Report - speedtrkgood.com/?E=3rRE/LwMlsgbw/GVKwURg6xH2SJFKy22&s1=xvtutha3g_kgfdsCW3ux17t&s3=pix0001|aisc4|b9e340&s4=kgfkoiytlelsjfgds&s5=1a22255|00065m&ckmguid=bd7bd968-1151-4011-b509-c4dc2af74bc8

Report Overview

Submitted URL
speedtrkgood.com/?E=3rRE/LwMlsgbw/GVKwURg6xH2SJFKy22&s1=xvtutha3g_kgfdsCW3ux17t&s3=pix0001|aisc4|b9e340&s4=kgfkoiytlelsjfgds&s5=1a22255|00065m&ckmguid=bd7bd968-1151-4011-b509-c4dc2af74bc8
IP
18.232.203.164
ASN
#14618 AMAZON-AES
Submitted
2022-09-06 16:31:12
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	7.7 kB	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	39 kB	142.250.74.72
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	52 kB	34.120.237.76
cdn.trustedform.com	24659	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	833 B	1.0 kB	54.230.111.91
speedtrkgood.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.9 kB	18.232.203.164
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	1.9 kB	104.18.21.226
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.3 kB	54.230.245.100
gw.helixbi.io	128425	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	855 B	312 B	34.215.82.85
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.162.217.251
www.lejeunelawsuits.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.0 kB	201 kB	143.204.55.18
s3.us-west-2.amazonaws.com	2706	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	454 B	466 B	52.218.197.136
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
sdk.helixbi.io	156586	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	88 kB	143.204.55.11
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	41 kB	142.250.74.163
api.trustedform.com	23021	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	1.7 kB	52.21.229.184
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	831 B	570 B	216.239.32.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-06	medium	www.lejeunelawsuits.com/1step/lpd01/bundle.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	cdn.trustedform.com/trustedform-1.8.27.js	101 kB	2023-03-07	2023-03-17
Pretty URL cdn.trustedform.com/trustedform-1.8.27.js IP 54.230.111.91 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-03-17 12:38:12 Times Seen1 Hash 2f557edcc84fd346c897a4d565e57ac0 b0d9e3bb1be35693c8fa4fbeb1fba3d74df3f651 67a63477cbc6cfaa632e9b56ba4c8a247f34504534b58705906f36a1627c2458 Loading...

	www.lejeunelawsuits.com/1step/lpd01/bundle.js	98 kB	2023-03-07	2023-03-17
Pretty URL www.lejeunelawsuits.com/1step/lpd01/bundle.js IP 143.204.55.18 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:16 Last Seen2023-03-17 10:41:10 Times Seen1 Hash 38f8ebe118f41d522df14744389155a6 14b4913931f8d17564a21807d75612611c9dcf9c 6a66f1e508ffdb33e4ca45cadb9df8c257dfd8db55721983045fe90f0b169833 Loading...

	sdk.helixbi.io/helixlead.js	5.4 kB	2023-03-07	2023-03-17
Pretty URL sdk.helixbi.io/helixlead.js IP 143.204.55.11 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:16 Last Seen2023-03-17 10:41:10 Times Seen1 Hash b3c9eca5f6d38f65ee802bd80e43b981 8d4c85f85fd5642e0381e95d471cc2968298b4e6 bd1f220e6edc24a22f3c6609f8474884a64a83fcafe18e15eafac29040e15607 Loading...

	sdk.helixbi.io/cd.js?ct_a=100776&ct_u=5560324DE9F28F1F7724FCE536762D5D	16 kB	2023-03-07	2023-09-21
Pretty URL sdk.helixbi.io/cd.js?ct_a=100776&ct_u=5560324DE9F28F1F7724FCE536762D5D IP 143.204.55.11 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:16 Last Seen2023-09-21 17:43:36 Times Seen7 Hash fc0b3a91ad17eca1f1af0dea86fbb192 224e357efcb29d52ed1423101be1223f1080215c ff256f499b91c4ad86b6e387d8ef7f8917bb2c9b9387bbc01eae5ff14e1d14e1 Loading...

	www.googletagmanager.com/gtag/js?id=G-FPS8WV0V59&l=dataLayer&cx=c	211 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-FPS8WV0V59&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:17 Last Seen2023-03-07 13:13:17 Times Seen1 Hash 19ea20e6c577a61623b533fb02c86b32 0abec6466d21d68ca644511c5aa4f69c2b52ef5e 996dc5e2bddb4fe77be6e5f7a8b4160c309e4028bce1626418a88e93dd093492 Loading...

	api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16624818571030.4636196491566704	8.1 kB	2023-03-07	2023-03-17
Pretty URL api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16624818571030.4636196491566704 IP 52.21.229.184 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-03-17 12:38:12 Times Seen1 Hash 97d91c9803cec4e7981c0f415c2c1923 ed508735ac5818f50c57414d11efd642708e54de 607020848525f662633b5a3d9c7826462e6dab9b39967e0ee572c91a83f7f9b1 Loading...

	sdk.helixbi.io/bltable.js	65 kB	2023-03-07	2023-03-17
Pretty URL sdk.helixbi.io/bltable.js IP 143.204.55.11 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:17 Last Seen2023-03-17 10:41:10 Times Seen1 Hash 4ef0931a84745050dc9ce973340911cc b376fe14717e56bc349d9bb63afa8f7311515feb c0b4fc6bd9029a4baa5d66b216c5d4d06c2bff0d1d56f4403e431656211006a3 Loading...

	www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7484&hxc_a1=42276&hxc_a2=xvtutha3g_kgfdsCW3ux17t&hxc_a3=373155428&utm_source=dta&utm_medium=email&utm_content=20178	295 B	2023-03-07	2023-03-17
Pretty URL www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7484&hxc_a1=42276&hxc_a2=xvtutha3g_kgfdsCW3ux17t&hxc_a3=373155428&utm_source=dta&utm_medium=email&utm_content=20178 IP 143.204.55.18 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:16 Last Seen2023-03-17 10:41:10 Times Seen1 Hash 7250a54dfa5250bb4e74aa88584a4738 179ab7d45e7d846eced10e736d0bd1f692e0e73f 4b2aa23fcddbcfa184166d4fca2446d47ccf7985a11a4bad7961f7b3f8d6b48e Loading...

	www.googletagmanager.com/gtm.js?id=GTM-T2CBVN9	98 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T2CBVN9 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:17 Last Seen2023-03-07 13:13:17 Times Seen1 Hash f5481e8e62a390ed5fa51310420596e2 79ec3e13f01d6438ccd44766f3c9e51879984031 54f8350a476d717ea374f45436fc510c74dd6311e5772a9aefac29b66392c6cc Loading...

		Size	First Seen	Last Seen
	#1 Eval - e018c77e67a96b7f5440da3c7397e35a	17 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-24 15:51:42 Times Seen10294 Hash e018c77e67a96b7f5440da3c7397e35a a090b0a7035556c7f71070fe10c2e37fa15584c5 5c5bb18e544cb67f765d8a6d2c774838d3ae95df9b62f25660c64554a7302d8e Loading...

HTTP Transactions (61)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2390
Expires: Tue, 06 Sep 2022 17:10:51 GMT
Date: Tue, 06 Sep 2022 16:31:01 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 16:04:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CH5G-mqwo1txdfL1vChZhIs6bwD12zJudVvUv48R5Wy-d9_VBIdRKQ==
Age: 1602

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _Iw50g2JVJEZ5UfBQq6y1nMYZs-pEXRQXOdY9vS4p20_7kabPmPb5w==
age: 54944
X-Firefox-Spdy: h2

speedtrkgood.com/?E=3rRE/LwMlsgbw/GVKwURg6xH2SJFKy22&s1=xvtutha3g_kgfdsCW3ux17t&s3=pix0001|aisc4|b9e340&s4=kgfkoiytlelsjfgds&s5=1a22255|00065m&ckmguid=bd7bd968-1151-4011-b509-c4dc2af74bc8

18.232.203.164

302 Found

332 B

URL HTTP/1.1
speedtrkgood.com/?E=3rRE/LwMlsgbw/GVKwURg6xH2SJFKy22&s1=xvtutha3g_kgfdsCW3ux17t&s3=pix0001|aisc4|b9e340&s4=kgfkoiytlelsjfgds&s5=1a22255|00065m&ckmguid=bd7bd968-1151-4011-b509-c4dc2af74bc8
IP
18.232.203.164:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
332 B (332 bytes)
Hash
6c514249e5a78eab00a0b09750848124
e84f4840925407305538d57bb6453f02b57dd742
3a377a304c044f546a78c16af6a1b311b7bfa37fa14a2fefeb2d84a0877577c3

HTTP Headers

GET /?E=3rRE/LwMlsgbw/GVKwURg6xH2SJFKy22&s1=xvtutha3g_kgfdsCW3ux17t&s3=pix0001|aisc4|b9e340&s4=kgfkoiytlelsjfgds&s5=1a22255|00065m&ckmguid=bd7bd968-1151-4011-b509-c4dc2af74bc8 HTTP/1.1
Host: speedtrkgood.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Tue, 06 Sep 2022 16:31:01 GMT
content-type: text/html; charset=utf-8
content-length: 332
cache-control: private
location: https://speedtrkgood.com/?E=3rRE/LwMlsgbw/GVKwURg6xH2SJFKy22&s1=xvtutha3g_kgfdsCW3ux17t&s3=pix0001|aisc4|b9e340&s4=kgfkoiytlelsjfgds&s5=1a22255|00065m&ckmguid=bd7bd968-1151-4011-b509-c4dc2af74bc8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 16:31:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 15:38:18 GMT
Expires: Tue, 06 Sep 2022 16:34:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F2CjIQuh4gJHTJgvoJNmrg2dar9pPfmWD0WRVQrn1GqYEEimeNAcRg==
Age: 3163

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
11cfafa3a2629cdbcfb21bbd2e528539
fbf3d4be61787a662cad361e36345b406d7ed1c9
47cfae77f86c28a1b2365051ae9110e28b80985c9b9bb44a6c68dfa9252936c8

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 16:31:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 10 Sep 2022 13:33:39 GMT
ETag: "fbf3d4be61787a662cad361e36345b406d7ed1c9"
Last-Modified: Tue, 06 Sep 2022 13:33:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746897b2bb501c0e-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2686
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 16:31:01 GMT
Last-Modified: Tue, 06 Sep 2022 15:46:15 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

speedtrkgood.com/?E=3rRE/LwMlsgbw/GVKwURg6xH2SJFKy22&s1=xvtutha3g_kgfdsCW3ux17t&s3=pix0001|aisc4|b9e340&s4=kgfkoiytlelsjfgds&s5=1a22255|00065m&ckmguid=bd7bd968-1151-4011-b509-c4dc2af74bc8

18.232.203.164

302 Found

308 B

URL HTTP/1.1
speedtrkgood.com/?E=3rRE/LwMlsgbw/GVKwURg6xH2SJFKy22&s1=xvtutha3g_kgfdsCW3ux17t&s3=pix0001|aisc4|b9e340&s4=kgfkoiytlelsjfgds&s5=1a22255|00065m&ckmguid=bd7bd968-1151-4011-b509-c4dc2af74bc8
IP
18.232.203.164:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
308 B (308 bytes)
Hash
2cc13a1d880d718a669e8edf511fa298
de15a4470996d145f3030cb4a756cf2206a801dd
a2f0f246160f2b768ce8bbee697632dc308d141de48e2282687a018ebd01f776

HTTP Headers

GET /?E=3rRE/LwMlsgbw/GVKwURg6xH2SJFKy22&s1=xvtutha3g_kgfdsCW3ux17t&s3=pix0001|aisc4|b9e340&s4=kgfkoiytlelsjfgds&s5=1a22255|00065m&ckmguid=bd7bd968-1151-4011-b509-c4dc2af74bc8 HTTP/1.1
Host: speedtrkgood.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
date: Tue, 06 Sep 2022 16:31:01 GMT
content-type: text/html; charset=utf-8
content-length: 308
cache-control: private
location: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7484&hxc_a1=42276&hxc_a2=xvtutha3g_kgfdsCW3ux17t&hxc_a3=373155428&utm_source=dta&utm_medium=email&utm_content=20178
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: sq=FNfTzMSZEbgj4k6jXG59Pnr9GJJZ97aKM91vMLArf8GBSWmfGySH0A==; domain=.speedtrkgood.com; path=/; SameSite=None; secure; HttpOnly
tym=3HeJqlD1tcmJktUIDZpaBXr9GJJZ97aKM91vMLArf8GBSWmfGySH0A==; domain=.speedtrkgood.com; expires=Fri, 06-Sep-2024 16:31:01 GMT; path=/; SameSite=None; secure; HttpOnly
c31861=FNfTzMSZEbipbMIhxNYiCqC2NVbtYxvNFOvp7/m9na7piackOBHlCw==; domain=.speedtrkgood.com; expires=Thu, 06-Oct-2022 16:31:01 GMT; path=/; SameSite=None; secure; HttpOnly

push.services.mozilla.com/

35.162.217.251

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.217.251:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rX5yWuNicJIEF8AzBoNr3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XztxNWk6SWDiiH6oFDoIlQLM548=

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b376058c62b5e7df4b7c83d5a378d7fd
8337a0717a3c4f89ee93499f16b29e73bced9382
7866989559a53d7c54cde0a17d4cfd2a407f07cabff83dd400409a3a0ce9f210

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 16:31:02 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Hoqc3_c7bqrhUoguSlf06k9tlJE95DN-xelTZi5HRpzK8_Cmoa-4BA==

www.lejeunelawsuits.com/1step/lpd01/img/chevronclear.png

143.204.55.18

200 OK

8.2 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/img/chevronclear.png
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
PNG image data, 300 x 275, 8-bit/color RGBA, non-interlaced\012- data
Size
8.2 kB (8151 bytes)
Hash
98ef78c3ec49601701fe8869417157c6
9ae51b255f943f751104f7c83353beeeab9f513c
4429e2c227892ba131446b00b7484af8bc6d44be891ca976ddf3d14efed3eee8

HTTP Headers

GET /1step/lpd01/img/chevronclear.png HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7484&hxc_a1=42276&hxc_a2=xvtutha3g_kgfdsCW3ux17t&hxc_a3=373155428&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 8151
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Tue, 06 Sep 2022 01:45:18 GMT
etag: "98ef78c3ec49601701fe8869417157c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HOWWe9ertfw_byapuMRzugshzC4vk_ZlRj6htjhA2snNqgSnNmK4Aw==
age: 53145
X-Firefox-Spdy: h2

www.lejeunelawsuits.com/1step/lpd01/img/ll-logo-3.png

143.204.55.18

200 OK

54 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/img/ll-logo-3.png
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
PNG image data, 2437 x 632, 8-bit/color RGBA, non-interlaced\012- data
Size
54 kB (54410 bytes)
Hash
a07d9731901abfcad39bd45aee1a2281
6486d12587d178f0f671510ce90897040a81da45
4325dd1f07be26159ae0de3260091bc1873689cd1c9201930469fb51d8a0a350

HTTP Headers

GET /1step/lpd01/img/ll-logo-3.png HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7484&hxc_a1=42276&hxc_a2=xvtutha3g_kgfdsCW3ux17t&hxc_a3=373155428&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 54410
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Tue, 06 Sep 2022 01:28:28 GMT
etag: "a07d9731901abfcad39bd45aee1a2281"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8zoQMk_en3t5fwHWodQXzgQStEJwEvS9xYlpeMOy5ms-Y8VkC2p4mQ==
age: 54155
X-Firefox-Spdy: h2

www.lejeunelawsuits.com/1step/lpd01/img/vidposter3.jpg

143.204.55.18

200 OK

31 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/img/vidposter3.jpg
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1413x791, components 3\012- data
Size
31 kB (30854 bytes)
Hash
98222e016619095939d8bbf5a70658d7
a0d4cf1efdd473b1bb701e101a09ed7f0a5930ba
8146545ce8dc9e9fd19b5dfa3bc515e176a9254119ad0f73913bce9417c0e811

HTTP Headers

GET /1step/lpd01/img/vidposter3.jpg HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7484&hxc_a1=42276&hxc_a2=xvtutha3g_kgfdsCW3ux17t&hxc_a3=373155428&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 30854
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Tue, 06 Sep 2022 05:23:36 GMT
etag: "98222e016619095939d8bbf5a70658d7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hx9lYM9SHXEY4eTV1vP4LbUSkelYIIrTJljMgFW9UHkemKsCMRhgJA==
age: 40047
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 16:31:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ade4ec9465420f2e8f9107f2c4567e3a
6ac0c491e0aa50214a7c46fc9c1971e9b3e511e2
4e366c1d3b4ac32ac590e13f09cd6945022912f210769f8a9c8cfc8f4dcf56cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 16:31:02 GMT
Last-Modified: Tue, 06 Sep 2022 14:44:14 GMT
Server: ECS (dcb/7F5D)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ktLpdT815teyhV3z_1fmLbX_7Me8dyIBGwpdlZBYF2YFmOeg4pQyAw==
Age: 6408

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ade4ec9465420f2e8f9107f2c4567e3a
6ac0c491e0aa50214a7c46fc9c1971e9b3e511e2
4e366c1d3b4ac32ac590e13f09cd6945022912f210769f8a9c8cfc8f4dcf56cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 16:31:02 GMT
Last-Modified: Tue, 06 Sep 2022 15:24:11 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UtSOK0dHxXXsQ8Utgwe0i9_hN5YQEnxZK8N53wvQEOZMD8wrKF2orA==
Age: 4012

sdk.helixbi.io/helixlead.js

143.204.55.11

200 OK

5.4 kB

URL HTTP/2
sdk.helixbi.io/helixlead.js
IP
143.204.55.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with CRLF line terminators
Size
5.4 kB (5373 bytes)
Hash
b3c9eca5f6d38f65ee802bd80e43b981
8d4c85f85fd5642e0381e95d471cc2968298b4e6
bd1f220e6edc24a22f3c6609f8474884a64a83fcafe18e15eafac29040e15607

HTTP Headers

GET /helixlead.js HTTP/1.1
Host: sdk.helixbi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 5373
last-modified: Tue, 19 Jul 2022 17:39:06 GMT
x-amz-version-id: N30faJXpS1esiDCJNgGAI2m9ItY5SWqw
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 07:00:59 GMT
etag: "b3c9eca5f6d38f65ee802bd80e43b981"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wt7H8P_atJ-TuCKjGz_k0LTY1FC8WIvNSihJ2Cq-NUl4KQLEUdKWDQ==
age: 34204
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 16:31:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sdk.helixbi.io/bltable.js

143.204.55.11

200 OK

65 kB

URL HTTP/2
sdk.helixbi.io/bltable.js
IP
143.204.55.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65219), with CRLF line terminators
Size
65 kB (65289 bytes)
Hash
4ef0931a84745050dc9ce973340911cc
b376fe14717e56bc349d9bb63afa8f7311515feb
c0b4fc6bd9029a4baa5d66b216c5d4d06c2bff0d1d56f4403e431656211006a3

HTTP Headers

GET /bltable.js HTTP/1.1
Host: sdk.helixbi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 65289
last-modified: Fri, 02 Sep 2022 16:13:07 GMT
x-amz-version-id: tKERDOjv0Dg8wpKZCySqT3hCkGQm2H1Z
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 16:31:02 GMT
etag: "4ef0931a84745050dc9ce973340911cc"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: m2bM1SwQeX0_53KPpSNIVBgKjV63FjEXoW6pOKBqrpVOwInKrldfiQ==
age: 338
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ade4ec9465420f2e8f9107f2c4567e3a
6ac0c491e0aa50214a7c46fc9c1971e9b3e511e2
4e366c1d3b4ac32ac590e13f09cd6945022912f210769f8a9c8cfc8f4dcf56cf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 16:31:02 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: amc8h6jO8Su6326cMxaVMt01D5TdrlE8HUz2tIYfsOcZrVr6iAnJ-Q==

sdk.helixbi.io/cd.js?ct_a=100776&ct_u=5560324DE9F28F1F7724FCE536762D5D

143.204.55.11

200 OK

16 kB

URL HTTP/2
sdk.helixbi.io/cd.js?ct_a=100776&ct_u=5560324DE9F28F1F7724FCE536762D5D
IP
143.204.55.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (16072), with no line terminators
Size
16 kB (16072 bytes)
Hash
fc0b3a91ad17eca1f1af0dea86fbb192
224e357efcb29d52ed1423101be1223f1080215c
ff256f499b91c4ad86b6e387d8ef7f8917bb2c9b9387bbc01eae5ff14e1d14e1

HTTP Headers

GET /cd.js?ct_a=100776&ct_u=5560324DE9F28F1F7724FCE536762D5D HTTP/1.1
Host: sdk.helixbi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 16072
date: Mon, 05 Sep 2022 23:54:56 GMT
last-modified: Wed, 22 Jul 2020 22:46:04 GMT
etag: "fc0b3a91ad17eca1f1af0dea86fbb192"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZEXJZ-6gUJQcZgYSLF3vyU0JPjIKZHlJqxKrnMWbLj3jtabzDAVrWQ==
age: 59767
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 16:31:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.lejeunelawsuits.com/1step/lpd01/img/marinehead.jpg

143.204.55.18

200 OK

93 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/img/marinehead.jpg
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1333, components 3\012- data
Size
93 kB (93109 bytes)
Hash
918e00b0c52fafa6dc5ef912d1244768
2b07b36814aba689eb31a93f053c756ca68dc845
433f80fcc3688c5fa7273bed5735675e3b4868d3a8d8f21175dbb0502ed6e5a6

HTTP Headers

GET /1step/lpd01/img/marinehead.jpg HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 93109
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Tue, 06 Sep 2022 07:09:20 GMT
etag: "918e00b0c52fafa6dc5ef912d1244768"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Bq6qGi1UxBaz3mBzbqmNp2Cfy5mHc8qHD1fYt9a6laLX7G9SFXvNLA==
age: 33703
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-T2CBVN9

142.250.74.72

200 OK

38 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-T2CBVN9
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1615)
Size
38 kB (38359 bytes)
Hash
3dabda8098f8858967c5f16cd9e0cae4
08a26ceff3942751f41629c22bf4796e05aa548e
e695415121eaae2d9275c02d0ce34e7aacc5785bfe2b9793de18c23565097492

HTTP Headers

GET /gtm.js?id=GTM-T2CBVN9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 16:31:02 GMT
expires: Tue, 06 Sep 2022 16:31:02 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 16:00:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38359
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 16:31:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 16:31:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 16:31:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2

142.250.74.163

200 OK

40 kB

URL HTTP/2
fonts.gstatic.com/s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 40144, version 1.0\012- data
Size
40 kB (40144 bytes)
Hash
0116041b31726cea3144332b673919e8
c6f0008edefdcf305498582fa145917b7ce420c2
306b0d4768246ba448fa14872f6b5d7dcfcf3734fb3c9b68f9041cf86884c6ce

HTTP Headers

GET /s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.lejeunelawsuits.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 01:53:48 GMT
expires: Sun, 03 Sep 2023 01:53:48 GMT
cache-control: public, max-age=31536000
age: 311834
last-modified: Mon, 11 Jul 2022 19:16:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 16:31:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 16:31:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 16:31:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 16:31:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.lejeunelawsuits.com/1step/lpd01/img/check.png

143.204.55.18

200 OK

1.9 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/img/check.png
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
PNG image data, 591 x 455, 8-bit colormap, non-interlaced\012- data
Size
1.9 kB (1876 bytes)
Hash
4f688e32e01aa6501fbb46c0e560a4db
76b9f852af73965584da2a7585c0f02690deb590
b29af146b7c0f76320090c4de3f8488ea74be090128a3f84ea98d18874e27a28

HTTP Headers

GET /1step/lpd01/img/check.png HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7484&hxc_a1=42276&hxc_a2=xvtutha3g_kgfdsCW3ux17t&hxc_a3=373155428&utm_source=dta&utm_medium=email&utm_content=20178
Cookie: 100776_ps=o2~|#d/u#!#2773592968174#-#w/j#!#45JH6CD3E4.9711.H58C#-#w/dg#!#2773592968185#-#w/td#!#2#-#w/d#!#2#-#w/gm#!#2773592968185#-#t/t#!#2773592968185#-#w/gt#!#2773592968185#-#w/dm#!#2773592968185#~; 100776_hxc=o2~|#8595#!|#i/dn/je#!#8595#-#i/dn/gs#!#2773592968185#-#i/dn/sd#!#2#-#i/dn/ut#!#2773592968185#-#i/dn/mq#!#iuuqt&4B00xxx/mfkfvofmbxtvjut/dpn02tufq0mqe120#-#i/dn/b2#!#53387#-#i/dn/b3#!#ywuvuib4h`lhgetDX4vy28u#-#i/dn/b4#!#484266539#~~; 100776_ss=o2~|#t/td#!#2#~; 100776_cs=o2~|#qh#!|~-#dnq#!|~~; _gcl_au=1.1.1289251086.1662481857
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1876
date: Tue, 06 Sep 2022 02:33:34 GMT
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
etag: "4f688e32e01aa6501fbb46c0e560a4db"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GYIdeoDBwTqC4W_hCFwk-IW-Nz-sivb_79iGhD_dM0gbCgijAr9myQ==
age: 50249
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3e8e425dc67190914457b976ed3cd857
640a2cbc5c8b389903dce1966312bd3f7b4725fb
f4d57685a840e0f72b66af094827275c468d58e70e7576b6dd018e8de8cf4c8d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 16:31:03 GMT
Last-Modified: Tue, 06 Sep 2022 14:44:49 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MZ-vvzfrILlbI2nOseH82mLV3phQG_Dv60lxN6zec4mJW15vOFTl0Q==
Age: 6374

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9a2d8a37ce0d795eee97956fbc4b36e7
7deed8061dab08610f9f8f6d6b335e42cb87fd0c
757b7bef508f788e3e64769bc40be48b0f9cc8b9d8a46932101957535dc1c776

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 16:31:03 GMT
Last-Modified: Tue, 06 Sep 2022 15:33:53 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GTxyMII1BzcwG4-G27cWcY0xsuMs2qyxS-MZkEM7DZ62-MIMKdKxGw==
Age: 3430

api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16624818571030.4636196491566704

52.21.229.184

301 Moved Permanently

134 B

URL HTTP/2
api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16624818571030.4636196491566704
IP
52.21.229.184:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16624818571030.4636196491566704 HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Tue, 06 Sep 2022 16:31:03 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16624818571030.4636196491566704
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
fff138d69098dbfb0685df86507a20fb
50752c41d7244e904f160b7404918d66fa3dcc8d
d2a47a9606cce9c82e16e11f850ebe6ce060ca58b55e5624f55f4b01b51e8b42

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 16:31:03 GMT
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -pIgX1azG36VaTctMn-JL1OQuxNaqRFGbR0n6qP_H5MnYrnAsRxN1Q==

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b62c113193b0dd8fe8f07f75b224587a
eb63353d7d86c02e42305d69e70a8a343e39d832
eff7dd3c02cfb4362cb8b455207480518ca5163d1ab7497d52c9b12b99381e5f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 16:31:03 GMT
Last-Modified: Tue, 06 Sep 2022 16:03:38 GMT
Server: ECS (dcb/7F60)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: l0PY2341gempQ3GlJHrdsDrmidaNQGUXhYBKtZXuH5jlFjP85Qu6uw==
Age: 1645

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11695
Expires: Tue, 06 Sep 2022 19:45:58 GMT
Date: Tue, 06 Sep 2022 16:31:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11695
Expires: Tue, 06 Sep 2022 19:45:58 GMT
Date: Tue, 06 Sep 2022 16:31:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11695
Expires: Tue, 06 Sep 2022 19:45:58 GMT
Date: Tue, 06 Sep 2022 16:31:03 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6656 bytes)
Hash
983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 67590
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6482 bytes)
Hash
0efc32eccbf76ac0d89f324d09a7fd1f
f8589eb3907582137d8b9373af745d80eddbf1bb
ee0f5e56c97e50e1c20801ad0a5379982feef16a11137f784f404d14e9c65824

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed40d152-6303-4f00-ad80-054a81ea5425.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6482
x-amzn-requestid: 5e5b342b-0224-4916-8656-237b4c90ae66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-5FaYIAMFzjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-412f897b451130af70026eab;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kD_wcIHwmUDV9M9Pl2NtUwRw0CElnHhX6NGZ5PQlnchvdxpLAZhm0w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:46:42 GMT
etag: "f8589eb3907582137d8b9373af745d80eddbf1bb"
content-type: image/jpeg
age: 67461
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7152 bytes)
Hash
8ce50dfa23e7f34ff68cc6426c2823f7
b1685694999272feb4d9fc39296418cd95480678
4df89827b1b34bb577f28f281ed85067a2e34dd48923b9bae1561e81f67be49b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7152
x-amzn-requestid: 2571ff54-e2f8-4072-8a26-3d0dd4cd3523
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsfHz_IAMFaXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-6a598849314cdc433f9f82f7;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I6xmRiAaxHPKpBlCPaRWoMiISlrXRrltO57N3NayiuIvv3gCWTWCZQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:53:35 GMT
age: 67048
etag: "b1685694999272feb4d9fc39296418cd95480678"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4426 bytes)
Hash
c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GSRJIWisH465dPqbKyPj1iZk1jAu3RGrgwj1CX3X8A397zv9Nt0cHA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 08:35:06 GMT
age: 28557
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12683 bytes)
Hash
ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:31:02 GMT
age: 43201
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8134 bytes)
Hash
5540d72831e7e7b9fc287f92c48d9f5e
ec19429fa76d9ad47a0578734b011b530b79ebbf
bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8134
x-amzn-requestid: 1b2ece5c-784c-4c14-a760-c43d697b1abf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FSEE2CIAMFvgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144f40-2243fc211a76c7e404710c7c;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:09:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f2bMA3sdC6qxijseKXb53WMncdjInfvh-lVvr0W69sgaHEHKCNvLMQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 07:25:52 GMT
age: 32711
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gw.helixbi.io/gw?g.t=1662481857074&g.r=i&g.d=100776&g.u=5560324DE9F28F1F7724FCE536762D5D&dv.gv=0.1.0&g.x=34IG5BC2D3-8600-G47B&g.i=1.1.0-JSW&v.i=34IG5BC2D3-8600-G47B&g.a=pv&p.t=Lejuene%20Lawsuits&s.sr=1280x1024&p.sc=1&s.sc=1&v.sc=1&v.c=1&v.fl=1662481857074&s.s=1662481857074&v.fs=1662481857074&h.cm.id=7484&h.cm.lp=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F&h.cm.a1=42276&h.cm.a2=xvtutha3g_kgfdsCW3ux17t&h.cm.a3=373155428&h.cm.fr=1662481857074&h.cm.rc=1&h.cm.ts=1662481857074&h.et=campaigns

34.215.82.85

200 OK

43 B

URL HTTP/2
gw.helixbi.io/gw?g.t=1662481857074&g.r=i&g.d=100776&g.u=5560324DE9F28F1F7724FCE536762D5D&dv.gv=0.1.0&g.x=34IG5BC2D3-8600-G47B&g.i=1.1.0-JSW&v.i=34IG5BC2D3-8600-G47B&g.a=pv&p.t=Lejuene%20Lawsuits&s.sr=1280x1024&p.sc=1&s.sc=1&v.sc=1&v.c=1&v.fl=1662481857074&s.s=1662481857074&v.fs=1662481857074&h.cm.id=7484&h.cm.lp=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F&h.cm.a1=42276&h.cm.a2=xvtutha3g_kgfdsCW3ux17t&h.cm.a3=373155428&h.cm.fr=1662481857074&h.cm.rc=1&h.cm.ts=1662481857074&h.et=campaigns
IP
34.215.82.85:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

HTTP Headers

GET /gw?g.t=1662481857074&g.r=i&g.d=100776&g.u=5560324DE9F28F1F7724FCE536762D5D&dv.gv=0.1.0&g.x=34IG5BC2D3-8600-G47B&g.i=1.1.0-JSW&v.i=34IG5BC2D3-8600-G47B&g.a=pv&p.t=Lejuene%20Lawsuits&s.sr=1280x1024&p.sc=1&s.sc=1&v.sc=1&v.c=1&v.fl=1662481857074&s.s=1662481857074&v.fs=1662481857074&h.cm.id=7484&h.cm.lp=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F&h.cm.a1=42276&h.cm.a2=xvtutha3g_kgfdsCW3ux17t&h.cm.a3=373155428&h.cm.fr=1662481857074&h.cm.rc=1&h.cm.ts=1662481857074&h.et=campaigns HTTP/1.1
Host: gw.helixbi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Sep 2022 16:31:03 GMT
content-type: image/gif
content-length: 43
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Jetty(9.4.2.v20170220)
X-Firefox-Spdy: h2

www.lejeunelawsuits.com/1step/lpd01/img/CLVfav.png

143.204.55.18

200 OK

8.8 kB

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/img/CLVfav.png
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type
PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
8.8 kB (8792 bytes)
Hash
dabbdaedee96b2fd6043a33a4643f41a
9f2f5ee45b59b3539395f7968cf34d4451278c0f
a2ccf5a32d6e940fd1fab511cac99228d05563386ca4c49c442ef9a3d76e081c

HTTP Headers

GET /1step/lpd01/img/CLVfav.png HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7484&hxc_a1=42276&hxc_a2=xvtutha3g_kgfdsCW3ux17t&hxc_a3=373155428&utm_source=dta&utm_medium=email&utm_content=20178
Cookie: 100776_ps=o2~|#d/u#!#2773592968174#-#w/j#!#45JH6CD3E4.9711.H58C#-#w/dg#!#2773592968185#-#w/td#!#2#-#w/d#!#2#-#w/gm#!#2773592968185#-#t/t#!#2773592968185#-#w/gt#!#2773592968185#-#w/dm#!#2773592968185#~; 100776_hxc=o2~|#8595#!|#i/dn/je#!#8595#-#i/dn/gs#!#2773592968185#-#i/dn/sd#!#2#-#i/dn/ut#!#2773592968185#-#i/dn/mq#!#iuuqt&4B00xxx/mfkfvofmbxtvjut/dpn02tufq0mqe120#-#i/dn/b2#!#53387#-#i/dn/b3#!#ywuvuib4h`lhgetDX4vy28u#-#i/dn/b4#!#484266539#~~; 100776_ss=o2~|#t/td#!#2#~; 100776_cs=o2~|#qh#!|~-#dnq#!|~~; _gcl_au=1.1.1289251086.1662481857; _ga_FPS8WV0V59=GS1.1.1662481857.1.0.1662481857.0.0.0; _ga=GA1.1.1046846337.1662481857
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 8792
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Tue, 06 Sep 2022 05:57:44 GMT
etag: "dabbdaedee96b2fd6043a33a4643f41a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oLSqUxQijHyiGCD79Lbe9qecZPRDDEeccUvey8K4lUfmf2Y4Q5Pckw==
age: 38000
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-FPS8WV0V59&gtm=2oe8v0&_p=1434279840&cid=1046846337.1662481857&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662481857&sct=1&seg=0&dl=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F%3Fhxc_id%3D7484%26hxc_a1%3D42276%26hxc_a2%3Dxvtutha3g_kgfdsCW3ux17t%26hxc_a3%3D373155428%26utm_source%3Ddta%26utm_medium%3Demail%26utm_content%3D20178&dt=Lejuene%20Lawsuits&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-FPS8WV0V59&gtm=2oe8v0&_p=1434279840&cid=1046846337.1662481857&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662481857&sct=1&seg=0&dl=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F%3Fhxc_id%3D7484%26hxc_a1%3D42276%26hxc_a2%3Dxvtutha3g_kgfdsCW3ux17t%26hxc_a3%3D373155428%26utm_source%3Ddta%26utm_medium%3Demail%26utm_content%3D20178&dt=Lejuene%20Lawsuits&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-FPS8WV0V59&gtm=2oe8v0&_p=1434279840&cid=1046846337.1662481857&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662481857&sct=1&seg=0&dl=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F%3Fhxc_id%3D7484%26hxc_a1%3D42276%26hxc_a2%3Dxvtutha3g_kgfdsCW3ux17t%26hxc_a3%3D373155428%26utm_source%3Ddta%26utm_medium%3Demail%26utm_content%3D20178&dt=Lejuene%20Lawsuits&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lejeunelawsuits.com
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.lejeunelawsuits.com
date: Tue, 06 Sep 2022 16:31:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fe058051aba70bd265b1d84e8a333722
52f91ffbb1e74407e8df90e2f08d4f9c85c62aec
c65c8c68fb49feb53036e0693eb4fb22cadba9202ffe28ad6d2a9d2463fd5e31

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 16:31:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.trustedform.com/certs

52.21.229.184

201 Created

475 B

URL HTTP/2
api.trustedform.com/certs
IP
52.21.229.184:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Size
475 B (475 bytes)
Hash
0a9c27d6413f2456763903329509572d
34a6d685761690d2df4edd3906f4b4743dc1bc61
c9a0be84b9894e8c16cab48bcd470f97f107d14079c7237b85127deb2fa2337e

HTTP Headers

POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 712
Origin: https://www.lejeunelawsuits.com
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 201 Created
date: Tue, 06 Sep 2022 16:31:03 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

api.trustedform.com/certs/d000b3bf3f364ecde241d6b0b27927a913939c53/snapshot

52.21.229.184

204 No Content

0 B

URL HTTP/2
api.trustedform.com/certs/d000b3bf3f364ecde241d6b0b27927a913939c53/snapshot
IP
52.21.229.184:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/d000b3bf3f364ecde241d6b0b27927a913939c53/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 7907
Origin: https://www.lejeunelawsuits.com
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Tue, 06 Sep 2022 16:31:04 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

api.trustedform.com/certs/d000b3bf3f364ecde241d6b0b27927a913939c53/events

52.21.229.184

204 No Content

0 B

URL HTTP/2
api.trustedform.com/certs/d000b3bf3f364ecde241d6b0b27927a913939c53/events
IP
52.21.229.184:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/d000b3bf3f364ecde241d6b0b27927a913939c53/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1926
Origin: https://www.lejeunelawsuits.com
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Tue, 06 Sep 2022 16:31:09 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7484&hxc_a1=42276&hxc_a2=xvtutha3g_kgfdsCW3ux17t&hxc_a3=373155428&utm_source=dta&utm_medium=email&utm_content=20178

143.204.55.18

200 OK

0 B

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7484&hxc_a1=42276&hxc_a2=xvtutha3g_kgfdsCW3ux17t&hxc_a3=373155428&utm_source=dta&utm_medium=email&utm_content=20178
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1step/lpd01/?hxc_id=7484&hxc_a1=42276&hxc_a2=xvtutha3g_kgfdsCW3ux17t&hxc_a3=373155428&utm_source=dta&utm_medium=email&utm_content=20178 HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
content-encoding: br
date: Tue, 06 Sep 2022 01:02:33 GMT
etag: W/"8bfc5d5f2a6a37764b2bb97bc5b3162d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Uv0rUZX0M704JE2hNwsikoGqU7YdoXYJEjx398PGXqDIpYUEJHYA5Q==
age: 55710
X-Firefox-Spdy: h2

www.lejeunelawsuits.com/1step/lpd01/main.css

143.204.55.18

200 OK

0 B

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/main.css
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1step/lpd01/main.css HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7484&hxc_a1=42276&hxc_a2=xvtutha3g_kgfdsCW3ux17t&hxc_a3=373155428&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 06 Sep 2022 08:37:11 GMT
etag: W/"e784b0241ecfc41dccc5113101ad98ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wPPTMGcpIZcdXixruZZaDtxgG_BrEaR308mihcWEQirDDLU2cl2SNQ==
age: 28432
X-Firefox-Spdy: h2

www.lejeunelawsuits.com/1step/lpd01/bundle.js

143.204.55.18

200 OK

0 B

URL HTTP/2
www.lejeunelawsuits.com/1step/lpd01/bundle.js
IP
143.204.55.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /1step/lpd01/bundle.js HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7484&hxc_a1=42276&hxc_a2=xvtutha3g_kgfdsCW3ux17t&hxc_a3=373155428&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 06 Sep 2022 03:14:31 GMT
etag: W/"38f8ebe118f41d522df14744389155a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4YqS9foMzmOfZM2kD66gMV-a58e6mXFS2SfQ9kJ0wEQTznv-w0bEtA==
age: 47792
X-Firefox-Spdy: h2

s3.us-west-2.amazonaws.com/converge.cdn/media/InvisibleMonster.mp4

52.218.197.136

206 Partial Content

0 B

URL HTTP/1.1
s3.us-west-2.amazonaws.com/converge.cdn/media/InvisibleMonster.mp4
IP
52.218.197.136:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /converge.cdn/media/InvisibleMonster.mp4 HTTP/1.1
Host: s3.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 206 Partial Content
x-amz-id-2: UoHfJEAXWBBDbf0pRWEIaxOMVwbQrwn2Mnv9kmNz+WXuXycvPP7ojnC1DgwtgTGwaZQWaqLZA1E=
x-amz-request-id: 2DPN0FMQS0HC6TFR
Date: Tue, 06 Sep 2022 16:31:04 GMT
Last-Modified: Thu, 16 Jun 2022 18:40:47 GMT
ETag: "9214711136be7244be79394698156916"
x-amz-version-id: XBNOMZpSkrUNcrzaV0y8si0aJBv.kmEF
Accept-Ranges: bytes
Content-Range: bytes 0-12107025/12107026
Content-Type: video/mp4
Server: AmazonS3
Content-Length: 12107026

cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16624818571030.4636196491566704

54.230.111.91

200 OK

0 B

URL HTTP/2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16624818571030.4636196491566704
IP
54.230.111.91:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16624818571030.4636196491566704 HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lejeunelawsuits.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 06 Sep 2022 16:31:04 GMT
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
x-amz-version-id: 9tpprjSXF1V1i663qaS1L8y.yb5CQ2dA
etag: W/"97d91c9803cec4e7981c0f415c2c1923"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OFjA1qmtia98M0MJhkMg3lVZCCPzlTnroCbMvwXlzYbU17l9cB4qVQ==
X-Firefox-Spdy: h2

cdn.trustedform.com/trustedform-1.8.27.js

54.230.111.91

200 OK

0 B

URL HTTP/2
cdn.trustedform.com/trustedform-1.8.27.js
IP
54.230.111.91:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /trustedform-1.8.27.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
x-amz-version-id: 6olc5v40B1RpRJGb5GYISB93fSUp4tqK
server: AmazonS3
content-encoding: gzip
date: Tue, 06 Sep 2022 16:31:04 GMT
etag: W/"2f557edcc84fd346c897a4d565e57ac0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xvz94leZcDtUndurbahEICrIOzF6e37aB1Hs6yHRk_VIzmU5u_I-vg==
age: 10
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations