Overview

URLt.anmdr.link/133505/3458/0/?aff_sub4=_bucket&aff_sub=22120823_01_251612_20136261a8829&aff_sub2=43404&aff_sub3=wo871lkmhidsvm1lic4ddtd4&source=102d8571688cbcd16f18bdab25c790&aff_sub5=_
IP 54.230.111.123 (United States)
ASN#16509 AMAZON-02
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-08 22:10:40 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (16)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
fonts.gstatic.com (2) 0 2014-04-02 10:51:04 UTC 2022-12-08 17:14:55 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-12-08 15:50:00 UTC 34.120.237.76
cdn-dimi.akamaized.net (29) 0 2022-07-07 13:18:25 UTC 2022-12-08 13:28:46 UTC 95.101.11.40 Domain (akamaized.net) ranked at: 280
fonts.googleapis.com (2) 8877 2012-05-23 12:41:44 UTC 2022-12-08 17:12:12 UTC 142.250.74.106
r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-12-08 17:12:06 UTC 95.101.11.115
t.anmdr.link (2) 0 2022-07-12 11:23:25 UTC 2022-11-25 21:09:30 UTC 54.230.111.38 Unknown ranking
r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-12-08 17:12:06 UTC 23.36.76.226
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-08 17:21:04 UTC 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-08 17:14:01 UTC 34.117.237.239
t.anmdr.link (2) 0 2022-07-12 11:23:25 UTC 2022-11-25 21:09:30 UTC 54.230.111.123 Unknown ranking
ocsp.sca1b.amazontrust.com (1) 1015 2016-02-14 02:37:56 UTC 2019-03-27 04:05:54 UTC 143.204.42.88
ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-12-08 17:12:01 UTC 142.250.74.131
jwbvdz.exceilentdate.com (2) 0 2022-11-02 12:20:38 UTC 2022-12-07 17:30:24 UTC 63.32.216.166 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-08 17:12:32 UTC 35.241.9.150
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-12-08 17:15:52 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-08 17:20:00 UTC 52.39.62.124

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-08 2 jwbvdz.exceilentdate.com/ortb Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 54.230.111.123
Date UQ / IDS / BL URL IP
2023-01-31 09:23:11 +0000 0 - 0 - 1 www.your-prize.click/push/gc/win.html 54.230.111.123
2023-01-29 20:39:48 +0000 0 - 2 - 0 ingresoplexi.icfes.gov.co/kiosko/content/plex (...) 54.230.111.123
2023-01-28 10:05:45 +0000 0 - 2 - 0 cdn2-marcas-cnts-asts1-1.belcorp.biz/mx/wp-co (...) 54.230.111.123
2023-01-28 03:45:04 +0000 0 - 0 - 15 dw.lp.eu.mobilehub4u.com/lp/hr/mobilehub4u/CD (...) 54.230.111.123
2023-01-27 15:17:56 +0000 0 - 0 - 0 t-trg.email.adobe.com/r/?id=hcc2e8b51,8f037a3 (...) 54.230.111.123


Last 5 reports on ASN: AMAZON-02
Date UQ / IDS / BL URL IP
2023-01-31 10:25:24 +0000 0 - 0 - 2 hn3fl.bemobtrk.com/go/87f594cc-8b95-4379-bcc4 (...) 3.70.16.242
2023-01-31 10:19:20 +0000 0 - 9 - 0 poptropicaslutz.ffm.to/sierraechoxray 54.149.145.153
2023-01-31 10:17:31 +0000 0 - 1 - 2 worldnaturenet.xyz/91a2556838a7c33eac284eea30 (...) 199.59.243.222
2023-01-31 10:11:41 +0000 0 - 0 - 1 iglesiabbc.com/docusign/Docusign.documents/Do (...) 18.119.154.66
2023-01-31 10:09:22 +0000 0 - 1 - 2 eslffcu.us/ 15.197.130.221


Last 5 reports on domain: anmdr.link
Date UQ / IDS / BL URL IP
2022-12-11 14:20:03 +0000 0 - 0 - 3 t.anmdr.link/75077/8047/27898/?aff_sub4=_buck (...) 18.67.17.126
2022-12-11 12:58:49 +0000 0 - 0 - 2 t.anmdr.link/44542/8140/27889/?aff_sub4=_buck (...) 54.230.111.38
2022-12-11 01:37:22 +0000 0 - 0 - 3 t.anmdr.link/75077/8047/27898/?aff_sub4=_buck (...) 54.230.111.117
2022-12-10 16:36:56 +0000 0 - 0 - 1 t.anmdr.link/75077/8420/30493/?aff_sub4=_buck (...) 54.230.111.117
2022-12-10 15:59:17 +0000 0 - 0 - 3 t.anmdr.link/75077/8047/27898/?aff_sub4=_buck (...) 54.230.111.50


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-09 21:52:02 +0000 0 - 0 - 1 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52 (...) 18.192.108.151
2022-12-27 07:20:00 +0000 0 - 0 - 1 jwbvdz.exceilentdate.com/?utm_source=1e3a4e53 (...) 63.32.216.166
2022-12-26 14:18:37 +0000 0 - 0 - 1 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52 (...) 18.192.108.151
2022-12-26 12:57:14 +0000 0 - 0 - 1 www.intimatemilfs.com/index.php?ainfo=NTgwOTZ (...) 35.203.113.247
2022-12-24 00:46:20 +0000 0 - 0 - 1 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629 (...) 18.192.108.151

JavaScript

Executed Scripts (14)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (64)


Request Response
                                        
                                            GET /133505/3458/0/?aff_sub4=_bucket&aff_sub=22120823_01_251612_20136261a8829&aff_sub2=43404&aff_sub3=wo871lkmhidsvm1lic4ddtd4&source=102d8571688cbcd16f18bdab25c790&aff_sub5=_ HTTP/1.1 
Host: t.anmdr.link
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         54.230.111.38
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Thu, 08 Dec 2022 22:10:29 GMT
Content-Length: 167
Connection: keep-alive
Location: https://t.anmdr.link/133505/3458/0/?aff_sub4=_bucket&aff_sub=22120823_01_251612_20136261a8829&aff_sub2=43404&aff_sub3=wo871lkmhidsvm1lic4ddtd4&source=102d8571688cbcd16f18bdab25c790&aff_sub5=_
X-Cache: Redirect from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nB7Jn_hvkR_TMoSk2tEpnZt9_iHE9Z6fP7aTofEgFpKss4zZ-30Nag==


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13666
Expires: Fri, 09 Dec 2022 01:58:15 GMT
Date: Thu, 08 Dec 2022 22:10:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11675
Expires: Fri, 09 Dec 2022 01:25:04 GMT
Date: Thu, 08 Dec 2022 22:10:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F542579E3A3577A646BABDE862282C2AFDA6ED784360A915143216100F7A3D91"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5821
Expires: Thu, 08 Dec 2022 23:47:30 GMT
Date: Thu, 08 Dec 2022 22:10:29 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 22:08:14 GMT
age: 135
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    bf0c602d32b3c14606f22a86183b5e3c
Sha1:   6eabd8d83475eba731968abe1a05a8bfd272f160
Sha256: 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: LspuYVlAIsfv3/06hoKXoIuxGXksEqpn92zKu7sXCi6qBz1LPq/f8nVlzjZsQqz+HOGeOi5ffcc=
x-amz-request-id: CD9VWRA3V6YCXFS9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 21:49:58 GMT
age: 1231
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 08 Dec 2022 22:10:29 GMT
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162308
Date: Thu, 08 Dec 2022 22:10:29 GMT
Etag: "6392371b-1d7"
Expires: Sat, 10 Dec 2022 19:15:37 GMT
Last-Modified: Thu, 08 Dec 2022 19:12:27 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ppAmWNm4WfcUmtvf6uRx-DvKNeullQIXhun1J5DuvTzZ11Z5FXGThg==
Age: 190

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 22:07:55 GMT
age: 155
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /133505/3458/0/?aff_sub4=_bucket&aff_sub=22120823_01_251612_20136261a8829&aff_sub2=43404&aff_sub3=wo871lkmhidsvm1lic4ddtd4&source=102d8571688cbcd16f18bdab25c790&aff_sub5=_ HTTP/1.1 
Host: t.anmdr.link
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         54.230.111.123
HTTP/2 303 See Other
content-type: text/html; charset=utf-8
                                        
content-length: 442
location: https://jwbvdz.exceilentdate.com?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=133505&s5=43404_&click_id=1021ecbb47dd957c646297833ae0e4&j1=1&j5=1&j8=1&j9=1
server: nginx/1.19.0
date: Thu, 08 Dec 2022 22:10:30 GMT
set-cookie: enc_aff_session_3458=ENC0368e10ff1b058e9071353fcf7d96d9e363023942894e6e6457cd56c9eaad93642710bd9e5277c54e63aaa536d8708c5887df44878c170043a86034dd3a83a8b0287e80084fc3737286400779453a3905d29f2396e7fc2a4f1d666dd4cc7e50d3b732f3b369d81ac1081ba185d0e047456128dea8a22785915e5b8a110db813b50a8411cdfb1779bc2afe67780b72b7bc9989bb54f4279daa0956392edd7c3476bd4ffe3b45c1c1ee552cef7a5e7f06441a48e8a131e9aff33b40f730ed2ec45e484a7696aff2f000e22faaa5144fd58d0994aa442e62b29c97c96b8079a4484982e2cc4d9; Path=/; Expires=Sat, 07 Dec 2024 22:10:30 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Sun, 02 Nov 2025 08:50:30 GMT; Secure
tracking_id: 1021ecbb47dd957c646297833ae0e4
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IN6xfaRTQXEQavAtjgqojdyx4JjaoQD1HPUkEWjPN6g6h7U_x7c_2Q==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (442), with no line terminators
Size:   442
Md5:    3cf127f5b5a36003f64c60859eed59aa
Sha1:   6c9911b0846d819cac46ca54f723393b83ff4cb3
Sha256: 52bfd2816ab0b7ff23df73d05b5fadf3df5e8636f9987c3ae663e3034cc2c5e6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2883
Cache-Control: max-age=128665
Date: Thu, 08 Dec 2022 22:10:30 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 09:54:55 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0XKaippkSelBgh/FzllHHw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.39.62.124
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g9y5vIZ6V6BgHgIBD9/hvcf5Mow=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "33A518E56456023BBA43BA3A57385ACC596FABF28C034BAB821FECC94B626E05"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7935
Expires: Fri, 09 Dec 2022 00:22:45 GMT
Date: Thu, 08 Dec 2022 22:10:30 GMT
Connection: keep-alive

                                        
                                            GET /landings/277392/1669911562/css/reviews.css?1669911562 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: 6mQ4BppGehPDvlY3aZGcLk09imfK3oBWgHLUQmW6ArmwUOkiXQutmSTZH0QDzAcAi8GXWvEj8dU=
x-amz-request-id: 0WE8X99QTY2E2EYM
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "b8b7d60d5363b89bbd495616c2d5c3f3"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 22:10:31 GMT
Content-Length: 898
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   898
Md5:    dcb5556e99130ae1ca9dd0c88a908233
Sha1:   034594c377a950592aff5920bd890b1d7e9b77bb
Sha256: e308183ac502f64274cb9bc068915e6701ba89f10550d7482bcae32fe961d701
                                        
                                            GET /landings/277392/1669911562/css/popup.css?1669911562 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: d+zhsAaILqma79IJN9B9cPD1xTZWVSAW5eHr5FTq/eLnge2D7FU/Y265g//t+hCjwDJ5ht4N5R8=
x-amz-request-id: 6X6B3K3S78YZGZRZ
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "b47a3a5faf928711066b6f0deb015420"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 22:10:31 GMT
Content-Length: 619
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   619
Md5:    f140ccb2b3ee4baac59fd038f029a31b
Sha1:   ffff86bf4e2538fd63e07a91a3d769c7fb5150d9
Sha256: 389f3d6adf5fc48317bdf0d85eaa23dd2a18578736609da35190baba464c0298
                                        
                                            GET /landings/277392/1669911562/css/main.css?1669911562 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: yVfNzihmr2Uf9egiuIKVOvQrtLi/bu6iXu7fd98BSD8jsJQ1m5Jh3UF+lkE38ERPuWHls7Gt/mQ=
x-amz-request-id: 6X6566RFPJS34NXB
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "367c2f8f5022188248358ef69e97c014"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 22:10:31 GMT
Content-Length: 1713
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   1713
Md5:    6b4ce5aca03472e8adac26ab544aeeea
Sha1:   7462e1d9f4cfbd2d11236dc7674df4a9ea5d8509
Sha256: e88b031341a4dff0770e87f68331ab95071618a7ff320f758ae6ff50907e4466
                                        
                                            GET /landings/277392/1669911562/js/script.js?1669911562 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: qUXmane8as/zedBYgOxk9FxGBo0aPbawBPweakxCunLFA+jC/72bfCA3fEPeXBjDPrXcOBIKuas=
x-amz-request-id: 6X6E9P9R9HTGFXX4
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "9a75d29efe08c33843a4d62f7b35836d"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 356
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   356
Md5:    9a75d29efe08c33843a4d62f7b35836d
Sha1:   8ab307814e322817cb5ec88b2bb77669b9c81d8f
Sha256: 0088bc7ee3ef7e624cf35a3e9b7eee6716837951fe03e5a2940e19a0f984d771
                                        
                                            GET /landings/277392/1669911562/js/title_tanslate.js?1669911562 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: N2lfKGpVF+kSjAxDE/G59Bsm7M+FoV8KTXjNLC9+ZmtsAjdh4YRtqhxc3B0i0W5zELvtVIPP6Tc=
x-amz-request-id: 6X6CMJ5TKKV39AD3
Last-Modified: Thu, 01 Dec 2022 16:19:26 GMT
ETag: "5f373fa5bf21c44b9ad23b70ef96e73d"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 22:10:31 GMT
Content-Length: 1298
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   1298
Md5:    0e212ad4454c941c45c2e57df42c2b4f
Sha1:   fe9d7c484c2c0d7a6475692ef984c53a06c95406
Sha256: e950a9e5e696f39d02028b27a4cd82fab1b6fd07fa34a238d3a3f7f5e90d95c3
                                        
                                            GET /landings/277392/1669911562/js/trls.js?1669911562 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: rnTlQUsWwXNdSIxLFclvlhBv2OReSqwTDk8bZXPmEbDdPUUdKQTRMxRUr7esb9Y0yV76GwqZTHY=
x-amz-request-id: 6X65ZAX79K0RMP50
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "08398cde9d04669865ac1a40cf30840b"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 22:10:31 GMT
Content-Length: 10725
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   10725
Md5:    2cc16ee545886ac217511e44f8fcfd1f
Sha1:   3def6fb1d0341a47188343ad9b72a43a1108dded
Sha256: 883c2c7df327c87c4f8f677bc9113fb87e4b509dce6b71db8b67124a9aa5ce82
                                        
                                            GET /landings/277392/1669911562/js/translates-review.js?1669911562 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: Q6Ws5ZhRu3BlQgN7PegHxEjUn15gI6IB+cr+H4ei+irX+o6bqKpOQ3QRGbYYqX7fcbcS31yMkDw=
x-amz-request-id: 6X67QSMPM4HBGVNH
Last-Modified: Thu, 01 Dec 2022 16:19:26 GMT
ETag: "8547abc3c71e4428fb56d97051398655"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 22:10:31 GMT
Content-Length: 16488
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   16488
Md5:    d38197a30177a097f5e1f79a2c812fba
Sha1:   38c96e285cd76fdc44c47a750780fcad35ac3810
Sha256: 7b0abe613122bd58d935ddf4922483de4e1d8bd0999cbc2f8bcb8d47fde41701
                                        
                                            GET /landings/277392/1669911562/js/jquery-2.2.4.min.js?1669911562 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: UYN2pXcKbo/O/B4D0LGb1nRVLBvd8KBsKKUHgh9E/o3uO1N1eLr5eJbiM6T+Rk7NSbYmVvr3P4U=
x-amz-request-id: 6X65HJP8N9HX8XY4
Last-Modified: Thu, 01 Dec 2022 16:19:26 GMT
ETag: "61a04f254179208c931ebf40f4cfddf5"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 08 Dec 2022 22:10:31 GMT
Content-Length: 36023
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (530), with CRLF line terminators
Size:   36023
Md5:    378507f30ab981ba7c512e07d134caaf
Sha1:   dd17d6f540df83bab63921deda1b9462a5047c00
Sha256: 97d25af867afe95682e66a2d01f9c5e2f085df402403671e6ba885f49a1e03be
                                        
                                            GET /landings/277392/1669911562/images/shield.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: oNgvcsrLMFc6qrFTvmpjfGchapYe2pm5WpeKXbTYmd2t71EvuIg/HBQ5LK5q+BFIixMe+siuCq8=
x-amz-request-id: J69MJT6NT790J8Y2
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "0c7a0dfd64cf020cd8a6dc0c3df1dbdf"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1539
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (310)
Size:   1539
Md5:    0c7a0dfd64cf020cd8a6dc0c3df1dbdf
Sha1:   f705635388aebebae1223d828c38233067f28ab1
Sha256: 856fdb53067254df9495660a355e5ed91936803b567867f1053ce5fb97107888
                                        
                                            GET /landings/277392/1669911562/images/1-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: C0BudRG8Lud7J3dgPkNjWW0EAVTR+MrD9Ak+8y01yvZ/2MFjQQ+Xy049Up88c2+EUyeQCDwy7rk=
x-amz-request-id: J69PNHW5F4JPFZSS
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "6e6d0b84c81d847e24671a711115a781"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4292
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size:   4292
Md5:    6e6d0b84c81d847e24671a711115a781
Sha1:   20dc2d359e437dc10ceefea4d3c7b5189c2e58d0
Sha256: 515974c9245ead07b3332ca22fa1581622118c75955941452140a602646aa553
                                        
                                            GET /landings/277392/1669911562/images/unlock.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: XZ946l8iXRFi96LCRQ9oBG6/QM5QavYbdndGVdESX/tFNSabnRUuWDu+2gDuTfIi0SnXd6y+X34=
x-amz-request-id: J69T0ZDGAXN9D088
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "a732e1e06affb4575c050fdb0131e5ca"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2378
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (944)
Size:   2378
Md5:    a732e1e06affb4575c050fdb0131e5ca
Sha1:   da4f4f204a4d22c7424274a91520e0ea993c48c7
Sha256: e17f481e5fe197e600ffe6cf53a94a4e49a73b6b817ff560cd92c3dd501d603f
                                        
                                            GET /landings/277392/1669911562/images/icon-city.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: qOeGLQ68uoaB/TqB/CIxnMIq7FO7LPjYgFYN8qbTFWmB27KwmEul3kDJCgDdLrnP8D6WyQTDIeI=
x-amz-request-id: J69G3E788E874BKY
Last-Modified: Thu, 01 Dec 2022 16:19:24 GMT
ETag: "5f5ead641bc30316f498592eec2016a1"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 839
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (735)
Size:   839
Md5:    5f5ead641bc30316f498592eec2016a1
Sha1:   3195aa33596ba190a6584ccb75124dd9d9c13261
Sha256: f028477ede528af987acd2bea73c8e462ea4cd6cf1137aae5085c85a82d93409
                                        
                                            GET /landings/277392/1669911562/images/4-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: Rfc++k8L0ltvDFau01Dn1JbHyaQuCIVuBTjK/YDmX0DQNoMnleyRcBFfLDN0hZPkABwcAVaeNec=
x-amz-request-id: J69SZX3DEV821DPV
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "cb3aff7c886e4f72a98172b873b5e62d"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2586
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size:   2586
Md5:    cb3aff7c886e4f72a98172b873b5e62d
Sha1:   33de244dcb4db4abe54b6508ae8d1546eb279aa5
Sha256: d22825c9a1ff2c18506f0c2c3abaf3bb77f8352ba7bd410d50d35f20adbab08e
                                        
                                            GET /landings/277392/1669911562/images/2-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: 1RyjnDxyoTDHa7GvRnRFAl+Xp1h8CI6mAqJe2DGmprnLdJFtUM8VcQJGC2D/axHTqCuvs+hOyKQ=
x-amz-request-id: J69WHDQ5B0ZRYYBD
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "66b6dc51bd19c799dcadf1dbeb628d9c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2009
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size:   2009
Md5:    66b6dc51bd19c799dcadf1dbeb628d9c
Sha1:   ff7fe6049e944186764bfc5041d624ec11f8d362
Sha256: d3c1502509ae60909fe60c46cc58c41c1a9fe53ee7aeffb92d37a074ba8550f0
                                        
                                            GET /landings/277392/1669911562/images/password.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: hD9MsS/3j/rXCrSjS2FyPpvEpX9gbdTze1cA69ATBH66ZhVy7tI4OHIfU0GBWwFFEcUm4EtZxVU=
x-amz-request-id: J69KSTNWCJ6ATNPP
Last-Modified: Thu, 01 Dec 2022 16:19:24 GMT
ETag: "f42aef7f97d4c9bdb074673081f38ac7"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1339
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (330)
Size:   1339
Md5:    f42aef7f97d4c9bdb074673081f38ac7
Sha1:   0231df782e371d139c826e091279acd9a07e691c
Sha256: 5fca7f589cd825e1f152e0a1677d6cbd0a3ee3ecde05905d572af87e8b453eac
                                        
                                            GET /landings/277392/1669911562/images/3-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: nVmV3Rq0hPw8ngha55IbpCrnz33GzEErKZHQyTNsVWzbm9OM/nu4NyLF2D9ThnJHR0EA8s1a9Aw=
x-amz-request-id: J69HWD2S7E2WCMF8
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "1dc512dcb0850f22cfa72c789578085c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 3946
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 80x80, components 3\012- data
Size:   3946
Md5:    1dc512dcb0850f22cfa72c789578085c
Sha1:   933e9c5648e782c9f9a1504d2248f0acb4b9950b
Sha256: 7a27ad3bbf259cc02f80f496c19e6033d958362c1b5075c1957bb502f2666d00
                                        
                                            GET /landings/277392/1669911562/images/7-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: fvVoOHjqN+UIZIZpMxIiYiblcWpEoQOJB25FrI4Sj6LSQm5PqXx8kIR9SE78cAg8c+8sI03D4EA=
x-amz-request-id: J69ZWQ54X57WRRKD
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "8155d8ecc7dc2d9b29cf99ab85c3d2a8"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2282
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size:   2282
Md5:    8155d8ecc7dc2d9b29cf99ab85c3d2a8
Sha1:   ba784563c7787760b318af24ea274ad6df2c5b89
Sha256: 7e368b2c331e65b43d9e6977dde473b4ee4ed25f0253e0d086ca676438b97d27
                                        
                                            GET /landings/277392/1669911562/images/5-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: drlY+tgd+E59WIMOIGjohFon9yvMco2gLIchn1SCi/jeGztSeE/ytVDn19Wr21zQ1hOEhSzZh+s=
x-amz-request-id: 2BC8TYAGW0103HX4
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "27109a247208262e6293950ca8f5450d"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2879
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size:   2879
Md5:    27109a247208262e6293950ca8f5450d
Sha1:   cea89616d15ad45a0f2b04082dff608abd96b800
Sha256: 86755df878f9f09c1b06deb1ac049db77b1931d3b0f650548fac960b3fedaa96
                                        
                                            GET /landings/277392/1669911562/images/filter.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: OthqNb8lTDsqbfiusie+VHtpAJ8QHcBhbpH0TRqAg5/BZYU++VqhOXl33nRSIVoBIbNrSvh5VuE=
x-amz-request-id: FYVBD85XVHDHVGX2
Last-Modified: Thu, 01 Dec 2022 16:19:24 GMT
ETag: "4d51ab70b5dfb7e1262bc7b07d0cfdc6"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2287
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 38 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size:   2287
Md5:    4d51ab70b5dfb7e1262bc7b07d0cfdc6
Sha1:   4e7be71c5ce43cc934262788d47edc297fcf4b6b
Sha256: 8b9dd6e23d69ea8f9493b3a21aed910d22744dae467c8ea5f41805c35788adfc
                                        
                                            GET /landings/277392/1669911562/images/btn.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: mV/DJgQQ8svvkzBlmb0jNkIUxt9FXdZ2dpNH3QOlCn6/7h20A0n1lMrSKikai4G9M4ylec3Jba0=
x-amz-request-id: J69SD8ZTWZ9WDN78
Last-Modified: Thu, 01 Dec 2022 16:19:24 GMT
ETag: "9ec971aedb388ea8b434df05fb1de307"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 3302
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 55 x 55, 8-bit/color RGBA, non-interlaced\012- data
Size:   3302
Md5:    9ec971aedb388ea8b434df05fb1de307
Sha1:   f894a11c1bb5e643bb21e906c8e405dbb6976afa
Sha256: 01988f1941b629e70fa08dd562ab01226ae1c3e33fce0dcf7fd490073152be2d
                                        
                                            GET /landings/277392/1669911562/images/8-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: hLfvbgZCvSVUebfSzs/vXeQVqTDwowivXd6K/gHuNOX3QQF7JrsJIcgTgdeoZcdJGHnY7dJDxmk=
x-amz-request-id: J69PMEJ9MHKM6EJR
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "41bbda91cef3f22db1d45d66f7ca0961"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2458
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size:   2458
Md5:    41bbda91cef3f22db1d45d66f7ca0961
Sha1:   e2f8f56674e0180063a4f8287931dc0b273baf8e
Sha256: d0f8fe31f17be4afd352a60628de61eef59ee08ac0ecddac9cfe4e4a504f4f0e
                                        
                                            GET /landings/277392/1669911562/images/preview.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: ztM/+lE7rMkSYSNSL3QtLL2k1yXicKOzhIKnKM6qJpivbdOn81TBEfgKhIZXq8Qv/CcC2dG/gO8=
x-amz-request-id: FYVFZ7AWPBNWFENY
Last-Modified: Thu, 01 Dec 2022 16:19:24 GMT
ETag: "a04e546bb075c2adba6559501db4e8d9"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 149522
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=862, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=593], progressive, precision 8, 593x593, components 3\012- data
Size:   149522
Md5:    a04e546bb075c2adba6559501db4e8d9
Sha1:   fcc89d946f43be0505427f486e285dda5bedf24f
Sha256: 680b57e32b4b3dbba13d5be961805fbc627d902c40a0821c26ea6454c4b2792a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 22:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 22:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/277392/1669911562/images/blocked-icon.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: TNkNaVI5v6sEwcjO/5+cO7pOSsQHTH0xzjnKNP7FEyTpe4knEO9r2f853Bdn2SQmjoqqPUIykjo=
x-amz-request-id: J69JJN04F89SCT9N
Last-Modified: Thu, 01 Dec 2022 16:19:24 GMT
ETag: "87487ad255dde0624f59abb85602defc"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 502
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 23 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   502
Md5:    87487ad255dde0624f59abb85602defc
Sha1:   caafad17df41875bed690353ead6cc495a9bf8c2
Sha256: f7a4b3fb74b9e06f243f23ede51a801a0aa3fa2c0040bc44a49a97444780923d
                                        
                                            GET /landings/277392/1669911562/images/camera.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: /8KKCBEMaVS78JoOficQEMGZKSFy7HQlPzW1JCEPqf8m7MDMy1M4oaxNDEboostoAT3aV7ywJ5o=
x-amz-request-id: J69MGMF8VGZM8QRT
Last-Modified: Thu, 01 Dec 2022 16:19:24 GMT
ETag: "2241535df47e4118224448152eb91b83"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15843
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 29 x 22, 8-bit/color RGBA, non-interlaced\012- data
Size:   15843
Md5:    2241535df47e4118224448152eb91b83
Sha1:   ffedced57c5adb80c470dd79a45f6d67c82122f1
Sha256: fa7b21b2662408264e5a88b2899d4e7fd841c21c1acb6f4b329bc26a04498ddd
                                        
                                            GET /landings/277392/1669911562/images/110010_1.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: ZSd9X+VvgmvmENjQHojycC7JL//Sm4RSvzn06UwIWRF981bX/5MVVUCjmfzCQvT2ZMPr8Qkok+U=
x-amz-request-id: FYV0DEE1XM59J94W
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "f0a79db4dd92694735ee0e6a311fc42c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 56596
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 682x388, components 3\012- data
Size:   56596
Md5:    f0a79db4dd92694735ee0e6a311fc42c
Sha1:   af0cbc1a6abcade4ae78b7df736a0206c218f6c1
Sha256: 09e3f147578d663b2b33b05eec941e4cd5f03afa54091a458e8cdc76a9ea9977
                                        
                                            GET /landings/277392/1669911562/images/lightning.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: aka03fKpDEBbDMe/mD2UvHV7esxHW5K8X2Z6V8GEhDVPthWVNdHvzdf1zpTGvNATn9c3WDDthF0=
x-amz-request-id: J69QSM952KY1G4E0
Last-Modified: Thu, 01 Dec 2022 16:19:24 GMT
ETag: "f7d041540d78ae007d1fe5aed28bfe22"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15158
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 13 x 22, 8-bit/color RGBA, non-interlaced\012- data
Size:   15158
Md5:    f7d041540d78ae007d1fe5aed28bfe22
Sha1:   87f0f527b713204abd6eb85f52838857b0b1f313
Sha256: 3404796b23bcfa338b2b6c0fd2e69c7c15d7711e315362b513e7c484881a5c28
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 22:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css2?family=Ubuntu:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 22:10:31 GMT
date: Thu, 08 Dec 2022 22:10:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2267
Md5:    b401bdbadc386808e23b2779501c944c
Sha1:   038abe3f64b407e754057a78e7c9377083bf882a
Sha256: c75a336ed3f67dcde78d061cf9c2be29725cf10941deb597d8fc1746f1314e41
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 22:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /ortb HTTP/1.1 
Host: jwbvdz.exceilentdate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 295
Origin: https://jwbvdz.exceilentdate.com
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/?s1=120749&s2=1506505&s3=133505&s5=backuser&click_id=1021ecbb47dd957c646297833ae0e4&iexpp=1&j1=1&j5=1&j9=1&utm_source=1e3a4e532f1c7040&j8=1
Cookie: unique_id=639089a4000c3f0c; unique_id2=639260d60000bd89; 639260d60000bd89_c=1; ref_token=31972_120749_120341; 639260d60000bd89_sl=[277392]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Thu, 08 Dec 2022 22:10:31 GMT
content-length: 13
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   13
Md5:    1031bf08481e45e42ceb3fd978c3d379
Sha1:   3d6d43df4c45f09f5d68593646fd83352323a5ea
Sha256: c99e0e70ba976626855bf7f83fc0e333b57833bcaf3dcfba16215a6e4fa3e208

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 22:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jwbvdz.exceilentdate.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:15 GMT
expires: Thu, 07 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 95776
last-modified: Wed, 11 May 2022 19:24:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jwbvdz.exceilentdate.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:54 GMT
expires: Thu, 07 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 95797
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /landings/277392/1669911562/images/favicon.png?t=20221208221030 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: MhqFP324gNqLccFVfauaeVjPr2RCUP1Nw0/++NFE4e0VejX4dFv5uWoYf2r8DJRvRNAjO8qdf5Q=
x-amz-request-id: 169R0M9C1DN7BM1C
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "26ef38d37b06edf5c2a9c5941bdf20c7"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 5207
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   5207
Md5:    26ef38d37b06edf5c2a9c5941bdf20c7
Sha1:   7edfefe803a2c791a49c64228449916a227cc9bc
Sha256: 31c7cba7ef9eb3004a86e506bf976c59248e8518ba7cc0929f6fdfa2f3b36af2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 08 Dec 2022 22:10:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10038
Expires: Fri, 09 Dec 2022 00:57:49 GMT
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10038
Expires: Fri, 09 Dec 2022 00:57:49 GMT
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive

                                        
                                            GET /landings/277392/1669911562/images/6-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: 23a+s1CLd70MT+0kQ4HpctF9Tx5xSFxZG2rkhlkZ6ALvhLloIfdk/ps4rqjCW0TL33jagREEeCU=
x-amz-request-id: J69YH74D9MBBVCF0
Last-Modified: Thu, 01 Dec 2022 16:19:25 GMT
ETag: "9a6870069cb979e16b239f9ed485fb3c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 3256
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10038
Expires: Fri, 09 Dec 2022 00:57:49 GMT
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15611
Expires: Fri, 09 Dec 2022 02:30:42 GMT
Date: Thu, 08 Dec 2022 22:10:31 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 81432
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8659
Md5:    b87d6543345f73653ed4a49b37d7c959
Sha1:   c4f26846b8b72293368ff16915d49297cf12bbb9
Sha256: aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 83193
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12534
Md5:    57be99ac898a37d73f2ba4a24f56248f
Sha1:   04e32eb45581201a6a1863200e4d139df48285e6
Sha256: a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 82436
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7801
Md5:    8c94003641bb5a7595e7004f80f95d22
Sha1:   3446450df60d732f9021d5bfd5f5f7c6c870d9ec
Sha256: 4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 82666
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7268
Md5:    24d89b69ba37bf23c5d576aff4063caf
Sha1:   3d46a21b4da571d7e4962e335c18a28ca5f81ecf
Sha256: 09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FsbiyZG0110CEANduIIWuLcxFOxfrV0YPvOSy-ScXFIX1qM6qaOdCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:21:22 GMT
age: 85749
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9596
Md5:    c408efaa98ac2ce63bb1618368d10c15
Sha1:   a51bbb49ebd862d04eaee465d0a35b22dcd21391
Sha256: 077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8351
x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlitFk9oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0w5Usq-LJMNHxw9UrwUqSslSVROXVHTmY_UhSHNaGh4k4xqh-FSa0A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 14:20:11 GMT
age: 28220
etag: "b8eb2e11f9655f19334befc036f21489a6473827"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8351
Md5:    98d2cf29c710d25bd2f03ff216fdd369
Sha1:   b8eb2e11f9655f19334befc036f21489a6473827
Sha256: 614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac
                                        
                                            GET /landings/277392/1669911562/images/bg.mp4 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.40
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
x-amz-id-2: /KAUAbvaYENC7Dv+tl8G32zIKBBd0Oo8622meavyV2KZ+mRUgsxjaVPUrc9bK5RDIeX85ll+1cY=
x-amz-request-id: J69TQE1CZ0G888N1
Last-Modified: Thu, 01 Dec 2022 16:19:24 GMT
ETag: "e76858ed8489b22c01e5e7bc891c4eab"
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 08 Dec 2022 22:10:31 GMT
Content-Range: bytes 0-1077924/1077925
Content-Length: 1077925
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
                                        
                                            GET /css2?family=Roboto:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 22:10:31 GMT
date: Thu, 08 Dec 2022 22:10:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=133505&s5=43404_&click_id=1021ecbb47dd957c646297833ae0e4&j1=1&j5=1&j8=1&j9=1 HTTP/1.1 
Host: jwbvdz.exceilentdate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Thu, 08 Dec 2022 22:10:30 GMT
set-cookie: unique_id=639089a4000c3f0c; Path=/; Expires=Mon, 06 Feb 2023 22:10:30 GMT; Secure; SameSite=None unique_id2=639260d60000bd89; Path=/; Expires=Wed, 08 Mar 2023 22:10:30 GMT; Secure; SameSite=None 639260d60000bd89_c=1; Path=/; Expires=Wed, 08 Mar 2023 22:10:30 GMT; Secure; SameSite=None ref_token=31972_120749_120341; Path=/; Expires=Sat, 07 Jan 2023 22:10:30 GMT; Secure; SameSite=None impression=; Path=/; Expires=Thu, 08 Dec 2022 22:10:30 GMT; Secure; SameSite=None 639260d60000bd89_sl=[277392]; Path=/; Expires=Thu, 22 Dec 2022 22:10:30 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---