35
Sha256: 6ec5fc6e201f4cf0ba2754f2510363cad0ea29076f9775cc25a06ff71763c0f7
                                        
                                            GET /prod/push-lang-config.js HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT
ETag: "7152525f63649929a736f6efb78b58a5"
x-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: PlzHg_kpLQKC63Gp9E61K1OBX5ibTIl975NYZyc2dmovD1t05XIN0Q==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 23:02:07 GMT
Content-Length: 2366
Connection: keep-alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (7658), with no line terminators
Size:   2366
Md5:    86caa25373c28e4a962df5e15f4c160f
Sha1:   7a992cdd21a4074c155ccc7016e7cf836a66dd85
Sha256: fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 23:02:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/1387/js/backoffer.js HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Content-Length: 660
Last-Modified: Thu, 06 May 2021 12:38:04 GMT
ETag: "e7e1dc07852a36f89e4be03aa3787316"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P2
X-Amz-Cf-Id: wMlw0DS_2cpDlmt-hXkUlzPF3cZyUBp0ipiQ_g-kkKca6KpQvvKboA==
Date: Mon, 28 Nov 2022 23:02:07 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   660
Md5:    e7e1dc07852a36f89e4be03aa3787316
Sha1:   0dc3f8e7eb943af093cf8f4600fcf0e421891025
Sha256: 33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 23:02:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:32:45 GMT
expires: Thu, 23 Nov 2023 18:32:45 GMT
cache-control: public, max-age=31536000
age: 448162
last-modified: Thu, 10 May 2018 20:35:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25088)
Size:   8604
Md5:    73069e532b7039778d3a7128c997c61a
Sha1:   c523bbf1ac7f4e612c8ade75434c42fbca885adc
Sha256: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
                                        
                                            GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:29:53 GMT
expires: Tue, 28 Nov 2023 18:29:53 GMT
cache-control: public, max-age=31536000
age: 16334
last-modified: Thu, 10 May 2018 20:35:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35547)
Size:   10017
Md5:    fa9987a23f5a9d865766e952511baa30
Sha1:   f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
Sha256: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 23:02:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=94248
Date: Mon, 28 Nov 2022 23:02:07 GMT
Etag: "6383fd01-1d7"
Expires: Wed, 30 Nov 2022 01:12:55 GMT
Last-Modified: Mon, 28 Nov 2022 00:12:49 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kFdhe50vdAuL8tl12OUPSwnBuUsbqs9lBq-rg2B_64Oh5YD8REbDAw==
Age: 3606

                                        
                                            GET /assets/1822/js/translate.js HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Mon, 18 Oct 2021 09:09:58 GMT
ETag: "a1d6d5af3b1a2d56f82f449b5c734a83"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: IJyZ28JLz6QH1FZ5hDdeyW8lP3T17CaiAsaCK1QYAHf38-sUFAdmiw==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 23:02:07 GMT
Content-Length: 17929
Connection: keep-alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   17929
Md5:    a9c2be99f967c47cfb1fbec2f4ae9f7e
Sha1:   921b0cfff4483a336a87e8840e989248c6dd89eb
Sha256: 44fa44aa80e60ffd3372c6dd5d1bbf234fb48dd8118212120bc17738942d39ab
                                        
                                            GET /assets/1822/css/main.css HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Last-Modified: Mon, 18 Oct 2021 09:00:11 GMT
ETag: "eac3e7e5cab4c729a0345ea8d8286b96"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C3
X-Amz-Cf-Id: q_UBeUIDLZnXbSq82J9lbCPc1yO-z1tZMXhEuy8URr2iohM75sUesg==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 23:02:07 GMT
Content-Length: 2221
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2221
Md5:    411953469b0a9e8f0b6550f4dea2c818
Sha1:   9a0e1f0eb9f7b6c9c9fb7875b4cc1cd147c24657
Sha256: 30629fcbd365777a4383c8467ca905da7e8bab1ec81c16626b0288851c6182ec
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8201
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 23:02:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8201
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 23:02:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8201
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 23:02:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8201
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 23:02:07 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9BUuT9WFwAQMnl8JiTDKo-zHgDL0AdjAAAIh0Mx405zbGwhvRouebQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 12:30:42 GMT
age: 37885
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4871
Md5:    a4058fd62595d15c58b3d3266de9865a
Sha1:   d0dff35eb78f129b5da407043037bcf9c27e55c0
Sha256: ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4862
x-amzn-requestid: 17c6fb35-2dc8-45e4-a226-a74ba94323b3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYlHXxIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5d0-5a0f4f667a3747166eb2b338;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XDdox2fz8xWMEWiTlHtpk_EeS6NUmzBRyWO3fTe47FfJOOvIehST1Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 09:08:40 GMT
age: 50007
etag: "a6c7a59a6599ece2cf0e76c778c920dea94ff469"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4862
Md5:    748366131b496e41f92e15ce7d1cd0e0
Sha1:   a6c7a59a6599ece2cf0e76c778c920dea94ff469
Sha256: b9ea2d419742c67e2b14536379e7383524f22645b1af988d5bd72154647fc602
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7549
x-amzn-requestid: bb37235a-8c7d-47fe-abb6-6cc633560165
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP-7lHmsoAMF9lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638311e3-1f2a4abc40119f3e026dc393;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:29:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -aUqAfyrtMO0hkr2J2lm5SNNFdtaJj-F2dpBULvXjfOV205Ksm0iHw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 4804
etag: "600859401c885cc2cdd1f199cccc198eb41d6a04"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7549
Md5:    415b1b1d5a29fc17b4114bb3df1d1c22
Sha1:   600859401c885cc2cdd1f199cccc198eb41d6a04
Sha256: abfbf4ecf2423736a29686859f6a8f2b77204b48f3f60d208f6d491e80611e7f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6037
x-amzn-requestid: eb17903e-1fd3-4a41-a6d1-8b671d890400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPAJjFa3oAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382ad70-3db95fcd1aeb9c411c55d173;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 00:21:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mFiEmh1axlMNuIBb1YSzcciCdHzHGG7q0f3lQOuHJmjugWgdZKKiSg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 11:27:11 GMT
age: 41696
etag: "3348f081a3357490a704592d105d02e81886df89"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6037
Md5:    b5e2bc1651b37b8e0467c2a6cb860fb3
Sha1:   3348f081a3357490a704592d105d02e81886df89
Sha256: 751c601e075c9338335c05b0f430ba8065b4e97440e6630993afd943f302b253
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8460
x-amzn-requestid: 51416479-3854-4f1a-9d86-35e104c57f6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnkHuZIAMF-_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852963-180b323d4a45fa2f29f9b1fc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3MKambAjrBl64HI6hBuOtNJi3Tj6gxtwH_lOfk0WNX15UnCrAJbNig==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:48:54 GMT
age: 4393
etag: "be4c4d01fc67218e26a3e9d27a2f708e639c9d4b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8460
Md5:    516776052e5e906ea9f42d25bae5cc85
Sha1:   be4c4d01fc67218e26a3e9d27a2f708e639c9d4b
Sha256: 28e70e38cfad65ad8a7a68ab1dc78747c7013a87b854fc35b163cc5765cd0570
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8796
x-amzn-requestid: 2eed036c-fcda-425b-8c5d-0b0ff31214a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEEWMIAMFwKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-5cb071a2098d43d909eb8d5c;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uWzs8gOBoczTeYXB7-FfJemWbh-hYHwNcR3b9BM5VtJ55NRUzCZeTQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 09:53:45 GMT
age: 47302
etag: "b5b245c90705ad80c31d457c0d7c96709ca31e96"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8796
Md5:    7e44c46db2ac9917110dc47aa38fdc85
Sha1:   b5b245c90705ad80c31d457c0d7c96709ca31e96
Sha256: 5024225a583b188860eaf21f7196c06cef8b2e89389ae4b1df6e314399f3b2ae
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 23:02:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 23:02:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 23:02:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Montserrat:400,500,600,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.smrt-assets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 23:02:07 GMT
date: Mon, 28 Nov 2022 23:02:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31518
Md5:    686ef01733be7070e6bb54b359f2ca35
Sha1:   76077ee9833cfb6ea282a06662f07a3eeb02e7d3
Sha256: c1f7cd66cd7f0c5a323bbac9e3d83e16b0b2fcb63c59c734188589880059d312
                                        
                                            GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 23:02:07 GMT
expires: Mon, 28 Nov 2022 23:02:07 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47293
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   47293
Md5:    b408ca05208a219fe96d9035415163a1
Sha1:   eb3d4a96c547e045517e25817ab1814f45edaf0a
Sha256: 8e4c10bd712fa806df4a58b9cd4b0c47846a2a082d9b5f6cd9ac353a35541872
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 23:02:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead} HTTP/1.1 
Host: tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://smartsecuredt.com/

search
                                         136.243.130.121
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx
Date: Mon, 28 Nov 2022 23:02:08 GMT
Content-Length: 35
Connection: keep-alive
Pragma: no-cache
Expires: 0
Vary: *
X-Api-Version: 1
X-Request-Id: ad3a09c6f2b684c1
Set-Cookie: ts_rt_3f949dfe-3372-4caa-baf0-047f88323cfa=ANmUCUOmR4kbQgQSPEjEBJwwZ8rYSVPmThmDCB9GnFixDMOA; expires=Tue, 28 Nov 2023 23:02:08 GMT; path=/; HttpOnly; secure; SameSite=None
Cache-Control: no-cache, no-store, no-transform, must-revalidate, no-transform
X-Robots-Tag: none, noindex, nofollow
Report-To: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            GET /assets/1373/other/favicon.ico HTTP/1.1 
Host: cdn.smrt-assets.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.144
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Content-Length: 1150
Last-Modified: Wed, 28 Apr 2021 11:28:55 GMT
ETag: "38722a803b73dd1871a3d8a19db44d2f"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: IAD66-C1
X-Amz-Cf-Id: JbGE-qPp-rz1sjNie-YOUT5WYN1nceHRFWqeEDCyU1T8VI4fT_WTxA==
Date: Mon, 28 Nov 2022 23:02:08 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    38722a803b73dd1871a3d8a19db44d2f
Sha1:   3379960a2c6611bfefcb39e662198d6df322e12d
Sha256: 314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
                                        
                                            GET /js/mp.min.js HTTP/1.1 
Host: static.trafficjunky.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://smartsecuredt.com/

search
                                         205.185.208.79
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 28 Nov 2022 23:02:08 GMT
Connection: Keep-Alive
ETag: "1652721327"
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 3628
Last-Modified: Mon, 16 May 2022 17:15:27 GMT
Accept-Ranges: bytes
X-HW: 1669676528.dop202.sk1.t,1669676528.cds003.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (10690), with no line terminators
Size:   3628
Md5:    044c370813dc1ea880f32a5be81384e7
Sha1:   53b0733cfc26f2bc7e83d1da0c087d5513fcf548
Sha256: 2acb7fa7d04e9c94971b02b9f67140f2bcc9fb51ee361096c735e7f81518c94c
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 22:41:08 GMT
expires: Tue, 29 Nov 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 1260
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 23:02:08 GMT
Etag: "63840dd4-1d7"
Last-Modified: Mon, 28 Nov 2022 21:56:32 GMT
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _lHNU1pcvHJZKBbnszteuQxvD4BuaLOzUl9WRFR9_QuU93k_tPNQWQ==
Age: 3936

                                        
                                            GET /color?x=1&forScheme=aHR0cDovL3NtYXJ0c2VjdXJlZHQuY29tL3NtYXJ0bGluay8/YT04OTA3MiZzbT05NDc0Jm10PTImczE9MzgxZjFiMWItN2NlZC00ZWVmLTg1N2ItNDE4YjRjMTc2MDk0Xzc4MSZzMj01ZmYxZmU5ZGI5M2ExZDFjYzI2YmM5Y2Q5ODJhMTdhYiZzMz01NTg= HTTP/1.1 
Host: guard.cdtbox.rocks
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.164.22.60
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 28 Nov 2022 23:02:08 GMT
content-length: 2
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 23:02:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=1184922813.1669676527&jid=207697191&gjid=239166655&_gid=1536757006.1669676528&_u=YADAAEAAAAAAACAAI~&z=1426870932 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.150.157
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: http://smartsecuredt.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Nov 2022 23:02:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 23:02:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /g/collect?v=2&tid=G-C3EPRPS8FB&gtm=2oeb90&_p=1986751076&cid=1184922813.1669676527&ul=en-us&sr=1280x1024&_s=1&sid=1669676527&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D381f1b1b-7ced-4eef-857b-418b4c176094_781%26s2%3D5ff1fe9db93a1d1cc26bc9cd982a17ab%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: http://smartsecuredt.com
date: Mon, 28 Nov 2022 23:02:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:58:57 GMT
age: 3797
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9376
Md5:    cce27a1fe8c0222811a5ce0e7f89e1cb
Sha1:   28c165bac8cf68cd1b0763c311aece00672cb3a5
Sha256: 4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
                                        
                                            GET /click?a=558&o=2892&sub_id1=wcj5j949j0g0s7qkiudnnb4u&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781 HTTP/1.1 
Host: v2.trckguardlnk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         3.66.74.238
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Mon, 28 Nov 2022 23:02:06 GMT
location: https://v2.trckguardlnk.com/click?a=558&sub_id1=wcj5j949j0g0s7qkiudnnb4u&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=2219
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; expires=Wed, 28-Dec-2022 23:02:06 GMT; Max-Age=2592000; path=/; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /click?a=558&sub_id1=wcj5j949j0g0s7qkiudnnb4u&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=2219 HTTP/1.1 
Host: v2.trckguardlnk.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         3.66.74.238
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 28 Nov 2022 23:02:06 GMT
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-13111c20aee51aeb480ecbd988cd8cc9=unique; expires=Wed, 28-Dec-2022 23:02:06 GMT; Max-Age=2592000; path=/; secure; SameSite=None o_13111c20aee51aeb480ecbd988cd8cc9=62a805bf-cdfc-42c1-8727-bac55177b1b5; expires=Mon, 05-Dec-2022 23:02:06 GMT; Max-Age=604800; path=/; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /user-segments/?pid=TH HTTP/1.1 
Host: statisticresearch.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.204.249.38
HTTP/2 200 OK
                                        
date: Mon, 28 Nov 2022 23:02:07 GMT
server: nginx
X-Firefox-Spdy: h2


--- Additional Info ---