| firefox.settings.services.mozilla.com/v1/ | 143.204.55.27 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.27:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashb593eb39329cfe060d55be5e4a5405e2 78e46c1028e9f94f8569303ad2d90d7df13a059a 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 04 Sep 2022 19:44:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: i2L0odVz08ArTnbWrFmqBK0AabGiMmRtTu8tYtAEXcjo2FOydpPGvg==
Age: 916
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd931e0142ef5ffe9cdb4c4c6bfcb9bc9 d9c4caf525e8926b042a14f38d374cc4033ed768 f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2273
Expires: Sun, 04 Sep 2022 20:37:28 GMT
Date: Sun, 04 Sep 2022 19:59:35 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.25 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.25:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rbDvCFbwzQgisDlkA9x-3G4feXmV-QuD8hg5k7UUt81wZUzSlR_Caw==
age: 67458
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hash98a78ce3d1eabb2d783b22383e9b3b93 ddcefc7b3abc5b874f13b6bf2084ce6311207b78 2e915112579ab31550a106d5c60f27c13b73e8a2f0717330a96475a4cc7b789e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:35 GMT
Last-Modified: Sun, 04 Sep 2022 18:45:46 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: V1VRIFAXvI5idTYkPMFpmjJEK32WhlVfKH_jMWBW4HyldwJSAIfXgg==
Age: 4429
|
|
| s3.amazonaws.com/te49rb1dge49zs/te49rb1dge49zs.html | 54.231.193.168 | 200 OK | 106 B |
URL HTTP/1.1s3.amazonaws.com/te49rb1dge49zs/te49rb1dge49zs.html IP54.231.193.168:0
File typeHTML document, ASCII text, with no line terminators Hash8f98d23997acc169a9c0959c4676c13f 16dd81a4373411a1d20b7cb1023628ef03245bb7 059a6e9be7094c855fef743d7a904fee808bcbf59da9b38acb50a1e0fa1ef79b
GET /te49rb1dge49zs/te49rb1dge49zs.html HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
x-amz-id-2: y4GiCSDsah6zgxkFfjUhu57WDIPORUpbVhB99GysNck6kjNvb+ysyUFABU1bi6BAU95xyg4+/oQ=
x-amz-request-id: NMNMG1ZNAQ9W9AQP
Date: Sun, 04 Sep 2022 19:59:36 GMT
Last-Modified: Sun, 04 Sep 2022 19:33:21 GMT
ETag: "8f98d23997acc169a9c0959c4676c13f"
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Length: 106
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Sep 2022 19:59:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.27 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.27:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 04 Sep 2022 19:38:16 GMT
Expires: Sun, 04 Sep 2022 20:06:12 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: W0W6S4wVyy2dAeFDVT2v7JGAWz2IhDHVuoS0F9KFoznNiyLeyGAw1w==
Age: 1280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash77d035f38a45e8a1ec30d5fe9611880b 01cf34de95257da64dac90edf5a86203f1160271 7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5261
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:36 GMT
Last-Modified: Sun, 04 Sep 2022 18:31:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
|
|
| cycleladypalms.com/qs=r-ahdiiacbgdjcgcbfafgedkjhakjcfhfgafehdhabababahkadfkaccaccddadccfacfeebdacb | 15.235.131.136 | 302 Found | 0 B |
URL HTTP/1.1cycleladypalms.com/qs=r-ahdiiacbgdjcgcbfafgedkjhakjcfhfgafehdhabababahkadfkaccaccddadccfacfeebdacb IP15.235.131.136:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /qs=r-ahdiiacbgdjcgcbfafgedkjhakjcfhfgafehdhabababahkadfkaccaccddadccfacfeebdacb HTTP/1.1
Host: cycleladypalms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 04 Sep 2022 19:59:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.33
location: https://ddggpro.com/?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69
|
|
| push.services.mozilla.com/ | 34.210.39.83 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.210.39.83:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +WJuQi80Bh/G9yYkMmDEcQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 46K5rsHLuJg6p/wPusuWiK+nRnc=
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.20.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.20.226:0
Hash91dfc9896d12eca3f667e0bbb52144dd d973eea9794680f259fa140dbdce24943c1d7839 43783304ee2f80822fb3a9d6c1d13a2b25fe5c2629bf28357278f5e8750ab6bb
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:59:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 08 Sep 2022 17:10:49 GMT
ETag: "d973eea9794680f259fa140dbdce24943c1d7839"
Last-Modified: Sun, 04 Sep 2022 17:10:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74594e808d7bb52d-OSL
|
|
| ddggpro.com/?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69 | 34.224.181.209 | 302 Found | 344 B |
URL HTTP/1.1ddggpro.com/?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69 IP34.224.181.209:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash1eedbf4e1cfdf4e1323e50e667b205a1 622244b5b4dcdb092484c70c62cb9c6d2a7f6f8c e59431cc541cc4616acae4879f59a8bd4160057c4c2d3c270e439cf1560f257f
GET /?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69 HTTP/1.1
Host: ddggpro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 04 Sep 2022 19:59:37 GMT
content-type: text/html; charset=utf-8
content-length: 344
cache-control: private
location: https://speedtrkgood.com/?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69&ckmguid=542a1fc4-57e2-45fa-87c1-bafd204947ec
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.20.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.20.226:0
Hashd5917c26e8db58c386b198ad1f2f6e02 16a35ccf98ee5c8219231126df6e53b12f7768b3 6e6a214b85014ad115822b8dda18eb6ac1ba091945e18804fc22ea6b7769b61b
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Sep 2022 19:59:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 08 Sep 2022 19:21:38 GMT
ETag: "16a35ccf98ee5c8219231126df6e53b12f7768b3"
Last-Modified: Sun, 04 Sep 2022 19:21:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74594e841aafb52d-OSL
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb15f3f14bd92b7a544ec2347e6810c7b dd55fd8396d796082edabb5ab6e2d7fb3b51b731 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Sun, 04 Sep 2022 22:06:14 GMT
Date: Sun, 04 Sep 2022 19:59:37 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb15f3f14bd92b7a544ec2347e6810c7b dd55fd8396d796082edabb5ab6e2d7fb3b51b731 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Sun, 04 Sep 2022 22:06:14 GMT
Date: Sun, 04 Sep 2022 19:59:37 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb15f3f14bd92b7a544ec2347e6810c7b dd55fd8396d796082edabb5ab6e2d7fb3b51b731 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Sun, 04 Sep 2022 22:06:14 GMT
Date: Sun, 04 Sep 2022 19:59:37 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb15f3f14bd92b7a544ec2347e6810c7b dd55fd8396d796082edabb5ab6e2d7fb3b51b731 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Sun, 04 Sep 2022 22:06:14 GMT
Date: Sun, 04 Sep 2022 19:59:37 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb15f3f14bd92b7a544ec2347e6810c7b dd55fd8396d796082edabb5ab6e2d7fb3b51b731 87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7597
Expires: Sun, 04 Sep 2022 22:06:14 GMT
Date: Sun, 04 Sep 2022 19:59:37 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg | 34.120.237.76 | 200 OK | 9.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1bdfdf7e36f78f2f0e4d7ede9fdb76a8 babb88202741bbf2d4fd25e0731a4a7a6fcc28f8 949ea108642789e1014150909060f11d99608f082760d0e868a90282f2768d43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9690
x-amzn-requestid: 614c99f8-116a-4603-bcde-3fbd5bfa14d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wx1HInIAMFiYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c80b-25c09c3227d72395408782f0;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5_jCLvdAC-XR-ax3RUbbx9275KPwACOPtAMxSbmv-aP-Lra4sC5zvw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:51:41 GMT
age: 79676
etag: "babb88202741bbf2d4fd25e0731a4a7a6fcc28f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash10318189f33f071dda64249ab9c8c5bb e5b5b649a243e5c004d9923d19d4421d1ea96d23 3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwHErUIAMFmNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oU-qOKW_Jy8MV0HLQWofKsOi_qseUcyZRoP5LoyLsCclpCgf6NHiBA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 22:02:43 GMT
age: 79014
etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6bb4b1d74f1443bc3328301ab3ae6464 2768253dacaaad6cb498c6b2eb7694208b0ce0a6 07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8688
x-amzn-requestid: 1c5fbc89-8ce8-4792-b713-f2c0ceeab737
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wifFJYoAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7a9-214311e155c661ff77d89906;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wd9SF3txQNTVUaSPcKQ_nQfPt1pBjFbuHzSZiQjfbGBSb-i7J8Rgjg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:44:29 GMT
age: 80108
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfc4ceb10dd9fcaab21ae58dcf10c401f 6ce530af682094dc5413db9de02565691fab4da7 84ad58e126cce2ab6b1568ffe89a116bc1de0310bb72d4530eead2fb8191572c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11380
x-amzn-requestid: 61f37e21-33a8-49e6-b384-4ca1fcfbffa5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8TLFA3oAMFQjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117414-42de5c4128eb9e011d848356;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: s0voKdiDdj0mq8-VRFSWcYcQXaWti7929bpdKSQMWDoVCmOAPepuDg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 03:48:57 GMT
age: 58240
etag: "6ce530af682094dc5413db9de02565691fab4da7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c475e9b-fa82-4942-8a4a-d6d3f5061558.webp | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c475e9b-fa82-4942-8a4a-d6d3f5061558.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8cdd0826b7d8be62cc2ed532e04e137b 383a0661fa09d9b48745b507389d0505303b6182 f2d04cf1ee9b5a885c246060c1036b21af4ecd3e51e5d05a529dbe0d63f7c2ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c475e9b-fa82-4942-8a4a-d6d3f5061558.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10713
x-amzn-requestid: d546a12c-c549-4ad3-80ad-6bad452927d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5winGzHIAMFTPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7aa-2060c6611eb4abb777cc17a8;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rnd2mdQQcKzRP5RAJXmcJUSmO_AnlUgVrkT5tBR38PtfK_bThFBTtg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:47:53 GMT
age: 79904
etag: "383a0661fa09d9b48745b507389d0505303b6182"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg | 34.120.237.76 | 200 OK | 15 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashca50f9c56ff869b0b63ca71b1a9f8170 13b16ca74113dfd52ccf23e6bb39307fc713f984 76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14855
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjuGtpoAMFvvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M9Y8U9vqVs1ATiPP9jLPybTJ-xwC--5oiRUpj9-imTWfh6_rmtL5Kw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:54:46 GMT
age: 79491
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| speedtrkgood.com/?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69&ckmguid=542a1fc4-57e2-45fa-87c1-bafd204947ec | 18.232.203.164 | 302 Found | 301 B |
URL HTTP/1.1speedtrkgood.com/?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69&ckmguid=542a1fc4-57e2-45fa-87c1-bafd204947ec IP18.232.203.164:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashc83229b3cfa8bd5bf97c66866c897a0b c5c59a23cf334cdaa41209965bade8b949422de4 f3cccbc8f53b824ee4e51e39d88d9c8bfb5f31575ec8cf2d78af53ad5a9815e1
GET /?E=tUuTPs3iyuv1y5qf3QxhoKxavGm3qme8DbfaF54T%2fx8%3d&s1=43626_9814645_11&s2=6277_1052815104_0_0_0_4532986_69_2114_143302_9814645_10_1122&s3=69&ckmguid=542a1fc4-57e2-45fa-87c1-bafd204947ec HTTP/1.1
Host: speedtrkgood.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Sun, 04 Sep 2022 19:59:38 GMT
content-type: text/html; charset=utf-8
content-length: 301
cache-control: private
location: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: sl=hoE8y57h1sXiZHEKt1pETR1EYQB2zJBmoUCeHdDpw26ox2pbZh5hJQ==; domain=.speedtrkgood.com; path=/; SameSite=None; secure; HttpOnly
tym=Zm4UmKo/M+/iZHEKt1pETR1EYQB2zJBmoUCeHdDpw26ox2pbZh5hJQ==; domain=.speedtrkgood.com; expires=Wed, 04-Sep-2024 19:59:37 GMT; path=/; SameSite=None; secure; HttpOnly
c31861=hoE8y57h1sV2DViyKatKTlFH5WRAN65i+rLEOCfbfzcKRABYnJg0QQ==; domain=.speedtrkgood.com; expires=Tue, 04-Oct-2022 19:59:37 GMT; path=/; SameSite=None; secure; HttpOnly
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hash16483686fd8b50bd3df51aa2e7798456 825c10c52951d1c0220f78c4e8f42ac06728afea adf78176ec3b41a21447cbd15ab0e1106fa1f10a08e61271e8a06199e6d8aa81
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:38 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ePdj88e0k7IPgFPdi39j42mDYt2Z2BmdMIKGPf-2S8veIGdBtCNFtw==
|
|
| www.lejeunelawsuits.com/1step/lpd01/img/ll-logo-3.png | 143.204.55.110 | 200 OK | 54 kB |
URL HTTP/2www.lejeunelawsuits.com/1step/lpd01/img/ll-logo-3.png IP143.204.55.110:0
File typePNG image data, 2437 x 632, 8-bit/color RGBA, non-interlaced\012- data Hasha07d9731901abfcad39bd45aee1a2281 6486d12587d178f0f671510ce90897040a81da45 4325dd1f07be26159ae0de3260091bc1873689cd1c9201930469fb51d8a0a350
GET /1step/lpd01/img/ll-logo-3.png HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 54410
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Sat, 03 Sep 2022 20:35:00 GMT
etag: "a07d9731901abfcad39bd45aee1a2281"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DTYmZFKs3aOjBWZHCDBBx24IUtPqoaiqa_XvE5jY_Sfn8yyeshrnuA==
age: 84279
X-Firefox-Spdy: h2
|
|
| www.lejeunelawsuits.com/1step/lpd01/img/vidposter3.jpg | 143.204.55.110 | 200 OK | 31 kB |
URL HTTP/2www.lejeunelawsuits.com/1step/lpd01/img/vidposter3.jpg IP143.204.55.110:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1413x791, components 3\012- data Hash98222e016619095939d8bbf5a70658d7 a0d4cf1efdd473b1bb701e101a09ed7f0a5930ba 8146545ce8dc9e9fd19b5dfa3bc515e176a9254119ad0f73913bce9417c0e811
GET /1step/lpd01/img/vidposter3.jpg HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 30854
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Sun, 04 Sep 2022 05:22:55 GMT
etag: "98222e016619095939d8bbf5a70658d7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KwSpNcJdvdEaHbQkf8y4hTTFooh8KHx2cUAKXMWCeDonlBGy664HHg==
age: 52604
X-Firefox-Spdy: h2
|
|
| www.lejeunelawsuits.com/1step/lpd01/img/chevronclear.png | 143.204.55.110 | 200 OK | 8.2 kB |
URL HTTP/2www.lejeunelawsuits.com/1step/lpd01/img/chevronclear.png IP143.204.55.110:0
File typePNG image data, 300 x 275, 8-bit/color RGBA, non-interlaced\012- data Hash98ef78c3ec49601701fe8869417157c6 9ae51b255f943f751104f7c83353beeeab9f513c 4429e2c227892ba131446b00b7484af8bc6d44be891ca976ddf3d14efed3eee8
GET /1step/lpd01/img/chevronclear.png HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 8151
date: Sun, 04 Sep 2022 01:39:56 GMT
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
etag: "98ef78c3ec49601701fe8869417157c6"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 42Dfr0YiTD_04KnB3-1n89oA9U8Yo_ksXZVogtVfJr7-wCc-F-jMBA==
age: 65983
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hasha73c40e0fed317f31e35a24d5b5e2d0d fb19e9d403e37956762ebb527260576860161872 4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hashc575d86ec5d4686303232abc4f6c2b47 f542eecf59a48034ca84be42dc870d70403e6ea8 dac96b063492b55dc89bbca7740caeaed649a4da5363b10e49e45ef4c18e3490
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:38 GMT
Last-Modified: Sun, 04 Sep 2022 19:11:23 GMT
Server: ECS (dcb/7EC7)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fkJzKSG77pRGiuH8bMAxDyxa7CHxZM-Sy3sXME_eQ5f3NVYBxiI9zA==
Age: 2895
|
|
| sdk.helixbi.io/helixlead.js | 143.204.55.87 | 200 OK | 5.4 kB |
URL HTTP/2sdk.helixbi.io/helixlead.js IP143.204.55.87:0
File typeASCII text, with CRLF line terminators Hashb3c9eca5f6d38f65ee802bd80e43b981 8d4c85f85fd5642e0381e95d471cc2968298b4e6 bd1f220e6edc24a22f3c6609f8474884a64a83fcafe18e15eafac29040e15607
GET /helixlead.js HTTP/1.1
Host: sdk.helixbi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 5373
date: Sun, 04 Sep 2022 06:56:21 GMT
last-modified: Tue, 19 Jul 2022 17:39:06 GMT
etag: "b3c9eca5f6d38f65ee802bd80e43b981"
x-amz-version-id: N30faJXpS1esiDCJNgGAI2m9ItY5SWqw
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EyPvqVUe24Y8agtzag_SIOUvOQzxb_rf62aBibA3yno3sc9KNtejdw==
age: 46997
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,500;0,600;0,700;0,800;1,700&display=swap | 142.250.74.10 | 200 OK | 1.3 kB |
URL HTTP/2fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,500;0,600;0,700;0,800;1,700&display=swap IP142.250.74.10:0
Hash31ab2330a1bd8ebc72b2828af12cf901 ceed9e66ffdde51613a7c978650cdef1971c2737 86df0e0be390e30b14da85623fa4412889f19ce4c96b787a98f63658692f827d
GET /css2?family=EB+Garamond:ital,wght@0,400;0,500;0,600;0,700;0,800;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Sep 2022 19:59:38 GMT
date: Sun, 04 Sep 2022 19:59:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hashc575d86ec5d4686303232abc4f6c2b47 f542eecf59a48034ca84be42dc870d70403e6ea8 dac96b063492b55dc89bbca7740caeaed649a4da5363b10e49e45ef4c18e3490
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:38 GMT
Server: ECS (dcb/7F82)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 583RkvRUj5EShh560x97rWtf-KZZOc4kbwti_ylOL_xlcLxCxobiBw==
|
|
| sdk.helixbi.io/bltable.js | 143.204.55.87 | 200 OK | 65 kB |
URL HTTP/2sdk.helixbi.io/bltable.js IP143.204.55.87:0
File typeASCII text, with very long lines (65219), with CRLF line terminators Hash4ef0931a84745050dc9ce973340911cc b376fe14717e56bc349d9bb63afa8f7311515feb c0b4fc6bd9029a4baa5d66b216c5d4d06c2bff0d1d56f4403e431656211006a3
GET /bltable.js HTTP/1.1
Host: sdk.helixbi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 65289
last-modified: Fri, 02 Sep 2022 16:13:07 GMT
x-amz-version-id: tKERDOjv0Dg8wpKZCySqT3hCkGQm2H1Z
accept-ranges: bytes
server: AmazonS3
date: Sun, 04 Sep 2022 16:20:44 GMT
etag: "4ef0931a84745050dc9ce973340911cc"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nOqF84LfXMqIZFuW_EMbakKDDIwyvzj2Rle0pD9ie7CJ-lKX3_1k6A==
age: 13135
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hashc575d86ec5d4686303232abc4f6c2b47 f542eecf59a48034ca84be42dc870d70403e6ea8 dac96b063492b55dc89bbca7740caeaed649a4da5363b10e49e45ef4c18e3490
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:38 GMT
Server: ECS (dcb/7F38)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LeeYFclfACNrzHb42yTG0O6pT0h0CSv-SZUufQy6A0aPzRg0xlOWaw==
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashcc6ea3e01d1d6b8c4b28ff64d3b795a7 017457c6f5a63157102485a956c667aad36d33ef e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| sdk.helixbi.io/cd.js?ct_a=100776&ct_u=5560324DE9F28F1F7724FCE536762D5D | 143.204.55.87 | 200 OK | 16 kB |
URL HTTP/2sdk.helixbi.io/cd.js?ct_a=100776&ct_u=5560324DE9F28F1F7724FCE536762D5D IP143.204.55.87:0
File typeASCII text, with very long lines (16072), with no line terminators Hashfc0b3a91ad17eca1f1af0dea86fbb192 224e357efcb29d52ed1423101be1223f1080215c ff256f499b91c4ad86b6e387d8ef7f8917bb2c9b9387bbc01eae5ff14e1d14e1
GET /cd.js?ct_a=100776&ct_u=5560324DE9F28F1F7724FCE536762D5D HTTP/1.1
Host: sdk.helixbi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 16072
last-modified: Wed, 22 Jul 2020 22:46:04 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 22:54:09 GMT
etag: "fc0b3a91ad17eca1f1af0dea86fbb192"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hEQfgvAnB33PtRh_oUJB-zE6YIYkkVai9egvbfjej-JzBg2i_YTO1A==
age: 75930
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-T2CBVN9 | 142.250.74.72 | 200 OK | 38 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-T2CBVN9 IP142.250.74.72:0
File typeASCII text, with very long lines (1615) Hash9cb2c63eb92b61e93f101e90cfdc880c 1985f7d939238adfea5f0bfe3d804f721eeacd84 b46cca61f95aa18cdf5599ae2111b1cd2a177e20ac1e5505c3ac4bbe53d3bdfb
GET /gtm.js?id=GTM-T2CBVN9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Sep 2022 19:59:38 GMT
expires: Sun, 04 Sep 2022 19:59:38 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38360
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.lejeunelawsuits.com/1step/lpd01/img/marinehead.jpg | 143.204.55.110 | 200 OK | 93 kB |
URL HTTP/2www.lejeunelawsuits.com/1step/lpd01/img/marinehead.jpg IP143.204.55.110:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1333, components 3\012- data Hash918e00b0c52fafa6dc5ef912d1244768 2b07b36814aba689eb31a93f053c756ca68dc845 433f80fcc3688c5fa7273bed5735675e3b4868d3a8d8f21175dbb0502ed6e5a6
GET /1step/lpd01/img/marinehead.jpg HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 93109
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Sat, 03 Sep 2022 20:35:01 GMT
etag: "918e00b0c52fafa6dc5ef912d1244768"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0gbJgtMRyt1zYOc_HGjBoX__cXN0UUpyc1Ey3-jGVDuDpU9gmCj-yQ==
age: 84278
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashcc6ea3e01d1d6b8c4b28ff64d3b795a7 017457c6f5a63157102485a956c667aad36d33ef e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash3958546039b436bd448017432b45c949 45aadab2339c0718b57200a1b2849073c04f08f5 903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.lejeunelawsuits.com/1step/lpd01/main.css | 143.204.55.110 | 200 OK | 4.8 kB |
URL HTTP/2www.lejeunelawsuits.com/1step/lpd01/main.css IP143.204.55.110:0
File typeASCII text, with very long lines (393) Hash559d76d27cdd93a65ce8fc28a4de7a33 851f652cc21469af64534a440938dc1b5d3b5c41 b1074c806ee740cc95b6d5d7c07d3f3e88d7af4f3ed9916c9c5e1d137b03039e
GET /1step/lpd01/main.css HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
content-encoding: br
date: Sun, 04 Sep 2022 02:42:55 GMT
etag: W/"e784b0241ecfc41dccc5113101ad98ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rV3xvH86NdlicLwzAVvLU-9N3PRVNqqvJWc0mLWRKVxog9bigQjNDg==
age: 62204
X-Firefox-Spdy: h2
|
|
| www.lejeunelawsuits.com/1step/lpd01/bundle.js | 143.204.55.110 | 200 OK | 34 kB |
URL HTTP/2www.lejeunelawsuits.com/1step/lpd01/bundle.js IP143.204.55.110:0
File typeUnicode text, UTF-8 text, with very long lines (65534), with no line terminators Hashde550ba470f4101a780352bea90974c3 dfec5ebeba1cd164da7582f78268e5203a3f63ee 520e5c8fa62d9ea210d1e1619dfccba5fd12323482809021f53be78ee760da33
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /1step/lpd01/bundle.js HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 04 Sep 2022 00:40:50 GMT
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
etag: W/"38f8ebe118f41d522df14744389155a6"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u_GYjAwynJxJhTOPCJO--gwYMjcA2jyfMxrpVWlEDMfzvEAvf9wqGw==
age: 69529
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash98125354dbaa891018a9429a7aae3ea1 a692cc9a073c9666971db41444342fc9d7dab2e2 771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash3958546039b436bd448017432b45c949 45aadab2339c0718b57200a1b2849073c04f08f5 903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 | 142.250.74.163 | 200 OK | 40 kB |
URL HTTP/2fonts.gstatic.com/s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 40144, version 1.0\012- data Hash0116041b31726cea3144332b673919e8 c6f0008edefdcf305498582fa145917b7ce420c2 306b0d4768246ba448fa14872f6b5d7dcfcf3734fb3c9b68f9041cf86884c6ce
GET /s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.lejeunelawsuits.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 01:53:48 GMT
expires: Sun, 03 Sep 2023 01:53:48 GMT
cache-control: public, max-age=31536000
age: 151551
last-modified: Mon, 11 Jul 2022 19:16:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash3958546039b436bd448017432b45c949 45aadab2339c0718b57200a1b2849073c04f08f5 903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Sep 2022 19:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.lejeunelawsuits.com/1step/lpd01/img/check.png | 143.204.55.110 | 200 OK | 1.9 kB |
URL HTTP/2www.lejeunelawsuits.com/1step/lpd01/img/check.png IP143.204.55.110:0
File typePNG image data, 591 x 455, 8-bit colormap, non-interlaced\012- data Hash4f688e32e01aa6501fbb46c0e560a4db 76b9f852af73965584da2a7585c0f02690deb590 b29af146b7c0f76320090c4de3f8488ea74be090128a3f84ea98d18874e27a28
GET /1step/lpd01/img/check.png HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Cookie: 100776_ps=o2~|#d/u#!#2773432686376#-#w/j#!#45JEG:HJ46.2I1B.63J4#-#w/dg#!#2773432686384#-#w/td#!#2#-#w/d#!#2#-#w/gm#!#2773432686384#-#t/t#!#2773432686384#-#w/gt#!#2773432686384#-#w/dm#!#2773432686384#~; 100776_hxc=o2~|#8596#!|#i/dn/je#!#8596#-#i/dn/gs#!#2773432686384#-#i/dn/sd#!#2#-#i/dn/ut#!#2773432686384#-#i/dn/mq#!#iuuqt&4B00xxx/mfkfvofmbxtvjut/dpn02tufq0mqe120#-#i/dn/b2#!#53735#-#i/dn/b3#!#54737`:925756`22#-#i/dn/b4#!#483777:42#~~; 100776_ss=o2~|#t/td#!#2#~; 100776_cs=o2~|#qh#!|~-#dnq#!|~~; _gcl_au=1.1.308592511.1662321575
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1876
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Sat, 03 Sep 2022 20:46:00 GMT
etag: "4f688e32e01aa6501fbb46c0e560a4db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HoZ-zXjkrYjE2SlU5a5NW3tH1mAMZteMnsNbUejmAYsItWmZ-pndSg==
age: 83620
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hash0bf26d91cd34509d5fedb2bc94062353 f7a067498300eaa6e8b9ae4f3bc65f0e112f9056 7a3ddb479a093d513f8a2609052cbdd08c71e1d059f4a3e82d7f8c9a7d139091
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:39 GMT
Last-Modified: Sun, 04 Sep 2022 19:49:49 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PDD83DW4qEjhBEvKGsmZs5SO838wSGkokkZacCiCl9g3BpArxjNJyw==
Age: 590
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hash9d1b1f8863738d685244d8ff50edd446 c540a5855693f94781e7bcf67956a981f4e6e0f6 9a2668eab09ca5a2e653ebf87ecb978c131e8a263adc7d3685c30311063ba5da
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:39 GMT
Last-Modified: Sun, 04 Sep 2022 18:41:25 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hglFCJcUQOGhBMUKe8J2eGfJB1Gg--Evznq1sUK82ykTzhEu2DgOAQ==
Age: 4694
|
|
| api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293 | 3.230.219.164 | 301 Moved Permanently | 134 B |
URL HTTP/2api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293 IP3.230.219.164:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4aa7a432bb447f094408f1bd6229c605 1965c4952cc8c082a6307ed67061a57aab6632fa 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293 HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Sun, 04 Sep 2022 19:59:39 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293
X-Firefox-Spdy: h2
|
|
| www.lejeunelawsuits.com/1step/lpd01/img/CLVfav.png | 143.204.55.110 | 200 OK | 8.8 kB |
URL HTTP/2www.lejeunelawsuits.com/1step/lpd01/img/CLVfav.png IP143.204.55.110:0
File typePNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data Hashdabbdaedee96b2fd6043a33a4643f41a 9f2f5ee45b59b3539395f7968cf34d4451278c0f a2ccf5a32d6e940fd1fab511cac99228d05563386ca4c49c442ef9a3d76e081c
GET /1step/lpd01/img/CLVfav.png HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178
Cookie: 100776_ps=o2~|#d/u#!#2773432686376#-#w/j#!#45JEG:HJ46.2I1B.63J4#-#w/dg#!#2773432686384#-#w/td#!#2#-#w/d#!#2#-#w/gm#!#2773432686384#-#t/t#!#2773432686384#-#w/gt#!#2773432686384#-#w/dm#!#2773432686384#~; 100776_hxc=o2~|#8596#!|#i/dn/je#!#8596#-#i/dn/gs#!#2773432686384#-#i/dn/sd#!#2#-#i/dn/ut#!#2773432686384#-#i/dn/mq#!#iuuqt&4B00xxx/mfkfvofmbxtvjut/dpn02tufq0mqe120#-#i/dn/b2#!#53735#-#i/dn/b3#!#54737`:925756`22#-#i/dn/b4#!#483777:42#~~; 100776_ss=o2~|#t/td#!#2#~; 100776_cs=o2~|#qh#!|~-#dnq#!|~~; _gcl_au=1.1.308592511.1662321575; _ga_FPS8WV0V59=GS1.1.1662321575.1.0.1662321575.0.0.0; _ga=GA1.1.809370099.1662321576
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 8792
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
server: AmazonS3
date: Sat, 03 Sep 2022 20:15:46 GMT
etag: "dabbdaedee96b2fd6043a33a4643f41a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XwVcqfX23kjF_6Hi3oCaU_XsDIWfJvYOVeEi0kTVt6mK11-KUf-kFQ==
age: 85434
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hash2503c1a369b7c49bfa130d30982cef0b 10b78b9ea451514529903f9dc8afa14e2faa269e e44ef17d03ceb3e9c6be565d5c2103d59127203b62516ca4849c32c546aa7577
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:39 GMT
Last-Modified: Sun, 04 Sep 2022 18:22:24 GMT
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CVvFXoejvvjH6_gdRFxOU6qmCzr-3V8QzAUKR1O2G8SZd6dk6g_R4Q==
Age: 5835
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hash6064def67bc55b45ac299ddc4d22f62c 4ef4f36a1441a330994b65481ba96815fa75e5fd b33cdf2a57a02a085e6344d9a2370b550108d75b1c55130d662243be00e5b47e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Sep 2022 19:59:39 GMT
Last-Modified: Sun, 04 Sep 2022 18:54:40 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PZgxbFDostWmx6MUmqnxl_WpOxDw4Ll2gG9M_-HEBCnt1o34H4cCZw==
Age: 3900
|
|
| gw.helixbi.io/gw?g.t=1662321575273&g.r=i&g.d=100776&g.u=5560324DE9F28F1F7724FCE536762D5D&dv.gv=0.1.0&g.x=34IDF9GI35-1H0A-52I3&g.i=1.1.0-JSW&v.i=34IDF9GI35-1H0A-52I3&g.a=pv&p.t=Lejuene%20Lawsuits&s.sr=1280x1024&p.sc=1&s.sc=1&v.sc=1&v.c=1&v.fl=1662321575273&s.s=1662321575273&v.fs=1662321575273&h.cm.id=7485&h.cm.lp=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F&h.cm.a1=42624&h.cm.a2=43626_9814645_11&h.cm.a3=372666931&h.cm.fr=1662321575273&h.cm.rc=1&h.cm.ts=1662321575273&h.et=campaigns | 44.241.18.46 | 200 OK | 43 B |
URL HTTP/2gw.helixbi.io/gw?g.t=1662321575273&g.r=i&g.d=100776&g.u=5560324DE9F28F1F7724FCE536762D5D&dv.gv=0.1.0&g.x=34IDF9GI35-1H0A-52I3&g.i=1.1.0-JSW&v.i=34IDF9GI35-1H0A-52I3&g.a=pv&p.t=Lejuene%20Lawsuits&s.sr=1280x1024&p.sc=1&s.sc=1&v.sc=1&v.c=1&v.fl=1662321575273&s.s=1662321575273&v.fs=1662321575273&h.cm.id=7485&h.cm.lp=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F&h.cm.a1=42624&h.cm.a2=43626_9814645_11&h.cm.a3=372666931&h.cm.fr=1662321575273&h.cm.rc=1&h.cm.ts=1662321575273&h.et=campaigns IP44.241.18.46:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashfc94fb0c3ed8a8f909dbc7630a0987ff 56d45f8a17f5078a20af9962c992ca4678450765 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /gw?g.t=1662321575273&g.r=i&g.d=100776&g.u=5560324DE9F28F1F7724FCE536762D5D&dv.gv=0.1.0&g.x=34IDF9GI35-1H0A-52I3&g.i=1.1.0-JSW&v.i=34IDF9GI35-1H0A-52I3&g.a=pv&p.t=Lejuene%20Lawsuits&s.sr=1280x1024&p.sc=1&s.sc=1&v.sc=1&v.c=1&v.fl=1662321575273&s.s=1662321575273&v.fs=1662321575273&h.cm.id=7485&h.cm.lp=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F&h.cm.a1=42624&h.cm.a2=43626_9814645_11&h.cm.a3=372666931&h.cm.fr=1662321575273&h.cm.rc=1&h.cm.ts=1662321575273&h.et=campaigns HTTP/1.1
Host: gw.helixbi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Sep 2022 19:59:39 GMT
content-type: image/gif
content-length: 43
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Jetty(9.4.2.v20170220)
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-FPS8WV0V59>m=2oe8v0&_p=1745441833&cid=809370099.1662321576&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662321575&sct=1&seg=0&dl=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F%3Fhxc_id%3D7485%26hxc_a1%3D42624%26hxc_a2%3D43626_9814645_11%26hxc_a3%3D372666931%26utm_source%3Ddta%26utm_medium%3Demail%26utm_content%3D20178&dt=Lejuene%20Lawsuits&en=page_view&_fv=1&_nsi=1&_ss=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-FPS8WV0V59>m=2oe8v0&_p=1745441833&cid=809370099.1662321576&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662321575&sct=1&seg=0&dl=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F%3Fhxc_id%3D7485%26hxc_a1%3D42624%26hxc_a2%3D43626_9814645_11%26hxc_a3%3D372666931%26utm_source%3Ddta%26utm_medium%3Demail%26utm_content%3D20178&dt=Lejuene%20Lawsuits&en=page_view&_fv=1&_nsi=1&_ss=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-FPS8WV0V59>m=2oe8v0&_p=1745441833&cid=809370099.1662321576&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662321575&sct=1&seg=0&dl=https%3A%2F%2Fwww.lejeunelawsuits.com%2F1step%2Flpd01%2F%3Fhxc_id%3D7485%26hxc_a1%3D42624%26hxc_a2%3D43626_9814645_11%26hxc_a3%3D372666931%26utm_source%3Ddta%26utm_medium%3Demail%26utm_content%3D20178&dt=Lejuene%20Lawsuits&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lejeunelawsuits.com
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.lejeunelawsuits.com
date: Sun, 04 Sep 2022 19:59:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| api.trustedform.com/certs | 3.230.219.164 | 201 Created | 475 B |
URL HTTP/2api.trustedform.com/certs IP3.230.219.164:0
File typeJSON data\012- , ASCII text, with very long lines (475), with no line terminators Hashbd1636e0454173d9d0b04a89bc5a5ca7 f4cade43ed99408047144ae58df9778f67eb769b 3a98a598f03eb7543904d78b2c52b58a8c5f554c210bc7611dc2ac41e75462be
POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 706
Origin: https://www.lejeunelawsuits.com
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
date: Sun, 04 Sep 2022 19:59:40 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
|
|
| api.trustedform.com/certs/a5897a91ffb48206e1c91a25ea2bfa555b00673a/snapshot | 3.230.219.164 | 204 No Content | 0 B |
URL HTTP/2api.trustedform.com/certs/a5897a91ffb48206e1c91a25ea2bfa555b00673a/snapshot IP3.230.219.164:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/a5897a91ffb48206e1c91a25ea2bfa555b00673a/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 7899
Origin: https://www.lejeunelawsuits.com
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 04 Sep 2022 19:59:40 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
|
|
| www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178 | 143.204.55.110 | 200 OK | 0 B |
URL HTTP/2www.lejeunelawsuits.com/1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178 IP143.204.55.110:0
GET /1step/lpd01/?hxc_id=7485&hxc_a1=42624&hxc_a2=43626_9814645_11&hxc_a3=372666931&utm_source=dta&utm_medium=email&utm_content=20178 HTTP/1.1
Host: www.lejeunelawsuits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
date: Sun, 04 Sep 2022 01:34:14 GMT
last-modified: Wed, 31 Aug 2022 20:12:48 GMT
etag: W/"8bfc5d5f2a6a37764b2bb97bc5b3162d"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZxhI-lt4FM0LaXMnTB7rxxdmL9K19Z0MPBzqmz2gHkzQgkSIwhBEMw==
age: 66325
X-Firefox-Spdy: h2
|
|
| s3.us-west-2.amazonaws.com/converge.cdn/media/InvisibleMonster.mp4 | 52.218.236.16 | 206 Partial Content | 0 B |
URL HTTP/1.1s3.us-west-2.amazonaws.com/converge.cdn/media/InvisibleMonster.mp4 IP52.218.236.16:0
GET /converge.cdn/media/InvisibleMonster.mp4 HTTP/1.1
Host: s3.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
x-amz-id-2: wC6jTUpDJ4gZIpPPY9ogHPc87qyr5Uys8hYGrMppkO9RnDOD2jY6yXNM0eob51AwgtXNIj5VIo4=
x-amz-request-id: 0TBZDMBMPXN9AYYZ
Date: Sun, 04 Sep 2022 19:59:40 GMT
Last-Modified: Thu, 16 Jun 2022 18:40:47 GMT
ETag: "9214711136be7244be79394698156916"
x-amz-version-id: XBNOMZpSkrUNcrzaV0y8si0aJBv.kmEF
Accept-Ranges: bytes
Content-Range: bytes 0-12107025/12107026
Content-Type: video/mp4
Server: AmazonS3
Content-Length: 12107026
|
|
| cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293 | 54.230.111.111 | 200 OK | 0 B |
URL HTTP/2cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293 IP54.230.111.111:0
GET /bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16623215752960.7153858279265293 HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lejeunelawsuits.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 04 Sep 2022 19:59:40 GMT
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
x-amz-version-id: 9tpprjSXF1V1i663qaS1L8y.yb5CQ2dA
etag: W/"97d91c9803cec4e7981c0f415c2c1923"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7O12IzanK8LVJbVhP2RgJxy1kKkKyqkWZ8nfxi1BuXzem3D6F3Z9UQ==
X-Firefox-Spdy: h2
|
|
| cdn.trustedform.com/trustedform-1.8.27.js | 54.230.111.111 | 200 OK | 0 B |
URL HTTP/2cdn.trustedform.com/trustedform-1.8.27.js IP54.230.111.111:0
GET /trustedform-1.8.27.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lejeunelawsuits.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 16 Aug 2022 18:53:06 GMT
x-amz-version-id: 6olc5v40B1RpRJGb5GYISB93fSUp4tqK
server: AmazonS3
content-encoding: gzip
date: Sun, 04 Sep 2022 19:59:40 GMT
etag: W/"2f557edcc84fd346c897a4d565e57ac0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vo7F8kzuzkmfYgUwnPO7s8PHiwfnf0dfuPMEB0PfxikoAV0rYQvLPw==
age: 4
X-Firefox-Spdy: h2
|
|