985.novitrk3.com/smartlink?mongo_id=631afa19f016da40b82ce0eb&mongo_grouped_id=631af2f7bbb99277f710540d&redirect_url=www.google.com&bot=1&suspicious=1&suspicious_reason=noscript
188.240.52.20302 Found 718 B URL HTTP/1.1 985.novitrk3.com/smartlink?mongo_id=631afa19f016da40b82ce0eb&mongo_grouped_id=631af2f7bbb99277f710540d&redirect_url=www.google.com&bot=1&suspicious=1&suspicious_reason=noscript
IP 188.240.52.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c09e45d60a613f0379ce67edf3575a36
2a6ca80efe2d5d41ce5dddf0e412e87295caad53
48cdcbea1ad9f56f8e3bdfedbd54149d7825d78fbf83e0500d5807e711e24658
GET /smartlink?mongo_id=631afa19f016da40b82ce0eb&mongo_grouped_id=631af2f7bbb99277f710540d&redirect_url=www.google.com&bot=1&suspicious=1&suspicious_reason=noscript HTTP/1.1
Host: 985.novitrk3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.19.10
Date: Fri, 09 Sep 2022 08:32:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, must-revalidate
Location: https://985.novitrk3.com/smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source=
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjJEOVhTaWQyaEpoeGpWVE5jK09JOEE9PSIsInZhbHVlIjoiQi9PQ0l4UTJyOVpXaUYvT3MyRTFjd2VMVEMxdFNCdThYeE43aVQ4OUhwN2tnRzBLdlh1cTlaTmZJN1VQS05rQURwUm1MZytxMnBLNnkxTitwaVV1V1Q5RXhxZ0FKVzFZVHJvTmVDQyszOVdlUVZRcksyWjI2NWxIWWJzQk5kZzUiLCJtYWMiOiI1NTg5YjE1NGRjOTJkNGIwOWEyMzQzZWU5YjJmOGYyODQ2OTdiNDI1ODhiNDJkNWI3NDVkNzhiZGVkZWUxYzJmIiwidGFnIjoiIn0%3D; expires=Fri, 09-Sep-2022 10:32:41 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IjZVWEk2NDN5R3U4RnJpWnRlVE9TZ3c9PSIsInZhbHVlIjoicldmZTlsU3NiQ0k1U25ucjFZZC90VGROamVVY0hydDhGOElhdGZwRnBQZHNIZy9hRitvNFJhU1Y4Tk0rWFJtV243dFB0ZUpNMlZrQThMQStCL1NrckJja0J2c1ZjSk5Zc2xoWlM1RWhXUTd2aHNHUE5SOGVweVlSQVljdy8wT1UiLCJtYWMiOiI4ODIyMWI3MDNjZTg5YzFiYTlmYTFjMmU4ZTQ0OGNiMTA2NGM0N2I2ODNmZDgyZjY0Njc5ZTFhMTkzNGU1YTRiIiwidGFnIjoiIn0%3D; expires=Fri, 09-Sep-2022 10:32:41 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 07:55:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LwiPpzAS6Ktz0VN0wxW8RkOdoFvUUuD0vCQvHLAay41K_g_7UIvJbA==
Age: 2210
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4067
Expires: Fri, 09 Sep 2022 09:40:28 GMT
Date: Fri, 09 Sep 2022 08:32:41 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4jvlCvA6WCkHIYBLZfFeqGrRCf3ejxLu8o4wsuNgHVVwCrdvX5grPA==
age: 17167
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 08:32:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
985.novitrk3.com/smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source=
188.240.52.20200 OK 3.0 kB URL HTTP/2 985.novitrk3.com/smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source=
IP 188.240.52.20:0
Hash 6a61e83a49e85aee75ed2a17ad389f7e
1014fafbb0ea08acaa5105544165f5d41e61e5e5
d2dc1d0cf5852af197cb2275c534f83931b7611654dbe715ada745e1126978f6
GET /smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source= HTTP/1.1
Host: 985.novitrk3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx/1.19.10
date: Fri, 09 Sep 2022 08:32:41 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImhneHpnVlZqWngyc05NMWh3ZHJrQ1E9PSIsInZhbHVlIjoiblYyUXhOY0Z6cUtCU0czdHNQU2ZkbS9XeDkzc2tLL2kwSTVvSnlBZnFqMmRWN1M4OXY4SFkrNjZyVVdLWlM3TzFZQ0o1R3JhanY3WkR3R3U3OENCVTkxZEpzR0h5UVEzdllzeTlBRWo0WExOZFJNTUdzUzkrL0VlMzlDNW9YYWIiLCJtYWMiOiI1YzJhYzcwYzU4YzRhZGNkNmViZGQ2ZDllMjYwN2YwMjU4ZWYyMWI0ZTAyNjA5NDk0NjA2MTA4MDczYTMyYmNlIiwidGFnIjoiIn0%3D; expires=Fri, 09-Sep-2022 10:32:41 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6InBZOGN3NnZseHRINzFmTXFncG05YWc9PSIsInZhbHVlIjoiaGxFcHJuN2RBMDhEMER0MzY2dGMxenhlbUFQOHJjM0xWVDVnU0hXbFFabTZsZUsxUkY2blhMWUFYQnlsZjltWEMyUGlKTUFCSHR2QUhlTkRVYzJYakNsVUZHQ0VQVlpPaDQzcEJMWksxM21CQ1BIbTRzMnpGbHJQMXh4Q29td1giLCJtYWMiOiI4N2Q5NzQ4NTEwMjY4NzJmZTNkZGNiOTkxMDRmNjA0MGU3YzIzZDUyN2ZhYjcyNjE3NjllNDc5Y2JjYTllNWRkIiwidGFnIjoiIn0%3D; expires=Fri, 09-Sep-2022 10:32:41 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5924
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 08:32:42 GMT
Last-Modified: Fri, 09 Sep 2022 06:53:58 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
985.novitrk3.com/smartlink?mongo_id=631afa2962594023033c92e6&mongo_grouped_id=631af9f6b12546294d62b771&redirect_url=https%3A%2F%2Fm.news-page.net%2F%3Futm_medium%3D98774ae3068a24906aeee5af1282751e21ca5683%26utm_campaign%3Dmainstream_np%261%3D3%262%3D%7Bsubid%7D%26cid%3D901601550%26np%3D1&fingerprint=eyJ3ZWJkcml2ZXIiOjAsImhlYWRsZXNzIjowLCJjaHJvbWUiOjAsIm9uTGluZSI6MSwiY29va2llRW5hYmxlZCI6MSwicGx1Z2lucyI6MCwibWltZVR5cGVzIjowLCJzY3JlZW5XaWR0aCI6MTI4MCwic2NyZWVuSGVpZ2h0IjoxMDI0LCJvdXRlcldpZHRoIjoxMjgwLCJvdXRlckhlaWdodCI6MTAyNCwiY29sb3JEZXB0aCI6MjQsImRldmljZU1lbW9yeSI6MCwiaGFyZHdhcmVDb25jdXJyZW5jeSI6MTYsInN0YW5kYWxvbmUiOjAsInRpbWV6b25lIjoiVVRDIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxhbmd1YWdlcyI6WyJlbi1VUyIsImVuIl0sInBsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidG91Y2giOjAsImlmcmFtZSI6MCwiZXZhbCI6MzcsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwib3ZlcnJpZGUiOjEsImR1cmF0aW9uIjozMn0=&js=1
188.240.52.20302 Found 870 B URL HTTP/2 985.novitrk3.com/smartlink?mongo_id=631afa2962594023033c92e6&mongo_grouped_id=631af9f6b12546294d62b771&redirect_url=https%3A%2F%2Fm.news-page.net%2F%3Futm_medium%3D98774ae3068a24906aeee5af1282751e21ca5683%26utm_campaign%3Dmainstream_np%261%3D3%262%3D%7Bsubid%7D%26cid%3D901601550%26np%3D1&fingerprint=eyJ3ZWJkcml2ZXIiOjAsImhlYWRsZXNzIjowLCJjaHJvbWUiOjAsIm9uTGluZSI6MSwiY29va2llRW5hYmxlZCI6MSwicGx1Z2lucyI6MCwibWltZVR5cGVzIjowLCJzY3JlZW5XaWR0aCI6MTI4MCwic2NyZWVuSGVpZ2h0IjoxMDI0LCJvdXRlcldpZHRoIjoxMjgwLCJvdXRlckhlaWdodCI6MTAyNCwiY29sb3JEZXB0aCI6MjQsImRldmljZU1lbW9yeSI6MCwiaGFyZHdhcmVDb25jdXJyZW5jeSI6MTYsInN0YW5kYWxvbmUiOjAsInRpbWV6b25lIjoiVVRDIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxhbmd1YWdlcyI6WyJlbi1VUyIsImVuIl0sInBsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidG91Y2giOjAsImlmcmFtZSI6MCwiZXZhbCI6MzcsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwib3ZlcnJpZGUiOjEsImR1cmF0aW9uIjozMn0=&js=1
IP 188.240.52.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (351)
Hash a2db98b765f6e270bde098548d29f717
5212dc690488f6e7f33dd5d94d33f2e1554c5f09
4ba753c142725dae68a2103a9128c119563411b8a5a0c4df2463ffaa68d05095
GET /smartlink?mongo_id=631afa2962594023033c92e6&mongo_grouped_id=631af9f6b12546294d62b771&redirect_url=https%3A%2F%2Fm.news-page.net%2F%3Futm_medium%3D98774ae3068a24906aeee5af1282751e21ca5683%26utm_campaign%3Dmainstream_np%261%3D3%262%3D%7Bsubid%7D%26cid%3D901601550%26np%3D1&fingerprint=eyJ3ZWJkcml2ZXIiOjAsImhlYWRsZXNzIjowLCJjaHJvbWUiOjAsIm9uTGluZSI6MSwiY29va2llRW5hYmxlZCI6MSwicGx1Z2lucyI6MCwibWltZVR5cGVzIjowLCJzY3JlZW5XaWR0aCI6MTI4MCwic2NyZWVuSGVpZ2h0IjoxMDI0LCJvdXRlcldpZHRoIjoxMjgwLCJvdXRlckhlaWdodCI6MTAyNCwiY29sb3JEZXB0aCI6MjQsImRldmljZU1lbW9yeSI6MCwiaGFyZHdhcmVDb25jdXJyZW5jeSI6MTYsInN0YW5kYWxvbmUiOjAsInRpbWV6b25lIjoiVVRDIiwibGFuZ3VhZ2UiOiJlbi1VUyIsImxhbmd1YWdlcyI6WyJlbi1VUyIsImVuIl0sInBsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidG91Y2giOjAsImlmcmFtZSI6MCwiZXZhbCI6MzcsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwib3ZlcnJpZGUiOjEsImR1cmF0aW9uIjozMn0=&js=1 HTTP/1.1
Host: 985.novitrk3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlQySmRobzJhQlFIOFk2SzY2WGxOd1E9PSIsInZhbHVlIjoiTlNzb1IzeW05U1BQNk90dlRTcFloV2VVNUdKTlBqVDh2VHBESGcvN2lGMzhsQ0gxVm5yYmhXbDM3ZmVHMy9yUHFRcWZrNzNoYW9yek5yS0JrUHBjYjZ0OWJjdjRaRWtrT1RnOGtwM2pmRy80YyswdzNlbU9WS3FmRGVmRkRUc08iLCJtYWMiOiIyMDIzMzNmYjFkNmMxMWI5NmEyNjkwMTc2Y2MxZWVmY2M2MjQxNmM1YWFhOTg4ODY0Yzc5YzA4MGQwYzUyODk3IiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6IjI2R1JsYjgrUE5kaFRPTUtqNGRBcWc9PSIsInZhbHVlIjoialpVSG5CTUIyS0lWMm5KclF6TnRQVkVPejlXWGZLdmx4blVieGZNWHNrSGNCRm9rZnhQeC83RnRKTEVmb1RQcFMwSXRCc1cyU1ZVMGZtRTZoVlR0dlphTkE2eEU0dnlUTzgvRkswUEdnUC9UZzFubnhFaFNCTEtGekNnTmgrVmQiLCJtYWMiOiIwNWEzZTM1ODUzNDUzNzk1YjdhMzEzNTE1NjY1NDA1YjE1NjUxZjZjNThkOTAxNWQ5M2QwNTE2MzhlZTU5YzY4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx/1.19.10
date: Fri, 09 Sep 2022 08:32:42 GMT
content-type: text/html; charset=UTF-8
location: https://m.news-page.net/?utm_medium=98774ae3068a24906aeee5af1282751e21ca5683&utm_campaign=mainstream_np&1=3&2={subid}&cid=901601550&np=1
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IkRSUHBocXh4am01aE01eXBsMnZBYlE9PSIsInZhbHVlIjoiYmFuNVovVkVhdXlqNDFlRm9VaUVxcHdETVcxdXRxV0JlcFhWMTE4TVpkZGQ3TkJsTUR3VG1Uc0dJZk56Q251L01ETi9zZ2w0Z3gvcWlDTXJuejNEYjhzQVJsbXMxbEI1d054c1J2SzJLcVJ6S3phQ09ZejF1QzN2YnlVZWNKTWIiLCJtYWMiOiIzYjE3ZWUzZTk0ZTIxN2VjYzk0ZWU3ZjcxYmYzNTgwZTVmMDRlNTM2YjM0ZWRhNjkyNThhM2JiMGM4ZDAwODA2IiwidGFnIjoiIn0%3D; expires=Fri, 09-Sep-2022 10:32:42 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IjgwQXZ4aFpONlBvaTR5MnhHRjllblE9PSIsInZhbHVlIjoiakhKbzNIUkpRT0trV2lXSlZpZHg2Z2xuUCt5K09YaVl5a1NCQ2tPejJUWmVtbUZxSWdRYTA1d3Zwbzd5T0phYVJTV1dGVlZtcHF0ZGlYNngxdFBUaGVqckxETFhmVG85akVUU3JUalI2Yyt5TDRhZVh1akVZOVpCYlF6YU90eHEiLCJtYWMiOiJiZjQ1ZDRmYzNjNjM1MDhlY2IxNjBiZmYwNDU5NzJkZmY1MGFiYmQyNjRlN2I4ZDBmODVjZTI3YzBiMjYyZmYxIiwidGFnIjoiIn0%3D; expires=Fri, 09-Sep-2022 10:32:42 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
m.news-page.net/proc.php?193c16e51cc3904a0a66a021e46cb5a563963f06
99.198.108.195200 OK 6.7 kB URL HTTP/2 m.news-page.net/proc.php?193c16e51cc3904a0a66a021e46cb5a563963f06
IP 99.198.108.195:0
Hash 417b241a856bfd90aaa58a15ca6d5fed
f7a6cdb920304b5d8bf710257f9cf7a7c9914365
390e26ddf8a9a3c8b297aaf1a2a4e6be6949273cdf7459f6750193f959f39370
GET /proc.php?193c16e51cc3904a0a66a021e46cb5a563963f06 HTTP/1.1
Host: m.news-page.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.news-page.net/?utm_term=7141295217461690439&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84
Cookie: u=843886ca6aaedf3101eba6dbd283e1b4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 08:32:43 GMT
content-type: text/html; charset=UTF-8
location: https://www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7141295217461690439&website=20961-cc871670-4a60a617&placement=20961
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2
www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7141295217461690439&website=20961-cc871670-4a60a617&placement=20961&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b380b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b85&eyeg=6887b23286d757150e1d3a73ed0fa635&eyer=0.5775236214038858&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net
51.68.85.158302 Found 0 B URL HTTP/1.1 www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7141295217461690439&website=20961-cc871670-4a60a617&placement=20961&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b380b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b85&eyeg=6887b23286d757150e1d3a73ed0fa635&eyer=0.5775236214038858&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net
IP 51.68.85.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7141295217461690439&website=20961-cc871670-4a60a617&placement=20961&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b380b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b85&eyeg=6887b23286d757150e1d3a73ed0fa635&eyer=0.5775236214038858&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net HTTP/1.1
Host: www.tiltimagic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Fri, 09 Sep 2022 08:32:43 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7141295217461690439&website=20961-cc871670-4a60a617&placement=20961&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b380b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b85&eyeg=3&eyer=0.5775236214038858&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net
www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7141295217461690439&website=20961-cc871670-4a60a617&placement=20961&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b380b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b85&eyeg=3&eyer=0.5775236214038858&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net
51.68.85.158302 Found 0 B URL HTTP/1.1 www.tiltimagic.com/?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7141295217461690439&website=20961-cc871670-4a60a617&placement=20961&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b380b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b85&eyeg=3&eyer=0.5775236214038858&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net
IP 51.68.85.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?sl=5467515-f6d9b&data1=Track1&data2=Track2&tag=M7141295217461690439&website=20961-cc871670-4a60a617&placement=20961&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b380b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b85&eyeg=3&eyer=0.5775236214038858&eyei=0&eyew=1280&eyeh=939&eyetd=220&eyef=m.news-page.net HTTP/1.1
Host: www.tiltimagic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Fri, 09 Sep 2022 08:32:43 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-transform
Location: https://admoustache.go2affise.com/sl?id=59a83ff913943bff7e8b4571&pid=503&sub1=330009e2a1c6b913f7e99d96c90a70ff2d5810909-202209-flb*5467515-f6d9b*M7141295217461690439*sl_5467515-f6d9b*51629a1417408c1f05f066ff890cc610e869833a*20961-cc871670-4a60a617*20961
www.tiltimagic.com/favicon.ico
51.68.85.158204 No Content 0 B URL HTTP/1.1 www.tiltimagic.com/favicon.ico
IP 51.68.85.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.tiltimagic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Server: openresty
Date: Fri, 09 Sep 2022 08:32:43 GMT
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 5e348d5d34a4c337c946cf5b6bbe79ed
5e453ddf6f5d85e3cf84c6148afd424fd4d4f70e
90ad00506bd1fd9e53d2d280feba93d5bf77ae06460f8caecc99bcfda04877b9
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Sep 2022 08:32:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Sep 2022 23:30:51 GMT
Expires: Fri, 09 Sep 2022 23:30:51 GMT
ETag: "5e453ddf6f5d85e3cf84c6148afd424fd4d4f70e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
admoustache.go2affise.com/sl?id=59a83ff913943bff7e8b4571&pid=503&sub1=330009e2a1c6b913f7e99d96c90a70ff2d5810909-202209-flb*5467515-f6d9b*M7141295217461690439*sl_5467515-f6d9b*51629a1417408c1f05f066ff890cc610e869833a*20961-cc871670-4a60a617*20961
34.91.27.112302 Found 0 B URL HTTP/2 admoustache.go2affise.com/sl?id=59a83ff913943bff7e8b4571&pid=503&sub1=330009e2a1c6b913f7e99d96c90a70ff2d5810909-202209-flb*5467515-f6d9b*M7141295217461690439*sl_5467515-f6d9b*51629a1417408c1f05f066ff890cc610e869833a*20961-cc871670-4a60a617*20961
IP 34.91.27.112:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=59a83ff913943bff7e8b4571&pid=503&sub1=330009e2a1c6b913f7e99d96c90a70ff2d5810909-202209-flb*5467515-f6d9b*M7141295217461690439*sl_5467515-f6d9b*51629a1417408c1f05f066ff890cc610e869833a*20961-cc871670-4a60a617*20961 HTTP/1.1
Host: admoustache.go2affise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: afclick=631adfa02b98f0000129dd2d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 09 Sep 2022 08:32:43 GMT
content-length: 0
location: https://www.makeitprof.com/rc/86b528a829?affclick=631afa2b8dd1a90001aa834d&pubid=503
referer:
referrer-policy: no-referrer
set-cookie: afclick=631afa2b8dd1a90001aa834d; expires=Sat, 09 Sep 2023 08:32:43 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18169
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 08:32:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18169
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 08:32:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18169
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 08:32:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18169
Expires: Fri, 09 Sep 2022 13:35:33 GMT
Date: Fri, 09 Sep 2022 08:32:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:20 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 14424
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zdVUahmbPQ7sQMlg14M89JOwjN2PEM03GNLYEwxPjcaioRpyqb8isA==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:26:32 GMT
age: 36372
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f8aeb20a6543be83f3e422796c4dc70
4e4e127039dd8099c63c3bde198118d2874f7342
0f9fdd1b577e4719f88620bb451131bfb120790479b4feccb4222647fb3ea453
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7218
x-amzn-requestid: 26a5c20b-1a4a-4543-b4b9-209b3fc445ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YId3DGeUoAMF9-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319a9c6-629ade4f617f37bf5a281103;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 08:37:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RnY_ItUJ0yOpsg80f5Su6oxr5ROLvYTSjuP4g0xrpWML_Qz-uqJ59w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
etag: "4e4e127039dd8099c63c3bde198118d2874f7342"
content-type: image/jpeg
age: 38828
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 55971de2-bf63-4300-9007-1bc234962d0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRKXFGTIAMFp3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6242-23914ec672a0a898498bbed6;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:44:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: lxqcvxSdM4FBQBZTNnhCrpl02fsnInyii7Yaw7fs4STzEd2fZIuuXA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
age: 38828
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe67ce8-0dbe-46fe-b313-0e2a78618af6.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe67ce8-0dbe-46fe-b313-0e2a78618af6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b210b0740e1eb42fcbd3aba71ceb8b4
467e3fee064805e08a9e6e3c86b195f6aa68c433
d5ecaf9ae06ff984c86bee5005c534e3c65255e6faeb5c3837fa601740a2c5ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe67ce8-0dbe-46fe-b313-0e2a78618af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: aad6af35-824b-4591-8162-8473da7eb632
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRJcFDgIAMF0-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a623c-0f04a4db25ffcdda1fd66a25;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:44:28 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: _alya3Bv7CfG78-0nR5tDh7FdzDQGo_HVTLMGa8EQ1Dbge62rJXGbA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
etag: "467e3fee064805e08a9e6e3c86b195f6aa68c433"
content-type: image/jpeg
age: 38828
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba8d1b764c2d18807caecb5ee1e046c0
c0e3d10ce67f77a92b54954410e30621af7ee87c
f558c4827c2edf896588b6e3f0b4f295269e95f86143b40729a7a2a5e1adbbb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9011
x-amzn-requestid: cf861da4-5f3b-43b8-931a-5285839c6301
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgHFbOoAMFYVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-4cf2e37f5e762a557b081446;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wqcl8zkszPZhWjJ7mr_p82IRaNzU2vMV3wtipUYgRaL7Vj3ntmYYqQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:47:07 GMT
age: 38737
etag: "c0e3d10ce67f77a92b54954410e30621af7ee87c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 307adab794fbe11c2afb282aeb8daca6
429b228a0cb5c62729a0335bc92a7f2deb4c90dd
7d9d198f75bc8daf26218dbd3e751cbf197ade3c9bd36172520afcdd5794206b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D9D198F75BC8DAF26218DBD3E751CBF197ADE3C9BD36172520AFCDD5794206B"
Last-Modified: Thu, 08 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1273
Expires: Fri, 09 Sep 2022 08:53:57 GMT
Date: Fri, 09 Sep 2022 08:32:44 GMT
Connection: keep-alive
www.wazazu.com/Smartlink/Dating/Soft?w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e
194.116.150.216307 Temporary Redirect 20 B URL HTTP/2 www.wazazu.com/Smartlink/Dating/Soft?w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e
IP 194.116.150.216:0
Hash 4a4dd3598707603b3f76a2378a4504aa
a0fddd5458378c1bf3c10dd2f5c060d1347741ed
f61f27bd17de546264aa58f40f3aafaac7021e0ef69c17f6b1b4cd7664a037ec
GET /Smartlink/Dating/Soft?w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e HTTP/1.1
Host: www.wazazu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.makeitprof.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
access-control-allow-origin: *
set-cookie: w=45580; expires=Fri, 09-Sep-2022 08:32:44 GMT; Max-Age=0; SameSite=Lax
ws=8063a697_503; expires=Fri, 09-Sep-2022 08:32:44 GMT; Max-Age=0; SameSite=Lax
wt=pubf8f20e141a96480a90276ce4b78e736e; expires=Fri, 09-Sep-2022 08:32:44 GMT; Max-Age=0; SameSite=Lax
sid=%C3Z%A2p%18%F4%5E%10%DDa%17%B8%8C%A9Q%02%D0%DA%C3%E8F%7F%D6%A0%AC%85%82%C5%11%18%B9%F8; expires=Sun, 11-Sep-2022 10:32:44 GMT; Max-Age=180000; path=/; SameSite=Strict
CSRFToken=68b5f4d17a66fda969102bc862d39d0617bdd3fbcfcf9a15f2d4edd228387db2.1662712364; expires=Fri, 09-Sep-2022 09:02:44 GMT; Max-Age=1800; path=/; SameSite=Strict
location: https://track.vxctr.com/b679be98-1f4b-40a3-8a42-70b1dc3605ca?adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
content-encoding: gzip
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
content-length: 20
date: Fri, 09 Sep 2022 08:32:44 GMT
server: Webserver
X-Firefox-Spdy: h2
track.vxctr.com/b679be98-1f4b-40a3-8a42-70b1dc3605ca?adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
18.195.174.160302 Found 0 B URL HTTP/2 track.vxctr.com/b679be98-1f4b-40a3-8a42-70b1dc3605ca?adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
IP 18.195.174.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b679be98-1f4b-40a3-8a42-70b1dc3605ca?adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F HTTP/1.1
Host: track.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.makeitprof.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 09 Sep 2022 08:32:44 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
pragma: no-cache
set-cookie: b679be98-1f4b-40a3-8a42-70b1dc3605ca-v4=y2Ll9_MYglgocXJ00sDMX-ZWNpadakb7MzN5sfQGjOU; Max-Age=86400; Expires=Sat, 10-Sep-2022 08:32:44 GMT; Domain=track.vxctr.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=Tv3GXDVmTeWIJ9IRKFFheISxbC8LH7YlU4bDcvpkuZNNTu96A4YsUzyY0GJ2Tk0CnBkTKP89IYMQQQW6SJe8oo6JTopG1_2168-pD9sy1oOV5SLmmNvKkeG7gz0gDoaPHFLIWFSjUqC7uUlg-l-fN9BSnZd2ojL9teEzxA0zVtRJ3_fI9oLzuBPTvIEVStMtVV7pBLDxrdp__gaPdgElltpMVvf2XYt373i6VgylWcMfiyrzSF6QztymZxg1QKD5ujlNFQF3gm9nC5BtN3F2iJHPoj8yX2lXbIIAC038GmPQBUSKlvbTAn0NA6RntlNKrUUMw-ODsRLhh_xRhGvQ-2fGMFCUDFp1zKQlC_Bse2lMWgHLwnoik60S_qC8GeH1JxTJnGWVFeGY8HlcF_rL5A1TIWm3E4u4LvjjJHKEQdcR-S1rQ0trMdxZQTiqeRO5v787ewuUIr0skagF6_Mz93M1meI-xvShR1MbCQoAKusLFCyita6kXSrNyMP6ONAa; Max-Age=86400; Expires=Sat, 10-Sep-2022 08:32:44 GMT; Domain=track.vxctr.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ea4598b1736f84130969481b2d46a08
37366a919f8760a84e5870d46237aea079bc14fd
305ee5e49b42e26c7ffd387c8753369d1c532cee6ec43fbed931f07c2923a20f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "305EE5E49B42E26C7FFD387C8753369D1C532CEE6EC43FBED931F07C2923A20F"
Last-Modified: Thu, 08 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19125
Expires: Fri, 09 Sep 2022 13:51:29 GMT
Date: Fri, 09 Sep 2022 08:32:44 GMT
Connection: keep-alive
www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
195.160.203.18200 OK 16 kB URL HTTP/2 www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
IP 195.160.203.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (876)
Hash abdc2708aaa8cc30b777ff7f8a9ad9a6
89310965da7c406fccf45c972158245e42ba2b1d
72d7156cacb787e907d48fa36206706918175cc3ec1fd74ed3d0f684295887cf
GET /EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F HTTP/1.1
Host: www.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.makeitprof.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
set-cookie: w=45580; expires=Fri, 09-Sep-2022 08:32:44 GMT; Max-Age=0; SameSite=Lax
ws=8063a697_503; expires=Fri, 09-Sep-2022 08:32:44 GMT; Max-Age=0; SameSite=Lax
wt=pubf8f20e141a96480a90276ce4b78e736e; expires=Fri, 09-Sep-2022 08:32:44 GMT; Max-Age=0; SameSite=Lax
sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; expires=Sun, 11-Sep-2022 10:32:44 GMT; Max-Age=180000; path=/; SameSite=Strict
CSRFToken=f08aafe61c6111bc47884f05344fbb56a5f787125c260f7abb09f9e9b0d58ab7.1662712364; expires=Fri, 09-Sep-2022 09:02:44 GMT; Max-Age=1800; path=/; SameSite=Strict
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 15797
date: Fri, 09 Sep 2022 08:32:44 GMT
server: Webserver
X-Firefox-Spdy: h2
www.vxctr.com/DynBanner/PreUmfrage7/bundle.ca7750858eed0989f83d.css
195.160.203.18200 OK 100 kB URL HTTP/2 www.vxctr.com/DynBanner/PreUmfrage7/bundle.ca7750858eed0989f83d.css
IP 195.160.203.18:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fcf999f0b1ba39d0df60035923b00798
91fe84e97d54fc1c414c81beeeaf181cb3237bcb
eff40404233ac4b84def60cd85430eab65380b944642effdb466734a9799df0f
GET /DynBanner/PreUmfrage7/bundle.ca7750858eed0989f83d.css HTTP/1.1
Host: www.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
Cookie: sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; CSRFToken=f08aafe61c6111bc47884f05344fbb56a5f787125c260f7abb09f9e9b0d58ab7.1662712364
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
etag: "1174407630-br"
last-modified: Mon, 31 Jan 2022 09:20:14 GMT
content-length: 99525
cache-control: public
vary: Accept-Encoding
content-encoding: br
date: Fri, 09 Sep 2022 08:32:44 GMT
server: Webserver
X-Firefox-Spdy: h2
www.vxctr.com/DynBanner/PreUmfrage7/img/search_icon.gif
195.160.203.18200 OK 31 kB URL HTTP/2 www.vxctr.com/DynBanner/PreUmfrage7/img/search_icon.gif
IP 195.160.203.18:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 96de9ab9fabda706a3fa92c1a416de0e
ca8f2337b90bcd5f7f772c11cf2da87451216c19
0da91a11fa7e9c73d8ade4d23fb0fd208f481cadb780fb5f5d3719e12ec56b5e
GET /DynBanner/PreUmfrage7/img/search_icon.gif HTTP/1.1
Host: www.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
Cookie: sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; CSRFToken=f08aafe61c6111bc47884f05344fbb56a5f787125c260f7abb09f9e9b0d58ab7.1662712364
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
etag: "2238"
last-modified: Mon, 31 Jan 2022 09:20:14 GMT
content-length: 30740
cache-control: public
date: Fri, 09 Sep 2022 08:32:44 GMT
server: Webserver
X-Firefox-Spdy: h2
www.vxctr.com/DynBanner/PreUmfrage7/img/check.png
195.160.203.18200 OK 450 B URL HTTP/2 www.vxctr.com/DynBanner/PreUmfrage7/img/check.png
IP 195.160.203.18:0
File type PNG image data, 20 x 12, 8-bit colormap, non-interlaced\012- data
Hash 6236c50ab93e996fe641c5e5d0f34fc7
8e4960ff36414baac421cc8429afbf651bc8a139
f698ac4872d38c500078200c87fccbc05c7e30b099b35c7c9f0c4cabe7ea5aaf
GET /DynBanner/PreUmfrage7/img/check.png HTTP/1.1
Host: www.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
Cookie: sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; CSRFToken=f08aafe61c6111bc47884f05344fbb56a5f787125c260f7abb09f9e9b0d58ab7.1662712364
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "1073745424"
last-modified: Mon, 31 Jan 2022 09:20:14 GMT
content-length: 450
cache-control: public
date: Fri, 09 Sep 2022 08:32:44 GMT
server: Webserver
X-Firefox-Spdy: h2
www.vxctr.com/DynBanner/PreUmfrage7/bundle.ca7750858eed0989f83d.js
195.160.203.18200 OK 49 kB URL HTTP/2 www.vxctr.com/DynBanner/PreUmfrage7/bundle.ca7750858eed0989f83d.js
IP 195.160.203.18:0
File type Unicode text, UTF-8 text, with very long lines (35742), with NEL line terminators
Hash 8890f324edf2b67aa0b081f077d62cc0
a1433f09211a47c9d4e5956ad3bdef53c713406b
84906b4f6e9297afd1aeb990ca42a8fb24b6e87f1618a5338081b8cf777cd7a9
Analyzer Verdict Alert fortinet Phishing
GET /DynBanner/PreUmfrage7/bundle.ca7750858eed0989f83d.js HTTP/1.1
Host: www.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
Cookie: sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; CSRFToken=f08aafe61c6111bc47884f05344fbb56a5f787125c260f7abb09f9e9b0d58ab7.1662712364
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
etag: "1140853350-br"
last-modified: Mon, 31 Jan 2022 09:20:14 GMT
content-length: 48776
cache-control: public
vary: Accept-Encoding
content-encoding: br
date: Fri, 09 Sep 2022 08:32:45 GMT
server: Webserver
X-Firefox-Spdy: h2
www.vxctr.com/DynBanner/PreUmfrage7/img/18/3.gif
195.160.203.18200 OK 608 kB URL HTTP/2 www.vxctr.com/DynBanner/PreUmfrage7/img/18/3.gif
IP 195.160.203.18:0
File type GIF image data, version 89a, 480 x 320\012- data
Size 608 kB (607882 bytes)
Hash f5809079243212801893970793dd1777
f675da27d5262db54dee0d1234174927e5d4d450
7e94bdb904f398f4db71fc87f54832fdef4773b4a7564eec23e509c37e628873
GET /DynBanner/PreUmfrage7/img/18/3.gif HTTP/1.1
Host: www.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
Cookie: sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; CSRFToken=f08aafe61c6111bc47884f05344fbb56a5f787125c260f7abb09f9e9b0d58ab7.1662712364
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
etag: "2449476673"
last-modified: Wed, 02 Feb 2022 09:00:46 GMT
content-length: 607882
cache-control: public
date: Fri, 09 Sep 2022 08:32:44 GMT
server: Webserver
X-Firefox-Spdy: h2
www.vxctr.com/DynBanner/PreUmfrage7/img/18/4.gif
195.160.203.18200 OK 622 kB URL HTTP/2 www.vxctr.com/DynBanner/PreUmfrage7/img/18/4.gif
IP 195.160.203.18:0
File type GIF image data, version 89a, 480 x 320\012- data
Size 622 kB (621497 bytes)
Hash 8a6259a0fa3bb6d1df0a14957d1dd742
e06e348b28bfdc62e750b0917733c4674416f0ab
515608698a8f88fef32ccbef724afcbd223c5981f002a90543da6acda21fa2a1
GET /DynBanner/PreUmfrage7/img/18/4.gif HTTP/1.1
Host: www.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
Cookie: sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; CSRFToken=f08aafe61c6111bc47884f05344fbb56a5f787125c260f7abb09f9e9b0d58ab7.1662712364
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
etag: "3523218902"
last-modified: Wed, 02 Feb 2022 09:00:46 GMT
content-length: 621497
cache-control: public
date: Fri, 09 Sep 2022 08:32:44 GMT
server: Webserver
X-Firefox-Spdy: h2
www.vxctr.com/DynBanner/PreUmfrage7/img/18/1.gif
195.160.203.18200 OK 708 kB URL HTTP/2 www.vxctr.com/DynBanner/PreUmfrage7/img/18/1.gif
IP 195.160.203.18:0
File type GIF image data, version 89a, 480 x 320\012- data
Size 708 kB (708341 bytes)
Hash 57e6a69a8ccd6597e8778180ae0b9a2a
2481bf6177e88706d8494c00069cd36830056e99
03db7095689f1c255f99574c45555b37ae241fc4e1a36c5c3da92b5c07a3cf8d
GET /DynBanner/PreUmfrage7/img/18/1.gif HTTP/1.1
Host: www.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
Cookie: sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; CSRFToken=f08aafe61c6111bc47884f05344fbb56a5f787125c260f7abb09f9e9b0d58ab7.1662712364
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
etag: "2483031963"
last-modified: Mon, 31 Jan 2022 09:20:14 GMT
content-length: 708341
cache-control: public
date: Fri, 09 Sep 2022 08:32:44 GMT
server: Webserver
X-Firefox-Spdy: h2
www.vxctr.com/DynBanner/PreUmfrage7/img/18/5.gif
195.160.203.18200 OK 641 kB URL HTTP/2 www.vxctr.com/DynBanner/PreUmfrage7/img/18/5.gif
IP 195.160.203.18:0
File type GIF image data, version 89a, 480 x 320\012- data
Size 641 kB (641133 bytes)
Hash 15181c2f9d55030c52445bec421d9dac
83a32c4d4f242a6192b0827d0aab9208c8012241
8b845651ca26bf49c4c3289af72bc3cd1d1c195723c61496c813a46c369da8ad
GET /DynBanner/PreUmfrage7/img/18/5.gif HTTP/1.1
Host: www.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
Cookie: sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; CSRFToken=f08aafe61c6111bc47884f05344fbb56a5f787125c260f7abb09f9e9b0d58ab7.1662712364
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
etag: "301992794"
last-modified: Wed, 02 Feb 2022 09:00:46 GMT
content-length: 641133
cache-control: public
date: Fri, 09 Sep 2022 08:32:44 GMT
server: Webserver
X-Firefox-Spdy: h2
www.vxctr.com/Dyn/Webpush/Pre?w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&js=1&age=18
195.160.203.18200 OK 7.0 kB URL HTTP/2 www.vxctr.com/Dyn/Webpush/Pre?w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&js=1&age=18
IP 195.160.203.18:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (18846)
Hash fa7e580a5db8d56b2c19b19b38ef5c5b
731eab05720fefa0f6b8cfb6dc28a982f87d963d
6c6381645eb4a93353bd2cd420e178a0b1f28d0fd2b5ded0a3b006640c4c0415
GET /Dyn/Webpush/Pre?w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&js=1&age=18 HTTP/1.1
Host: www.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
Cookie: sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; CSRFToken=f08aafe61c6111bc47884f05344fbb56a5f787125c260f7abb09f9e9b0d58ab7.1662712364
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
set-cookie: w=45580; expires=Fri, 09-Sep-2022 08:32:45 GMT; Max-Age=0; SameSite=Lax
ws=8063a697_503; expires=Fri, 09-Sep-2022 08:32:45 GMT; Max-Age=0; SameSite=Lax
wt=pubf8f20e141a96480a90276ce4b78e736e; expires=Fri, 09-Sep-2022 08:32:45 GMT; Max-Age=0; SameSite=Lax
sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; expires=Sun, 11-Sep-2022 10:32:45 GMT; Max-Age=180000; path=/; SameSite=Strict
CSRFToken=f8b2882c8b274e212104c3da1a128a0c45169a7d732f13423d5f273c678b9929.1662712365; expires=Fri, 09-Sep-2022 09:02:45 GMT; Max-Age=1800; path=/; SameSite=Strict
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 6975
date: Fri, 09 Sep 2022 08:32:45 GMT
server: Webserver
X-Firefox-Spdy: h2
www.vxctr.com/DynBanner/PreUmfrage7/img/18/2.gif
195.160.203.18200 OK 814 kB URL HTTP/2 www.vxctr.com/DynBanner/PreUmfrage7/img/18/2.gif
IP 195.160.203.18:0
File type GIF image data, version 89a, 480 x 320\012- data
Size 814 kB (813720 bytes)
Hash 47efd1cc0e05306a458a44dbb749222c
1f2c515d9d0284726840d839466673e7859cc094
ac66197eef2f9519133132e3d61c7c140720fad9de3e83e13d52c0bb0a231e56
GET /DynBanner/PreUmfrage7/img/18/2.gif HTTP/1.1
Host: www.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
Cookie: sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; CSRFToken=f08aafe61c6111bc47884f05344fbb56a5f787125c260f7abb09f9e9b0d58ab7.1662712364
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
etag: "2550140122"
last-modified: Mon, 31 Jan 2022 09:20:14 GMT
content-length: 813720
cache-control: public
date: Fri, 09 Sep 2022 08:32:44 GMT
server: Webserver
X-Firefox-Spdy: h2
www.vxctr.com/CrM/Close/Smart?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F&js=1&initial=DynBanner%3A13306.11104_3944da_0cd60
195.160.203.18200 OK 18 kB URL HTTP/2 www.vxctr.com/CrM/Close/Smart?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F&js=1&initial=DynBanner%3A13306.11104_3944da_0cd60
IP 195.160.203.18:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (25220)
Hash 72b0112b4ef9cbf28689a08be3384e70
6b0e45e8aeb5a59d18635ed8c4cb90d93c103c76
65f973d8f53072e1e323c34c873bfec3447097e689e8fc1c1c16954d94a2e8db
GET /CrM/Close/Smart?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F&js=1&initial=DynBanner%3A13306.11104_3944da_0cd60 HTTP/1.1
Host: www.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
Cookie: sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; CSRFToken=f08aafe61c6111bc47884f05344fbb56a5f787125c260f7abb09f9e9b0d58ab7.1662712364
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
set-cookie: w=45580; expires=Fri, 09-Sep-2022 08:32:45 GMT; Max-Age=0; SameSite=Lax
ws=8063a697_503; expires=Fri, 09-Sep-2022 08:32:45 GMT; Max-Age=0; SameSite=Lax
wt=pubf8f20e141a96480a90276ce4b78e736e; expires=Fri, 09-Sep-2022 08:32:45 GMT; Max-Age=0; SameSite=Lax
sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; expires=Sun, 11-Sep-2022 10:32:45 GMT; Max-Age=180000; path=/; SameSite=Strict
CSRFToken=f8b2882c8b274e212104c3da1a128a0c45169a7d732f13423d5f273c678b9929.1662712365; expires=Fri, 09-Sep-2022 09:02:45 GMT; Max-Age=1800; path=/; SameSite=Strict
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 18184
date: Fri, 09 Sep 2022 08:32:45 GMT
server: Webserver
X-Firefox-Spdy: h2
www.vxctr.com/icons/ext.png
195.160.203.18200 OK 2.2 kB URL HTTP/2 www.vxctr.com/icons/ext.png
IP 195.160.203.18:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 3b58b839ade1bae5069a4eb40822322d
e326255ec2882ce0dcca92fb9b3eeb1050362076
4b06e0a2080f0c0ccd4442b336ab382bbf45de1092b28c4db7f1e2825daee07f
GET /icons/ext.png HTTP/1.1
Host: www.vxctr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vxctr.com/EXT/Pre/Umfrage/9?age=18&vkamp=b679be98-1f4b-40a3-8a42-70b1dc3605ca&cep=11TrWyKbfN5SOq5JARPmr2YP8sTGEyBbKo4kTBYNatl2L7xqiRBVwSqzVTlOihQDfBhNEYMReqOsr_TCPwoljEjr6xULgDIkZ_OQ4Qv8853o5BkRxU7fadDG3HhBMyAoxglCKQ9YAmbsgGkhOc_lEGpMQ5Y3T1jejDbNNSVCtGA2B3A_ZzAR3VojKJ6qvp-VJMIXDBR7YEo_fouf3CZDSnXrJxLS_CHUVPG9V9pNIq_zrU5Ib320GZ6ByoQ6cmZNOdgbq6Z03HrjqE_XVDEpg12VnnD5-XNidmzfZqfNa4hWlDQoKdEnQDAwK1m2Ah0eLrwFvelgYhp8Tv91egv7f2UQ-TdR0QiaIsIqyMllFHlpv9phUVavx3m6--Uvc8hE1DoC7EMY6x1WCOYbb1GxWlo_lEdy4ofW_dUNUB38dxU1twPZMS6Zm_vgE0izEwFQ_SH4Mvz4sh0q1xMidCTZ_9Oyx048yEJl3R2lqE2zmK_01lnQiMGmH7o6_toFDM6h&lptoken=16e26284712941f76453&adtv=11135.11104_84dfee_05fd3&w=45580&ws=8063a697_503&wt=pubf8f20e141a96480a90276ce4b78e736e&referer=https%3A%2F%2Fwww.makeitprof.com%2F
Cookie: sid=%87%C9%E4%C9%EE%FA%DEZ%1B%82%92%81%1C%DD%C6D%876n%C8%8F%17%96Y%91%C3%D6%E5%DCL%29%C3; CSRFToken=f8b2882c8b274e212104c3da1a128a0c45169a7d732f13423d5f273c678b9929.1662712365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "3018"
last-modified: Wed, 02 Dec 2020 15:50:34 GMT
content-length: 2169
cache-control: public
date: Fri, 09 Sep 2022 08:32:46 GMT
server: Webserver
X-Firefox-Spdy: h2
cdn.fantecio.com/dynbanner/webpush/52_webpush_7835398.jpg
194.116.150.161200 OK 122 kB URL HTTP/1.1 cdn.fantecio.com/dynbanner/webpush/52_webpush_7835398.jpg
IP 194.116.150.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6], baseline, precision 8, 360x360, components 3\012- data
Size 122 kB (122349 bytes)
Hash 3658b6d4cd520d8c8a6be92cafb00744
ffa7feca981fb1acea0121a751a9623ade595bf2
3da4030c4a3aa818a8f27c8fc31a5504e6de95cdbf51a601c0f1ba0a7383098a
GET /dynbanner/webpush/52_webpush_7835398.jpg HTTP/1.1
Host: cdn.fantecio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.vxctr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: X-Requested-With,Content-Range,If-Range,Range,Content-Type,Authorization,X-Request,Accept
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Last-Modified: Tue, 12 Jul 2022 12:34:34 GMT
P3p: CP="OTI DSP COR IVDo IVAo PSA PSD TAI DEV ADM CUR CONo OUR IND PHY ONL UNI PUR FIN COM NAV INT CNT PRE", policyref="/w3c/p3p.xml"
Date: Thu, 08 Sep 2022 13:59:37 GMT
Content-Length: 122349
Content-Type: image/jpeg
Accept-Ranges: bytes
Connection: keep-alive
m.news-page.net/?utm_term=7141295217461690439&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84
99.198.108.195200 OK 0 B URL HTTP/2 m.news-page.net/?utm_term=7141295217461690439&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84
IP 99.198.108.195:0
GET /?utm_term=7141295217461690439&ver=4viyaptcjo&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8f8ebdb2c6b0c4b6b78587b2bb88b0bdb68cbd82b280b3b6b6bcb4aaaba9a9aeafacada293a1919697f8f4848f9b8a8f9f89c09291898c87959de5cbfbf8cbcaffcec9f2f3f085848291f5cafac8f8fcf7fccdf3f3f2f5c6c7c4c5dae8edebe8ebebebebebe6e2e0efece61b84 HTTP/1.1
Host: m.news-page.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.news-page.net/?utm_medium=98774ae3068a24906aeee5af1282751e21ca5683&utm_campaign=mainstream_np&1=3&2={subid}&cid=901601550&np=1
Cookie: u=843886ca6aaedf3101eba6dbd283e1b4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 08:32:42 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
X-Firefox-Spdy: h2
985.novitrk3.com/smartlink-css/631afa2962594023033c92e6
188.240.52.20200 OK 0 B URL HTTP/2 985.novitrk3.com/smartlink-css/631afa2962594023033c92e6
IP 188.240.52.20:0
GET /smartlink-css/631afa2962594023033c92e6 HTTP/1.1
Host: 985.novitrk3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://985.novitrk3.com/smartlink?user_id=3&&creative_id=276030&extra_id=double_click&traffic_source=
Cookie: XSRF-TOKEN=eyJpdiI6ImhneHpnVlZqWngyc05NMWh3ZHJrQ1E9PSIsInZhbHVlIjoiblYyUXhOY0Z6cUtCU0czdHNQU2ZkbS9XeDkzc2tLL2kwSTVvSnlBZnFqMmRWN1M4OXY4SFkrNjZyVVdLWlM3TzFZQ0o1R3JhanY3WkR3R3U3OENCVTkxZEpzR0h5UVEzdllzeTlBRWo0WExOZFJNTUdzUzkrL0VlMzlDNW9YYWIiLCJtYWMiOiI1YzJhYzcwYzU4YzRhZGNkNmViZGQ2ZDllMjYwN2YwMjU4ZWYyMWI0ZTAyNjA5NDk0NjA2MTA4MDczYTMyYmNlIiwidGFnIjoiIn0%3D; novidash_session=eyJpdiI6InBZOGN3NnZseHRINzFmTXFncG05YWc9PSIsInZhbHVlIjoiaGxFcHJuN2RBMDhEMER0MzY2dGMxenhlbUFQOHJjM0xWVDVnU0hXbFFabTZsZUsxUkY2blhMWUFYQnlsZjltWEMyUGlKTUFCSHR2QUhlTkRVYzJYakNsVUZHQ0VQVlpPaDQzcEJMWksxM21CQ1BIbTRzMnpGbHJQMXh4Q29td1giLCJtYWMiOiI4N2Q5NzQ4NTEwMjY4NzJmZTNkZGNiOTkxMDRmNjA0MGU3YzIzZDUyN2ZhYjcyNjE3NjllNDc5Y2JjYTllNWRkIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.10
date: Fri, 09 Sep 2022 08:32:42 GMT
content-type: text/css; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IlQySmRobzJhQlFIOFk2SzY2WGxOd1E9PSIsInZhbHVlIjoiTlNzb1IzeW05U1BQNk90dlRTcFloV2VVNUdKTlBqVDh2VHBESGcvN2lGMzhsQ0gxVm5yYmhXbDM3ZmVHMy9yUHFRcWZrNzNoYW9yek5yS0JrUHBjYjZ0OWJjdjRaRWtrT1RnOGtwM2pmRy80YyswdzNlbU9WS3FmRGVmRkRUc08iLCJtYWMiOiIyMDIzMzNmYjFkNmMxMWI5NmEyNjkwMTc2Y2MxZWVmY2M2MjQxNmM1YWFhOTg4ODY0Yzc5YzA4MGQwYzUyODk3IiwidGFnIjoiIn0%3D; expires=Fri, 09-Sep-2022 10:32:42 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IjI2R1JsYjgrUE5kaFRPTUtqNGRBcWc9PSIsInZhbHVlIjoialpVSG5CTUIyS0lWMm5KclF6TnRQVkVPejlXWGZLdmx4blVieGZNWHNrSGNCRm9rZnhQeC83RnRKTEVmb1RQcFMwSXRCc1cyU1ZVMGZtRTZoVlR0dlphTkE2eEU0dnlUTzgvRkswUEdnUC9UZzFubnhFaFNCTEtGekNnTmgrVmQiLCJtYWMiOiIwNWEzZTM1ODUzNDUzNzk1YjdhMzEzNTE1NjY1NDA1YjE1NjUxZjZjNThkOTAxNWQ5M2QwNTE2MzhlZTU5YzY4IiwidGFnIjoiIn0%3D; expires=Fri, 09-Sep-2022 10:32:42 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.makeitprof.com/rc/86b528a829?affclick=631afa2b8dd1a90001aa834d&pubid=503
172.67.139.28200 OK 0 B URL HTTP/2 www.makeitprof.com/rc/86b528a829?affclick=631afa2b8dd1a90001aa834d&pubid=503
IP 172.67.139.28:0
GET /rc/86b528a829?affclick=631afa2b8dd1a90001aa834d&pubid=503 HTTP/1.1
Host: www.makeitprof.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 08:32:44 GMT
content-type: text/html; charset=utf-8
set-cookie: AWSALB=53kUnRRW6j1u0wowgG7SkQbjZqqkY+kjSg/Tk8k0EKdqfTjpipLwKmkbU/pvumHobrbutJdS0v0pu/7tvCfPUzUkzruVx3NsnmGU0zPrfTiFDS+vyY6UEZpT3RtF; Expires=Fri, 16 Sep 2022 08:32:44 GMT; Path=/
AWSALBCORS=53kUnRRW6j1u0wowgG7SkQbjZqqkY+kjSg/Tk8k0EKdqfTjpipLwKmkbU/pvumHobrbutJdS0v0pu/7tvCfPUzUkzruVx3NsnmGU0zPrfTiFDS+vyY6UEZpT3RtF; Expires=Fri, 16 Sep 2022 08:32:44 GMT; Path=/; SameSite=None
vary: Accept-Encoding, Accept-Language, Cookie
content-language: en
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PxL578jCgZnd%2FBbcqvWSRMvRgmly1Ycc6RMj3gWGR6RV7ltuF8UPuKudzF6%2F%2FhMURHpxucGheCX96xuXYfsuswIKVN0MvPhRvjmIy6Zei%2FuZfJUpzA36Bj9llZ%2B8QIStEO2INE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 747e93332eadb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.addlnk.com/redirect.css
172.67.191.221200 OK 0 B URL HTTP/2 cdn.addlnk.com/redirect.css
IP 172.67.191.221:0
GET /redirect.css HTTP/1.1
Host: cdn.addlnk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.makeitprof.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 08:32:44 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1680
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
x-amz-id-2: BUW6rlWHZvzQnvJHp4gBkVRIGc8DfdhWdOpgruWqMqu7ownlHIapox/IYSueiBqz+QseNtzP+2A=
x-amz-request-id: KYXF7EGSHW20KRRM
cf-cache-status: HIT
age: 461
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUyIw%2BE8w6p26fec2t9lOc7qk4DY4Hlq4s6bILXC%2Fuzu124ueWdszrMyIILjg2GpB%2F9sRC%2Fg5xX7lcypk5SO7x9evJ%2Bi4MLof9McS1Vko%2B5IzZfFuuJw1zrR7DEkNr9i3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 747e93345f3db500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2