r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2446
Expires: Tue, 06 Dec 2022 10:08:59 GMT
Date: Tue, 06 Dec 2022 09:28:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2174
Cache-Control: max-age=92360
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:13 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:07:33 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 09:20:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 470
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18213
Expires: Tue, 06 Dec 2022 14:31:46 GMT
Date: Tue, 06 Dec 2022 09:28:13 GMT
Connection: keep-alive
trkstar.com/?E=HLR68N1z+2tP2RPU4kwH1V2eAtIiYXQR&s1=201446&s2=fa3ab959fcbe13d20a5a74fb2b347393&s3=276&s4=26767&fname=&lname=&phone=&email=&address=&zip=&ckmguid=e92cef19-ebdb-4b9e-ac59-9f3d18866b6d
18.232.203.164302 Found 365 B URL HTTP/1.1 trkstar.com/?E=HLR68N1z+2tP2RPU4kwH1V2eAtIiYXQR&s1=201446&s2=fa3ab959fcbe13d20a5a74fb2b347393&s3=276&s4=26767&fname=&lname=&phone=&email=&address=&zip=&ckmguid=e92cef19-ebdb-4b9e-ac59-9f3d18866b6d
IP 18.232.203.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 461222eba266e2187f3ce32c7e3ef1f8
008b962e16889108134bde2084744d97458a4cc5
110ad01b4734566d113aa250cbf395ff7d7347547f354789a2eb54af82611bc6
GET /?E=HLR68N1z+2tP2RPU4kwH1V2eAtIiYXQR&s1=201446&s2=fa3ab959fcbe13d20a5a74fb2b347393&s3=276&s4=26767&fname=&lname=&phone=&email=&address=&zip=&ckmguid=e92cef19-ebdb-4b9e-ac59-9f3d18866b6d HTTP/1.1
Host: trkstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Tue, 06 Dec 2022 09:28:13 GMT
content-type: text/html; charset=utf-8
content-length: 365
cache-control: private
location: https://trkstar.com/?E=HLR68N1z+2tP2RPU4kwH1V2eAtIiYXQR&s1=201446&s2=fa3ab959fcbe13d20a5a74fb2b347393&s3=276&s4=26767&fname=&lname=&phone=&email=&address=&zip=&ckmguid=e92cef19-ebdb-4b9e-ac59-9f3d18866b6d
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: J1cv45bp32SDoQ+c/vv6UbtzWt2dQU4/yJpps69gPHwVV2CofjCk2e0ayfnHXGzLi0tUSE8Nm0A=
x-amz-request-id: 47A45EG3922NGT6C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 08:47:02 GMT
age: 2471
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 09:28:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 09:11:20 GMT
cache-control: public,max-age=3600
age: 1013
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2160
Cache-Control: max-age=87278
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:14 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:42:52 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash e58a2d834bfe259645884efb61f71c8b
e43d4508051c31997f64ee6224af4464b0d41d85
7416d3f9f15def84542ce047d76de710e2cbdee46d24d36c8f8a18ea98ab7897
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 10 Dec 2022 09:28:13 GMT
ETag: "e43d4508051c31997f64ee6224af4464b0d41d85"
Last-Modified: Tue, 06 Dec 2022 09:28:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7753fd7e7c0cb515-OSL
push.services.mozilla.com/
44.242.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OOMpbsTaUB05Tm2Wnh6nMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9vMrAXCMBpBc00Zd91V3f9ODFF0=
trkstar.com/?E=HLR68N1z+2tP2RPU4kwH1V2eAtIiYXQR&s1=201446&s2=fa3ab959fcbe13d20a5a74fb2b347393&s3=276&s4=26767&fname=&lname=&phone=&email=&address=&zip=&ckmguid=e92cef19-ebdb-4b9e-ac59-9f3d18866b6d
18.232.203.164302 Found 342 B URL HTTP/1.1 trkstar.com/?E=HLR68N1z+2tP2RPU4kwH1V2eAtIiYXQR&s1=201446&s2=fa3ab959fcbe13d20a5a74fb2b347393&s3=276&s4=26767&fname=&lname=&phone=&email=&address=&zip=&ckmguid=e92cef19-ebdb-4b9e-ac59-9f3d18866b6d
IP 18.232.203.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 673a806cbe2638671c641077657cdc57
68734ac1351414ecd4909f445879a02c9809891c
25fdfc8115839a4acd3e4ebf29d1aa7d01268d6feb4bf0f642c2ec11245f9f4a
GET /?E=HLR68N1z+2tP2RPU4kwH1V2eAtIiYXQR&s1=201446&s2=fa3ab959fcbe13d20a5a74fb2b347393&s3=276&s4=26767&fname=&lname=&phone=&email=&address=&zip=&ckmguid=e92cef19-ebdb-4b9e-ac59-9f3d18866b6d HTTP/1.1
Host: trkstar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
date: Tue, 06 Dec 2022 09:28:14 GMT
content-type: text/html; charset=utf-8
content-length: 342
cache-control: private
location: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: sfd=qWRBtJH5BS/RbfKyPwaY7jUkef53OMvRceR0wnBfCjeMglJ+b83uYQ==; domain=.trkstar.com; path=/; SameSite=None; secure; HttpOnly
tfl=T8ZLiH7sqybE1cpez61MfzUkef53OMvRceR0wnBfCjeMglJ+b83uYQ==; domain=.trkstar.com; expires=Fri, 06-Dec-2024 09:28:14 GMT; path=/; SameSite=None; secure; HttpOnly
c31584=qWRBtJH5BS+/3MIUIR5xOkKpw6SglHpEyletcNRjzMJTrxp+JoFdbg==; domain=.trkstar.com; expires=Thu, 05-Jan-2023 09:28:14 GMT; path=/; SameSite=None; secure; HttpOnly
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12894
Expires: Tue, 06 Dec 2022 13:03:08 GMT
Date: Tue, 06 Dec 2022 09:28:14 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12894
Expires: Tue, 06 Dec 2022 13:03:08 GMT
Date: Tue, 06 Dec 2022 09:28:14 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12894
Expires: Tue, 06 Dec 2022 13:03:08 GMT
Date: Tue, 06 Dec 2022 09:28:14 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12894
Expires: Tue, 06 Dec 2022 13:03:08 GMT
Date: Tue, 06 Dec 2022 09:28:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53afd826523f4c18bf968764818d7ca7
9a26884875abb0652c568c50438b65f801779f9a
4f9dfeda67a040fef9c6987a7c334a91c993c84f694fa91771fcf7fd1d2e4937
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12293
x-amzn-requestid: 49891ceb-3f74-4e83-8064-f54fc8b30961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyGHPOIAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-651e4e0c55257bcc553cd176;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4f0QQ4-21m-DiP4oUtIG75_vremc835laqhfDerlqCuW-WyKClvc9Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:29:38 GMT
age: 39516
etag: "9a26884875abb0652c568c50438b65f801779f9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 39905
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:03:16 GMT
age: 41098
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 18bbcbf84b00d3bc602830478ff1bd7f
1f25392db4cf3693259202b24e898f21093b8bf9
cb2b44e1f74a9bb43fab48536f6146e273c728b34e4889ff3f18a411d14d2282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5790
x-amzn-requestid: 2e409a5f-ce04-4b9b-b3a2-74e5bbd256d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvoEoUoAMFsxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64ca-72e1bb13187b18aa26c8566f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WBNaNTgYQaDVlJqu2u341xYy_6zmr5LqmCD2BPjGPGgmAG20WNHyKw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
age: 42082
etag: "1f25392db4cf3693259202b24e898f21093b8bf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 557e6b38-7be9-4953-968b-2e5bd3491ef4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUDYEQbIAMFwRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e2-1fcd8fc4719bc0bc7d11abd2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z1_zJTJMuk724WMOmIc660b54AyZK8ffNVF5N7ehZ00W2kaL3Lcd1A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:14 GMT
age: 42060
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5e953213b7b13b8ee202406147fac52
67a09d8cd23ed444667b225f7fbf4bb17b9f42dd
cf6b2502f0a992148f9401c16a329cae5a6c21fb81f03131f3e69c58bc608110
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15732
x-amzn-requestid: 7467ddb0-b9f9-47e9-ac31-c7599fe45698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVIIESBIAMFU6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e689a-79e3f8b66e1cf72f3283ac5b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3seQ7H4qrlKKpuIWUobiey92ZMkB4jWqd5v6T6379g0V0y6XdVFvWQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:21 GMT
age: 39953
etag: "67a09d8cd23ed444667b225f7fbf4bb17b9f42dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe1884cef7a45eba6646c30992faeddc
3558a12688b7b813e63ee0c251593aa427d14efd
0e91673fbb60a677499c98479d877c005d3685d72c44bedcdd20a31823fc1593
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E91673FBB60A677499C98479D877C005D3685D72C44BEDCDD20A31823FC1593"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 15:28:15 GMT
Date: Tue, 06 Dec 2022 09:28:15 GMT
Connection: keep-alive
www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
54.166.191.140200 OK 7.4 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
IP 54.166.191.140:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1126)
Hash acca007e7e436e2993cb3c94914bdb65
b1def838462b33da249b975156aaa65e4f0eac47
281da3b88dfe5a0030bc1fe3341719ccc00b20bdbf525a6ca89efb0956d706a6
GET /2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip= HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:15 GMT
Server: Apache
Set-Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7436
Content-Type: text/html; charset=UTF-8
X-NID: N2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
seal-memphis.bbb.org/logo/sehzbus/american-home-shield-22001027.png
82.102.27.18200 OK 6.3 kB URL HTTP/2 seal-memphis.bbb.org/logo/sehzbus/american-home-shield-22001027.png
IP 82.102.27.18:0
File type PNG image data, 200 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash bfa1c5d61983ff8f3cac09d34cf2d303
f9b050d44055d30e6e28af5d10a002e095ef9653
77b49c6d7c4db02ef959bc4712f79f10fae4ce658280f31d8a0b94a63d882d08
GET /logo/sehzbus/american-home-shield-22001027.png HTTP/1.1
Host: seal-memphis.bbb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Tue, 06 Dec 2022 09:28:15 GMT
content-type: image/png
content-length: 6286
cache-control: max-age=14400
expires: Tue, 06 Dec 2022 13:28:15 GMT
last-modified: Tue, 06 Dec 2022 07:20:12 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: MISS
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ahsquotes.com/2021/2/vendor/bootstrap/css/bootstrap.min.css?ver=1.5
54.166.191.140200 OK 30 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/vendor/bootstrap/css/bootstrap.min.css?ver=1.5
IP 54.166.191.140:0
Hash f0702e957fbb2e4cfa1fa3c192d47c43
9396e0f065b009b91f22c8421cadc7b00e9df3fd
6fda3778f3c1f216a9baf4b7e0724e03d3eccfad0d5dbc577900424ee2d28cd1
Analyzer Verdict Alert fortinet Phishing
GET /2021/2/vendor/bootstrap/css/bootstrap.min.css?ver=1.5 HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:15 GMT
Server: Apache
Last-Modified: Fri, 04 Nov 2022 19:12:56 GMT
ETag: "374e3-5eca9dc7d7296-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30168
Content-Type: text/css
X-NID: N2
www.ahsquotes.com/2021/2/css/heroic-features.css
54.166.191.140200 OK 263 B URL HTTP/1.1 www.ahsquotes.com/2021/2/css/heroic-features.css
IP 54.166.191.140:0
Hash d5a3d6db796f2ba2955c9f74d339c1fa
55f976163b961cdc4812286432024f7285d14e36
cae8fee21a0ae20764b40cf40a8b7f84dd3318399aaab279b5bbf2ebcfa18384
GET /2021/2/css/heroic-features.css HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:15 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:49 GMT
ETag: "17e-5e9ab926ff1c7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 263
Content-Type: text/css
X-NID: N2
www.ahsquotes.com/2021/2/bundles/pyh_main_js-v=IYSNC0cAO_B-_TUsyGCiemgQo0mfVgmz1oShNb7ny1Q1.js
54.166.191.140200 OK 3.1 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/bundles/pyh_main_js-v=IYSNC0cAO_B-_TUsyGCiemgQo0mfVgmz1oShNb7ny1Q1.js
IP 54.166.191.140:0
File type ASCII text, with very long lines (409)
Hash d8f13b1baab45894860fcb720995c2da
7c48f0fcd4a50002f06b35672f956b2386dbaf00
4fd1e8dd2c70428a465252cab890c857732cb6fd27cac1883fc70e4574c8afea
Analyzer Verdict Alert fortinet Phishing
GET /2021/2/bundles/pyh_main_js-v=IYSNC0cAO_B-_TUsyGCiemgQo0mfVgmz1oShNb7ny1Q1.js HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:15 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:50 GMT
ETag: "2bee-5e9ab9280baa5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3050
Content-Type: application/javascript
X-NID: N2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TXTTWK9
142.250.74.40200 OK 50 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TXTTWK9
IP 142.250.74.40:0
File type ASCII text, with very long lines (3032)
Hash 376e450cfa4a285f20114751471799f7
6adefbd2cdaa5dc42fb0700fa6f21afa8e47d62c
c1cd59f339bf34380bfa4e8467241fc2019cbe332ceb9fce2a491e72f5beeb0c
GET /gtm.js?id=GTM-TXTTWK9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 09:28:15 GMT
expires: Tue, 06 Dec 2022 09:28:15 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 49686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ahsquotes.com/2021/2/bundles/pyh_external_js-v=uN_DBNmZ1XZv0CCjSQ0FwwOJuRgjgQuhhe44tzI3abA1.js
54.166.191.140200 OK 132 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/bundles/pyh_external_js-v=uN_DBNmZ1XZv0CCjSQ0FwwOJuRgjgQuhhe44tzI3abA1.js
IP 54.166.191.140:0
File type ASCII text, with very long lines (500)
Size 132 kB (132385 bytes)
Hash b17aa7936b49419cf2e72515d76d2fc4
a35fd969c72a3108d97d7cb6fea7eaf3c71a6b63
d62c4a4df87febd0165d24bda59a7ca2256635d307646fe0a3d63d9a2e8425fc
Analyzer Verdict Alert fortinet Phishing
GET /2021/2/bundles/pyh_external_js-v=uN_DBNmZ1XZv0CCjSQ0FwwOJuRgjgQuhhe44tzI3abA1.js HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:15 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:50 GMT
ETag: "90b51-5e9ab9281a505-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript
X-NID: N1
www.ahsquotes.com/2021/2/img/arrow-down.jpg
54.166.191.140200 OK 1.2 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/img/arrow-down.jpg
IP 54.166.191.140:0
File type JPEG image data, baseline, precision 8, 50x23, components 3\012- data
Hash 09d1c77c82105353479d2daa353eff78
e4bcb0bb11789a12422ba82509e5255e8d69dc6c
19dacedc11e7b6d6f0f7ad8b8617e1816d5a50210fa085b945e1905154565881
GET /2021/2/img/arrow-down.jpg HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:15 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:49 GMT
ETag: "4a6-5e9ab9272dfc6"
Accept-Ranges: bytes
Content-Length: 1190
Content-Type: image/jpeg
X-NID: N1
seal-memphis.bbb.org/logo/american-home-shield-22001027.js
82.102.27.18200 OK 704 B URL HTTP/2 seal-memphis.bbb.org/logo/american-home-shield-22001027.js
IP 82.102.27.18:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1052), with no line terminators
Hash fcb9cf4d1f8ea7a65262f1ee1420f5a5
b3d7d1cad07d2202539cb45a06b43f8a6ab90eb9
7897e3609c74d58ab4cdcf6552b7589db6466606d83c99e515fb04d8d2119800
GET /logo/american-home-shield-22001027.js HTTP/1.1
Host: seal-memphis.bbb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Tue, 06 Dec 2022 09:28:16 GMT
content-type: application/javascript
content-length: 704
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 17:37:47 GMT
etag: "6ff458b460c8d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
expires: Tue, 06 Dec 2022 13:28:16 GMT
cache-control: max-age=14400
x-cache: MISS
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ahsquotes.com/2021/2/img/50.png
54.166.191.140200 OK 23 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/img/50.png
IP 54.166.191.140:0
File type PNG image data, 197 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash d86a9c3af8fc84f0e998aa143782668c
0dc4dbd45e977c1f3ad69258cd7b9294f53973d9
61519f7bbb43323c0d9255ad78aae768a4af15bbc26828a93d0a2a23f3f94f65
GET /2021/2/img/50.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:15 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:49 GMT
ETag: "5adb-5e9ab9270cc87"
Accept-Ranges: bytes
Content-Length: 23259
Content-Type: image/png
X-NID: N2
www.ahsquotes.com/2021/2/img/bestcoverage.png
54.166.191.140200 OK 12 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/img/bestcoverage.png
IP 54.166.191.140:0
File type PNG image data, 95 x 95, 8-bit/color RGBA, non-interlaced\012- data
Hash d79f2cbb37de1d478b8460efcc04d9b7
789de5ee3dbd113ba66cb682f23cfaade455258b
6190061b16b91a31c588f57c85a8eb6c800c389f3622946427b88756c9e047a4
GET /2021/2/img/bestcoverage.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:15 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:49 GMT
ETag: "2dc7-5e9ab92737c06"
Accept-Ranges: bytes
Content-Length: 11719
Content-Type: image/png
X-NID: N1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 482041
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 482062
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.ahsquotes.com/2021/2/img/stamps.png
54.166.191.140200 OK 114 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/img/stamps.png
IP 54.166.191.140:0
File type PNG image data, 1263 x 184, 8-bit/color RGBA, non-interlaced\012- data
Size 114 kB (114142 bytes)
Hash 866e03ce357bee111afc5ceb936a59d5
eeb0553a0d5deccefbfd829fc1bcc333d4619261
2a0f650eca86384518fa58bde6613d74e8c66c6d51452de944bc301f17220aff
GET /2021/2/img/stamps.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:15 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:49 GMT
ETag: "1bdde-5e9ab9272ef66"
Accept-Ranges: bytes
Content-Length: 114142
Content-Type: image/png
X-NID: N1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ahsquotes.com/2021/2/vendor/bootstrap/css/proximanova-bold-webfont.woff2
54.166.191.140200 OK 20 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/vendor/bootstrap/css/proximanova-bold-webfont.woff2
IP 54.166.191.140:0
File type Web Open Font Format (Version 2), TrueType, length 20400, version 1.0\012- data
Hash b93b3eb4e6935343c057c52e376de3ee
aa4aeea4c0dc4623705c8d09363609d9877f4e5e
47a472e927299f17a4195267006fe71ec67d9d5dab6c7428daa397d2cbb7654e
Analyzer Verdict Alert fortinet Phishing
GET /2021/2/vendor/bootstrap/css/proximanova-bold-webfont.woff2 HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/vendor/bootstrap/css/bootstrap.min.css?ver=1.5
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64; _ga_2GZFJJK6B1=GS1.1.1670318895.1.0.1670318895.60.0.0; _ga=GA1.1.272290839.1670318896
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:16 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:50 GMT
ETag: "4fb0-5e9ab928231a5"
Accept-Ranges: bytes
Content-Length: 20400
X-NID: N2
www.ahsquotes.com/2021/2/vendor/bootstrap/css/proximanova-regular-webfont.woff2
54.166.191.140200 OK 20 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/vendor/bootstrap/css/proximanova-regular-webfont.woff2
IP 54.166.191.140:0
File type Web Open Font Format (Version 2), TrueType, length 20492, version 1.0\012- data
Hash e1186c864a5bd951999bedb1979db8e1
24e6ba54b18ad9c8cbfeabba023d112b73ad7867
704600063c5181fa92127c7621e53de23cf736318c5b88ded439dd94e513bac4
Analyzer Verdict Alert fortinet Phishing
GET /2021/2/vendor/bootstrap/css/proximanova-regular-webfont.woff2 HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/vendor/bootstrap/css/bootstrap.min.css?ver=1.5
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64; _ga_2GZFJJK6B1=GS1.1.1670318895.1.0.1670318895.60.0.0; _ga=GA1.1.272290839.1670318896
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:16 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:50 GMT
ETag: "500c-5e9ab928231a5"
Accept-Ranges: bytes
Content-Length: 20492
X-NID: N1
www.ahsquotes.com/2021/2/vendor/bootstrap/css/proximanova-light-webfont.woff2
54.166.191.140200 OK 20 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/vendor/bootstrap/css/proximanova-light-webfont.woff2
IP 54.166.191.140:0
File type Web Open Font Format (Version 2), TrueType, length 20012, version 1.0\012- data
Hash e7b952ddd46fac75dfc79a093ee75d3f
8c8cf9edecbd31cad212254a3bd7fb38aff5abbc
46050ae88e7256f0540d6986ea6a2705a1e568c3b182f1032a7572f372af36c7
Analyzer Verdict Alert fortinet Phishing
GET /2021/2/vendor/bootstrap/css/proximanova-light-webfont.woff2 HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/vendor/bootstrap/css/bootstrap.min.css?ver=1.5
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64; _ga_2GZFJJK6B1=GS1.1.1670318895.1.0.1670318895.60.0.0; _ga=GA1.1.272290839.1670318896
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:16 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:50 GMT
ETag: "4e2c-5e9ab928231a5"
Accept-Ranges: bytes
Content-Length: 20012
X-NID: N2
www.ahsquotes.com/2021/2/img/stamps-mobile.png
54.166.191.140200 OK 130 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/img/stamps-mobile.png
IP 54.166.191.140:0
File type PNG image data, 480 x 628, 8-bit/color RGBA, non-interlaced\012- data
Size 130 kB (130540 bytes)
Hash fea56a61efcf54042dc7915bcc45976f
6faeeaa63ea3b2ac86c366fd2d6e159177c432ad
fba622279e8d25ad893b66cd9833169015a053835623b74c27a79c5c4b8c6273
GET /2021/2/img/stamps-mobile.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:15 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:49 GMT
ETag: "1fdec-5e9ab9272dfc6"
Accept-Ranges: bytes
Content-Length: 130540
Content-Type: image/png
X-NID: N2
www.ahsquotes.com/2021/2/img/AHS_CMYK.svg
54.166.191.140200 OK 8.7 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/img/AHS_CMYK.svg
IP 54.166.191.140:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 3581f57537b97335ce7d0d8fef448919
aa6321ce29992fbf1a42c74fec42c0849be8c333
785e103ab7847950b0a47be5b4d58f4a8b514b5f14d72c3dd7490d3735ab2a4f
Analyzer Verdict Alert fortinet Phishing
GET /2021/2/img/AHS_CMYK.svg HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:16 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:49 GMT
ETag: "21db-5e9ab92730ea6"
Accept-Ranges: bytes
Content-Length: 8667
Content-Type: image/svg+xml
X-NID: N2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash bbd589d4e23e54423dbf2153a0fb0d59
1e4df05341a0f788f4d9369c8d4db3a0bfc9aaf0
c24c1e99ef536f743d2c5afc444c3d7af61bfdc04609c31032796f07cebd9043
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136757
Date: Tue, 06 Dec 2022 09:28:16 GMT
Etag: "638e68c5-1d7"
Expires: Wed, 07 Dec 2022 23:27:33 GMT
Last-Modified: Mon, 05 Dec 2022 21:55:17 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xXhmBG76xSRhZnAqVIlP_D7upbi3RCP4gCK3dteiNqFIKzde7ZNsAw==
Age: 5536
www.ahsquotes.com/2021/2/img/top.png
54.166.191.140200 OK 11 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/img/top.png
IP 54.166.191.140:0
File type PNG image data, 531 x 151, 8-bit/color RGBA, non-interlaced\012- data
Hash dd578da190acf796341f2d2f5bd4c4bc
c3e0e6ddd432d7e3b6c48076f1beeb829461b2bc
513f08d3713a1e715db2231045fcc785041f49f462a38a7940113d25e1e97fb4
GET /2021/2/img/top.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:16 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:49 GMT
ETag: "2b17-5e9ab9272a146"
Accept-Ranges: bytes
Content-Length: 11031
Content-Type: image/png
X-NID: N1
www.ahsquotes.com/2021/2/img/waching.jpg
54.166.191.140200 OK 214 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/img/waching.jpg
IP 54.166.191.140:0
File type JPEG image data, baseline, precision 8, 446x698, components 3\012- data
Size 214 kB (213864 bytes)
Hash bc33cc440349a8c3be2faf8ce582ad9a
5918d6e5253ca82a2163ca45c0f9c59373735568
f972eb6384af6d5267e5bd4060c1ce10070d867b8b156ad98ac713d6cdfefeab
GET /2021/2/img/waching.jpg HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:15 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:49 GMT
ETag: "34368-5e9ab9272a146"
Accept-Ranges: bytes
Content-Length: 213864
Content-Type: image/jpeg
X-NID: N2
www.ahsquotes.com/2021/2/img/roofpic.png
54.166.191.140200 OK 7.2 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/img/roofpic.png
IP 54.166.191.140:0
File type PNG image data, 301 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash a4b056286c7b0ad1af752784df7057d1
2a90ce03c9a9e1a2214da5a7019f29d8d160267d
063a7afadab274c56c74ff357518352b52c58e71494a7384a8638fc0bb4573a1
GET /2021/2/img/roofpic.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:16 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:49 GMT
ETag: "1c2b-5e9ab92727266"
Accept-Ranges: bytes
Content-Length: 7211
Content-Type: image/png
X-NID: N2
www.ahsquotes.com/2021/2/img/stars.png
54.166.191.140200 OK 754 B URL HTTP/1.1 www.ahsquotes.com/2021/2/img/stars.png
IP 54.166.191.140:0
File type PNG image data, 178 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a208a985081ef84b625a9509f7fc43d
c6f290baa388b8175be0f3952b198ba3ad6d6aba
5bcc2b1ca99030dffb0591241a0422ab9420ee6d8b154c4c689485aa33665e3b
GET /2021/2/img/stars.png HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:16 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:49 GMT
ETag: "2f2-5e9ab9272ff06"
Accept-Ranges: bytes
Content-Length: 754
Content-Type: image/png
X-NID: N1
api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16703188959420.633479843161431
54.167.87.86301 Moved Permanently 134 B URL HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16703188959420.633479843161431
IP 54.167.87.86:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trustedform.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16703188959420.633479843161431 HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Tue, 06 Dec 2022 09:28:16 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16703188959420.633479843161431
X-Firefox-Spdy: h2
www.ahsquotes.com/2021/2/img/yourheat-mobile3.jpg
54.166.191.140200 OK 231 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/img/yourheat-mobile3.jpg
IP 54.166.191.140:0
File type JPEG image data, baseline, precision 8, 480x483, components 3\012- data
Size 231 kB (231373 bytes)
Hash 33232923634c1488db25b40f8e4d9785
0a81e71a0c0511df0e210c28d2db666a234afec9
5c6c05883ac9344f8fd1b16587a2dd35365aa65f40ee75da16e8d39f0a4b07a6
GET /2021/2/img/yourheat-mobile3.jpg HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:15 GMT
Server: Apache
Last-Modified: Fri, 04 Nov 2022 20:15:30 GMT
ETag: "387cd-5ecaabc38fea7"
Accept-Ranges: bytes
Content-Length: 231373
Content-Type: image/jpeg
X-NID: N1
www.ahsquotes.com/2021/2/img/topbg.jpg
54.166.191.140200 OK 478 kB URL HTTP/1.1 www.ahsquotes.com/2021/2/img/topbg.jpg
IP 54.166.191.140:0
File type JPEG image data, baseline, precision 8, 1510x531, components 3\012- data
Size 478 kB (478048 bytes)
Hash 636d45c959cd73b600964297fdcdc952
9c99f96625b4a04701e02a9f0d6d5824a11bbb73
d3f5b549c5c01429e29f77cad307bb2e0975c70ef21c86012d0d92bcc6e9099d
GET /2021/2/img/topbg.jpg HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/vendor/bootstrap/css/bootstrap.min.css?ver=1.5
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64; _ga_2GZFJJK6B1=GS1.1.1670318895.1.0.1670318895.60.0.0; _ga=GA1.1.272290839.1670318896
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 09:28:16 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2022 16:59:49 GMT
ETag: "74b60-5e9ab9271a746"
Accept-Ranges: bytes
Content-Length: 478048
Content-Type: image/jpeg
X-NID: N1
region1.analytics.google.com/g/collect?v=2&tid=G-2GZFJJK6B1>m=2oebu0&_p=1294018079&_gaz=1&cid=272290839.1670318896&ul=en-us&sr=1280x1024&_eu=BA&_s=1&dl=https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D&sid=1670318895&sct=1&seg=0&dt=AHS&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-2GZFJJK6B1>m=2oebu0&_p=1294018079&_gaz=1&cid=272290839.1670318896&ul=en-us&sr=1280x1024&_eu=BA&_s=1&dl=https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D&sid=1670318895&sct=1&seg=0&dt=AHS&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2GZFJJK6B1>m=2oebu0&_p=1294018079&_gaz=1&cid=272290839.1670318896&ul=en-us&sr=1280x1024&_eu=BA&_s=1&dl=https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D&sid=1670318895&sct=1&seg=0&dt=AHS&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.ahsquotes.com
date: Tue, 06 Dec 2022 09:28:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash b1145a92bb41ea7b4a0a80dc949efaa6
be055e0b22c6535c46b6ace86089792612a706d5
ecd65c0e855fea377fa0fbc0ca688c156a286f37b76ff60a373eeef4637cb79a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156020
Date: Tue, 06 Dec 2022 09:28:16 GMT
Etag: "638eba3a-1d7"
Expires: Thu, 08 Dec 2022 04:48:36 GMT
Last-Modified: Tue, 06 Dec 2022 03:42:50 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5w_KIUB8zjVnEXz7EAQgipX7YhRkQSod0gKDV-kr4zBm89pXM0rRBg==
Age: 3946
stats.g.doubleclick.net/g/collect?v=2&tid=G-2GZFJJK6B1&cid=272290839.1670318896>m=2oebu0&aip=1
108.177.14.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-2GZFJJK6B1&cid=272290839.1670318896>m=2oebu0&aip=1
IP 108.177.14.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2GZFJJK6B1&cid=272290839.1670318896>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.ahsquotes.com
date: Tue, 06 Dec 2022 09:28:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1563
Cache-Control: max-age=105404
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:16 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 14:45:00 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: DMn9JtNmDZ4kCNZespIqQ3e/iV9qSDrJydxLNrOr7xRiAbb9L9+6iVT8/H+jUH6WQ2L/PDI2Qj4UlUOaTveXpw==
content-length: 27340
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 09:28:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16703188959420.633479843161431
54.230.111.91200 OK 3.3 kB URL HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16703188959420.633479843161431
IP 54.230.111.91:0
Hash 215d32adc5986f7b5e13458a9aafbfeb
5c29f741d7bbbcda97d9fd92e0977d67d8265426
523053ceb57a76526402453c1874ba50685790118b61cb79fcf8f715edb935ce
GET /bootstrap.js?provide_referrer=true&field=xxTrustedFormCertUrl&l=16703188959420.633479843161431 HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ahsquotes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 06 Dec 2022 09:28:17 GMT
last-modified: Tue, 29 Nov 2022 19:24:00 GMT
x-amz-version-id: jCFTHa4_D.dnuiumCq7.wUY_tmObizl8
etag: W/"226cf2375a4ea1f8ea8315621d70424b"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wipl4bj1fC2Tl3rxqYfLTO4WSWeyjQCzc7wdaIvV47IYTvfx2NF_Uw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1563
Cache-Control: max-age=105404
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:16 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 14:45:00 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.ahsquotes.com/favicon.ico
54.166.191.140404 Not Found 196 B URL HTTP/1.1 www.ahsquotes.com/favicon.ico
IP 54.166.191.140:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /favicon.ico HTTP/1.1
Host: www.ahsquotes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/2021/2/?adname=41717&s1=201446&r=390586863&utm_source=directagents&utm_medium=affiliate&utm_campaign=41717_201446&fname=&lname=&phone=&email=&address=&zip=
Cookie: PHPSESSID=bt5ps7557ujb42np2uij4jii64; _ga_2GZFJJK6B1=GS1.1.1670318895.1.0.1670318895.60.0.0; _ga=GA1.1.272290839.1670318896; invoca_session=%7B%22ttl%22%3A%222023-01-05T09%3A28%3A16.560Z%22%2C%22session%22%3A%7B%22invoca_id%22%3A%22i-6ebd3ecd-a5a6-4225-f10e-8f9a5fbce2c5%22%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Afalse%2C%22rn%22%3Afalse%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 09:28:16 GMT
Server: Apache
Content-Length: 196
Content-Type: text/html; charset=iso-8859-1
X-NID: N2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash c6b73a05d06b7297feea5e0d46505ef5
87c3ed8319fb06047216ad649408cb0c4ed21efa
a5b6bc9c205fcaef223758e9b1475b85d6a2a5db99ebf828babc66aabcbb23a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=164553
Date: Tue, 06 Dec 2022 09:28:16 GMT
Etag: "638edbeb-1d7"
Expires: Thu, 08 Dec 2022 07:10:49 GMT
Last-Modified: Tue, 06 Dec 2022 06:06:35 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: d_De2mhsQqZxD1G8YkHIGRbAYC8URuPE-O7XyHqD7XSQP-FtncotwQ==
Age: 3854
pnapi.invoca.net/1748/na.jsonp?network_id=1748&js_version=4.27.3&tag_id=1748%2F0021512948&request_data_shared_params=%7B%22adname%22%3A%2241717%22%2C%22s1%22%3A%22201446%22%2C%22r%22%3A%22390586863%22%2C%22utm_source%22%3A%22directagents%22%2C%22utm_medium%22%3A%22affiliate%22%2C%22utm_campaign%22%3A%2241717_201446%22%2C%22fname%22%3Anull%2C%22lname%22%3Anull%2C%22phone%22%3Anull%2C%22email%22%3Anull%2C%22address%22%3Anull%2C%22zip%22%3Anull%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%26phone%3D%26email%3D%26address%3D%26zip%3D%22%2C%22utm_content%22%3A%22201446%22%2C%22invoca_id%22%3A%22i-6ebd3ecd-a5a6-4225-f10e-8f9a5fbce2c5%22%7D&client_messages=%7B%22allDataReset%22%3Atrue%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%26phone%3D%26email%3D%26address%3D%26zip%3D%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr1&
18.211.225.206200 OK 98 B URL HTTP/1.1 pnapi.invoca.net/1748/na.jsonp?network_id=1748&js_version=4.27.3&tag_id=1748%2F0021512948&request_data_shared_params=%7B%22adname%22%3A%2241717%22%2C%22s1%22%3A%22201446%22%2C%22r%22%3A%22390586863%22%2C%22utm_source%22%3A%22directagents%22%2C%22utm_medium%22%3A%22affiliate%22%2C%22utm_campaign%22%3A%2241717_201446%22%2C%22fname%22%3Anull%2C%22lname%22%3Anull%2C%22phone%22%3Anull%2C%22email%22%3Anull%2C%22address%22%3Anull%2C%22zip%22%3Anull%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%26phone%3D%26email%3D%26address%3D%26zip%3D%22%2C%22utm_content%22%3A%22201446%22%2C%22invoca_id%22%3A%22i-6ebd3ecd-a5a6-4225-f10e-8f9a5fbce2c5%22%7D&client_messages=%7B%22allDataReset%22%3Atrue%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%26phone%3D%26email%3D%26address%3D%26zip%3D%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr1&
IP 18.211.225.206:0
File type ASCII text, with no line terminators
Hash 0aca6c794b73d5f2fb2dfb50426fe281
b2aad2cf39edc4cbecfd4c5d14fd895615e7ccd8
7afb00782eae9daa7bbfc1f231ccd3b3ca407eb3060aa7785f5001bcfd805749
GET /1748/na.jsonp?network_id=1748&js_version=4.27.3&tag_id=1748%2F0021512948&request_data_shared_params=%7B%22adname%22%3A%2241717%22%2C%22s1%22%3A%22201446%22%2C%22r%22%3A%22390586863%22%2C%22utm_source%22%3A%22directagents%22%2C%22utm_medium%22%3A%22affiliate%22%2C%22utm_campaign%22%3A%2241717_201446%22%2C%22fname%22%3Anull%2C%22lname%22%3Anull%2C%22phone%22%3Anull%2C%22email%22%3Anull%2C%22address%22%3Anull%2C%22zip%22%3Anull%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%26phone%3D%26email%3D%26address%3D%26zip%3D%22%2C%22utm_content%22%3A%22201446%22%2C%22invoca_id%22%3A%22i-6ebd3ecd-a5a6-4225-f10e-8f9a5fbce2c5%22%7D&client_messages=%7B%22allDataReset%22%3Atrue%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%26phone%3D%26email%3D%26address%3D%26zip%3D%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr1& HTTP/1.1
Host: pnapi.invoca.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Tue, 06 Dec 2022 09:28:17 GMT
processing_time: 7.18058ms
Server: Goliath
Content-Length: 98
Connection: keep-alive
www.facebook.com/tr/?id=2616452262016491&ev=CompleteRegistration&dl=https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%26phone%3D%26email%3D%26address%3D%26zip%3D&rl=&if=false&ts=1670318897353&cd[currency]=USD&cd[value]=31&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670318897352.219263543&it=1670318896875&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2616452262016491&ev=CompleteRegistration&dl=https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%26phone%3D%26email%3D%26address%3D%26zip%3D&rl=&if=false&ts=1670318897353&cd[currency]=USD&cd[value]=31&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670318897352.219263543&it=1670318896875&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2616452262016491&ev=CompleteRegistration&dl=https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%26phone%3D%26email%3D%26address%3D%26zip%3D&rl=&if=false&ts=1670318897353&cd[currency]=USD&cd[value]=31&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670318897352.219263543&it=1670318896875&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 06 Dec 2022 09:28:17 GMT
X-Firefox-Spdy: h2
seal-blue.bbb.org/legacy.min.css
82.102.27.18200 OK 878 B URL HTTP/2 seal-blue.bbb.org/legacy.min.css
IP 82.102.27.18:0
File type ASCII text, with very long lines (2987), with no line terminators
Hash b2fc7d626e2bbdb5022983561aa8c575
9298848dbaa20df92b37e3b35ae92a8e7582f41e
12316d068017adf25397b21e6697ac361a531da039456e4e1076a490bc83254c
GET /legacy.min.css HTTP/1.1
Host: seal-blue.bbb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Tue, 06 Dec 2022 09:28:17 GMT
content-type: text/css
content-length: 878
cache-control: max-age=14400
content-encoding: gzip
last-modified: Wed, 14 Sep 2022 17:37:47 GMT
etag: "2f7b5ab460c8d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
expires: Tue, 06 Dec 2022 13:28:17 GMT
x-cache: HIT
x-shield: active
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.14200 OK 523 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.14:0
File type ASCII text, with very long lines (509)
Hash b3038d16f512252e51280b065cdba63e
d502d338f4a8f0e5097ba32646eb5f1dd818f823
efeec40a3869c41c7a52cffc3a6748402d7bcf86deed0c34fd0bb1c7dd057689
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Tue, 06 Dec 2022 09:28:16 GMT
date: Tue, 06 Dec 2022 09:28:16 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=M0_QZZlUJyA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=WQ-uFxRTHJQ; Domain=.youtube.com; Expires=Sun, 04-Jun-2023 09:28:16 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+298; expires=Thu, 05-Dec-2024 09:28:16 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.trustedform.com/certs
54.167.87.86201 Created 475 B URL HTTP/2 api.trustedform.com/certs
IP 54.167.87.86:0
File type JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Hash 91f1b6c69c9e8f304229acddc8c02693
ef5dd6a4edf8c87c6db0a9f80beee0291218ba2e
936b46f6beac57dc605ade9a45f473f74bdb0bd8a6addf60165ff66da8a5c6a9
POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 738
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
date: Tue, 06 Dec 2022 09:28:17 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 09:28:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1685974-35&cid=272290839.1670318896&jid=1111259720&_u=YCDACEABBAAAACAAI~&z=104143045
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1685974-35&cid=272290839.1670318896&jid=1111259720&_u=YCDACEABBAAAACAAI~&z=104143045
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1685974-35&cid=272290839.1670318896&jid=1111259720&_u=YCDACEABBAAAACAAI~&z=104143045 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 09:28:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1685974-4&cid=272290839.1670318896&jid=1189301532&_u=YCDACEAABAAAACAAI~&z=1896763275
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1685974-4&cid=272290839.1670318896&jid=1189301532&_u=YCDACEAABAAAACAAI~&z=1896763275
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1685974-4&cid=272290839.1670318896&jid=1189301532&_u=YCDACEAABAAAACAAI~&z=1896763275 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 09:28:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.trustedform.com/certs/4019716e15b20e6d173b5e527b4b66db6835b24b/snapshot
54.167.87.86204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/4019716e15b20e6d173b5e527b4b66db6835b24b/snapshot
IP 54.167.87.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/4019716e15b20e6d173b5e527b4b66db6835b24b/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 14323
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Dec 2022 09:28:18 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/4019716e15b20e6d173b5e527b4b66db6835b24b/fingerprints
54.167.87.86204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/4019716e15b20e6d173b5e527b4b66db6835b24b/fingerprints
IP 54.167.87.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/4019716e15b20e6d173b5e527b4b66db6835b24b/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 348
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Dec 2022 09:28:18 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/4019716e15b20e6d173b5e527b4b66db6835b24b/events
54.167.87.86204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/4019716e15b20e6d173b5e527b4b66db6835b24b/events
IP 54.167.87.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/4019716e15b20e6d173b5e527b4b66db6835b24b/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 650
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Dec 2022 09:28:19 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
pnapi.invoca.net/1748/na.jsonp?network_id=1748&js_version=4.27.3&tag_id=1748%2F0021512948&request_data_shared_params=%7B%22invoca_id%22%3A%22i-6ebd3ecd-a5a6-4225-f10e-8f9a5fbce2c5%22%2C%22utm_medium%22%3A%22affiliate%22%2C%22utm_source%22%3A%22directagents%22%2C%22brand%22%3Anull%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%22%2C%22gclid%22%3Anull%2C%22invoca_campaign_name%22%3Anull%2C%22msclkid%22%3Anull%2C%22poid%22%3Anull%2C%22source%22%3Anull%2C%22us%22%3Anull%2C%22utm_campaign%22%3A%2241717_201446%22%2C%22utm_content%22%3A%22201446%22%2C%22vertical%22%3Anull%7D&client_messages=%7B%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%26phone%3D%26email%3D%26address%3D%26zip%3D%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr2&
18.211.225.206200 OK 98 B URL HTTP/1.1 pnapi.invoca.net/1748/na.jsonp?network_id=1748&js_version=4.27.3&tag_id=1748%2F0021512948&request_data_shared_params=%7B%22invoca_id%22%3A%22i-6ebd3ecd-a5a6-4225-f10e-8f9a5fbce2c5%22%2C%22utm_medium%22%3A%22affiliate%22%2C%22utm_source%22%3A%22directagents%22%2C%22brand%22%3Anull%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%22%2C%22gclid%22%3Anull%2C%22invoca_campaign_name%22%3Anull%2C%22msclkid%22%3Anull%2C%22poid%22%3Anull%2C%22source%22%3Anull%2C%22us%22%3Anull%2C%22utm_campaign%22%3A%2241717_201446%22%2C%22utm_content%22%3A%22201446%22%2C%22vertical%22%3Anull%7D&client_messages=%7B%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%26phone%3D%26email%3D%26address%3D%26zip%3D%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr2&
IP 18.211.225.206:0
File type ASCII text, with no line terminators
Hash 3f409a9cde5278d8690e7e68753f297a
2ed1c63e9460d47d4790bfe86c79da5cbedfc6ad
be351c8fabd7f06016d03f3bdc9d777d5f17bf7a6f5b7bc7e95fbd4e7e6aabf7
GET /1748/na.jsonp?network_id=1748&js_version=4.27.3&tag_id=1748%2F0021512948&request_data_shared_params=%7B%22invoca_id%22%3A%22i-6ebd3ecd-a5a6-4225-f10e-8f9a5fbce2c5%22%2C%22utm_medium%22%3A%22affiliate%22%2C%22utm_source%22%3A%22directagents%22%2C%22brand%22%3Anull%2C%22calling_page%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%22%2C%22gclid%22%3Anull%2C%22invoca_campaign_name%22%3Anull%2C%22msclkid%22%3Anull%2C%22poid%22%3Anull%2C%22source%22%3Anull%2C%22us%22%3Anull%2C%22utm_campaign%22%3A%2241717_201446%22%2C%22utm_content%22%3A%22201446%22%2C%22vertical%22%3Anull%7D&client_messages=%7B%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fwww.ahsquotes.com%2F2021%2F2%2F%3Fadname%3D41717%26s1%3D201446%26r%3D390586863%26utm_source%3Ddirectagents%26utm_medium%3Daffiliate%26utm_campaign%3D41717_201446%26fname%3D%26lname%3D%26phone%3D%26email%3D%26address%3D%26zip%3D%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1280%2C%22screenHeight%22%3A1024%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr2& HTTP/1.1
Host: pnapi.invoca.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Tue, 06 Dec 2022 09:28:19 GMT
processing_time: 7.85043ms
Server: Goliath
Content-Length: 98
Connection: keep-alive
api.trustedform.com/certs/4019716e15b20e6d173b5e527b4b66db6835b24b/events
54.167.87.86204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/4019716e15b20e6d173b5e527b4b66db6835b24b/events
IP 54.167.87.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/4019716e15b20e6d173b5e527b4b66db6835b24b/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 370
Origin: https://www.ahsquotes.com
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Dec 2022 09:28:20 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e11524d75503e35c404d6c9a12ac540
5626b75f5c2523f1a0fc301839a06a4e2407f106
d5eb74d026014c0a68893bde1107a9a111b1f0af835e28bb740308017ef80b7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9354
x-amzn-requestid: fb2dad44-2f8c-4f02-bbc5-405e9586e5af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmctYGLdoAMFyDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e55-28b5680933de0ff4208240be;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6jWrhftx7tANXoWkKtCCjzm66zJDY13bpoA-7qVaZJNHEGsJS8dniw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:05:41 GMT
age: 19360
etag: "5626b75f5c2523f1a0fc301839a06a4e2407f106"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
solutions.invocacdn.com/js/invoca-latest.min.js
65.9.44.122200 OK 0 B URL HTTP/2 solutions.invocacdn.com/js/invoca-latest.min.js
IP 65.9.44.122:0
GET /js/invoca-latest.min.js HTTP/1.1
Host: solutions.invocacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Oct 2022 20:29:13 GMT
x-amz-version-id: nafYdifE25HIJ7E5_xPq2bg19QQXpqjq
server: AmazonS3
content-encoding: br
date: Tue, 06 Dec 2022 09:03:33 GMT
cache-control: max-age=3600
etag: W/"4636ba1892918feeed6b191a409be199"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ddf05588239a53ffcc4f78bf3b76aac4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: JT8TotxGmUnlApNbyD9vC-TSTXJ0wpqaQFUd_2zVtVX_Dvi-aRk6xA==
age: 1486
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,500,700,900
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,500,700,900
IP 142.250.74.106:0
GET /css?family=Roboto:400,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 09:28:15 GMT
date: Tue, 06 Dec 2022 09:28:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
solutions.invocacdn.com/js/networks/1748/0021512948/tag-live.js
65.9.44.122200 OK 0 B URL HTTP/2 solutions.invocacdn.com/js/networks/1748/0021512948/tag-live.js
IP 65.9.44.122:0
GET /js/networks/1748/0021512948/tag-live.js HTTP/1.1
Host: solutions.invocacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
x-amz-replication-status: COMPLETED
last-modified: Sat, 12 Feb 2022 22:30:33 GMT
x-amz-version-id: p99VIipZeZC_g6qzWmMi8XrKjkpPNP1h
server: AmazonS3
content-encoding: br
date: Tue, 06 Dec 2022 09:28:17 GMT
cache-control: max-age=300
etag: W/"f6953b33f603194c97e15fbba53dc699"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 ddf05588239a53ffcc4f78bf3b76aac4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: ay5tKiSmpFqDycH9kEGtAOr3eKgEqruXzzfLaGmIbt03r1KSCf_lfA==
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.31.js
54.230.111.91200 OK 0 B URL HTTP/2 cdn.trustedform.com/trustedform-1.8.31.js
IP 54.230.111.91:0
GET /trustedform-1.8.31.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ahsquotes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 19:24:00 GMT
x-amz-version-id: zyVp10qBIDUkm0kSLQCBEAAE6CiOCr9w
server: AmazonS3
content-encoding: gzip
date: Tue, 06 Dec 2022 09:28:17 GMT
etag: W/"642f630e75dc2888743ef1bcac8f0de0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -8v6Fob98Q6x5RScVCvgPu5aH4A2j0zqK2Eq6hAU8iuIdqimxw5IcA==
age: 1
X-Firefox-Spdy: h2