m.luvmenow.com/click?offer_id=5683&pid=31423&ref_id=28m7r0d724lk6&sub1=28575&sub2=2600:1900:2000:9::19&sub3=28m7r0d724lk6&sub4=3784uoi724ljf&sub5=frd&sub6=&sub7=&sub8=30270
104.21.11.83302 Found 0 B URL HTTP/1.1 m.luvmenow.com/click?offer_id=5683&pid=31423&ref_id=28m7r0d724lk6&sub1=28575&sub2=2600:1900:2000:9::19&sub3=28m7r0d724lk6&sub4=3784uoi724ljf&sub5=frd&sub6=&sub7=&sub8=30270
IP 104.21.11.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?offer_id=5683&pid=31423&ref_id=28m7r0d724lk6&sub1=28575&sub2=2600:1900:2000:9::19&sub3=28m7r0d724lk6&sub4=3784uoi724ljf&sub5=frd&sub6=&sub7=&sub8=30270 HTTP/1.1
Host: m.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 29 Oct 2022 14:13:57 GMT
Content-Length: 0
Connection: keep-alive
Location: https://datify.g2afse.com/click?pid=31423&offer_id=783&sub1=28575&sub2=2600:1900:2000:9::19&sub3=28m7r0d724lk6&sub4=3784uoi724ljf&sub5=frd&sub6=&sub7=&sub8=30270
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1g5Dz7WozXcEZB%2B7s%2Fqvb08ftkDTy5oOOtpJg0XKRdgXmXJ%2FqDo%2FfkAH2XgZ7KX9tkGg54QOhce4x3VY3AdQapEuEKMsSlp%2FCPlOjIUUoEPRBgpWgr2enF7Eqhe5TThUGg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 761c83c71f180b61-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 82788b8b26eeba7f492106ea47729bbb
823b2d3c336d11064a6b809057bed46bb65a7969
7671d088ba1420ffa01dbd63c5f7ab28d52d3591bc04c4cc182d1f9e64a7f2f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7671D088BA1420FFA01DBD63C5F7AB28D52D3591BC04C4CC182D1F9E64A7F2F8"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10008
Expires: Sat, 29 Oct 2022 17:00:45 GMT
Date: Sat, 29 Oct 2022 14:13:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 856ee3167a1a6efa13187b6d726d61e4
30d121bebc8f164b38d929e94193ca0caa9ce708
c79ab5ce8d207664a2e0b63762e68f1a906d68c31c59139965201c870619063a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2569
Cache-Control: max-age=158394
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 14:13:57 GMT
Etag: "635cf2d6-1d7"
Expires: Mon, 31 Oct 2022 10:13:51 GMT
Last-Modified: Sat, 29 Oct 2022 09:31:02 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 856ee3167a1a6efa13187b6d726d61e4
30d121bebc8f164b38d929e94193ca0caa9ce708
c79ab5ce8d207664a2e0b63762e68f1a906d68c31c59139965201c870619063a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2569
Cache-Control: max-age=158394
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 14:13:57 GMT
Etag: "635cf2d6-1d7"
Expires: Mon, 31 Oct 2022 10:13:51 GMT
Last-Modified: Sat, 29 Oct 2022 09:31:02 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 42d84e61e6aa4d3cce623adccfafc3e2
0dba69e98be53c153a6726ff934b2d55feb20d75
2f53662c68c9ea7be85837310861c8007fd039e5e4d8eb8f0d8948d5d1571a03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F53662C68C9EA7BE85837310861C8007FD039E5E4D8EB8F0D8948D5D1571A03"
Last-Modified: Thu, 27 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2196
Expires: Sat, 29 Oct 2022 14:50:33 GMT
Date: Sat, 29 Oct 2022 14:13:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XCFwBU0KzUiTIlkgE5wqZT3+69YlObiSybRL3A4Rl0GNzfFNTrYEljvrM/qrXfCpGEFm3E+8BN4=
x-amz-request-id: J0E3Z1SB9TX32EWQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 29 Oct 2022 13:44:04 GMT
age: 1793
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 29 Oct 2022 14:13:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d23430a3322d9d62a11844dcb41e6b36
b3798f6bdf72e31d2bd38ee609bb8f5701a337b1
2e310b291a80f54bac4ddca876398ec04a17517464b17f8f290ee0a3d3f28156
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4864
Cache-Control: max-age=155631
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 14:13:57 GMT
Etag: "635cdf14-1d7"
Expires: Mon, 31 Oct 2022 09:27:48 GMT
Last-Modified: Sat, 29 Oct 2022 08:06:44 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.147.190101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.147.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Iqo9yMN3B2OXBt7apkiIVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mt8bCw30udJb68s5jFNTl4qhPvo=
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash e9ffdfb0f531f378d1dfa08ab6180afe
6248669d850ddf42c7963934e3f912be93689624
ab6eb3231a20ea2197538d0b5e0362dec86a0d0b769bd98a306c7de500415f83
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4130
Cache-Control: max-age=121449
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 14:13:58 GMT
Etag: "635c5c6d-13a"
Expires: Sun, 30 Oct 2022 23:58:07 GMT
Last-Modified: Fri, 28 Oct 2022 22:49:17 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
datify.g2afse.com/click?pid=31423&offer_id=783&sub1=28575&sub2=2600:1900:2000:9::19&sub3=28m7r0d724lk6&sub4=3784uoi724ljf&sub5=frd&sub6=&sub7=&sub8=30270
34.90.14.205302 Found 0 B URL HTTP/2 datify.g2afse.com/click?pid=31423&offer_id=783&sub1=28575&sub2=2600:1900:2000:9::19&sub3=28m7r0d724lk6&sub4=3784uoi724ljf&sub5=frd&sub6=&sub7=&sub8=30270
IP 34.90.14.205:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=31423&offer_id=783&sub1=28575&sub2=2600:1900:2000:9::19&sub3=28m7r0d724lk6&sub4=3784uoi724ljf&sub5=frd&sub6=&sub7=&sub8=30270 HTTP/1.1
Host: datify.g2afse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sat, 29 Oct 2022 14:13:58 GMT
content-length: 0
location: https://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=31423&sub1=28575&sub2=2600:1900:2000:9::19&sub3=28m7r0d724lk6&sub4=3784uoi724ljf&sub5=frd&sub6=&sub7=&sub8=30270
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash be440bca835c7adbfa6130340acf3e81
9e885742dea2f6bc21fc4326a4182fa763ca06b9
61979675f230b95e536f83e15e02bd9578bcd4c30617472fc187a65cc3f518c6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 14:13:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 29 Oct 2022 08:55:49 GMT
Expires: Sat, 05 Nov 2022 08:55:48 GMT
Etag: "9e885742dea2f6bc21fc4326a4182fa763ca06b9"
Cache-Control: max-age=585109,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 761c83d0db05b4f7-OSL
t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=31423&sub1=28575&sub2=2600:1900:2000:9::19&sub3=28m7r0d724lk6&sub4=3784uoi724ljf&sub5=frd&sub6=&sub7=&sub8=30270
34.91.226.152302 Found 0 B URL HTTP/2 t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=31423&sub1=28575&sub2=2600:1900:2000:9::19&sub3=28m7r0d724lk6&sub4=3784uoi724ljf&sub5=frd&sub6=&sub7=&sub8=30270
IP 34.91.226.152:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=5fa1807a127bd6bcbd272004&pid=31423&sub1=28575&sub2=2600:1900:2000:9::19&sub3=28m7r0d724lk6&sub4=3784uoi724ljf&sub5=frd&sub6=&sub7=&sub8=30270 HTTP/1.1
Host: t.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sat, 29 Oct 2022 14:13:58 GMT
content-length: 0
location: https://tracking.t0r4.com/click?pid=740&offer_id=1072&sub2=28575&sub3=a_635d35265ad2dd00012e97bd
set-cookie: afclick=635d35265ad2dd00012e97bd; expires=Sun, 29 Oct 2023 14:13:58 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb491912a5694181391243270244a614
64e179933378400d996b875098dc09eacd248886
5d16fc8e0dbe48586f838381ecbebc2691a7c2fe1c82ca60b5abe79c11ffa589
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5D16FC8E0DBE48586F838381ECBEBC2691A7C2FE1C82CA60B5ABE79C11FFA589"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2750
Expires: Sat, 29 Oct 2022 14:59:48 GMT
Date: Sat, 29 Oct 2022 14:13:58 GMT
Connection: keep-alive
tracking.t0r4.com/click?pid=740&offer_id=1072&sub2=28575&sub3=a_635d35265ad2dd00012e97bd
104.21.19.241302 Found 0 B URL HTTP/2 tracking.t0r4.com/click?pid=740&offer_id=1072&sub2=28575&sub3=a_635d35265ad2dd00012e97bd
IP 104.21.19.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=740&offer_id=1072&sub2=28575&sub3=a_635d35265ad2dd00012e97bd HTTP/1.1
Host: tracking.t0r4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 29 Oct 2022 14:13:58 GMT
content-length: 0
location: https://zzotrack.com/86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=&sub2=28575&campaign=&sum=&clickid=635d352692b78b00015788b8
set-cookie: afclick=635d352692b78b00015788b8; expires=Sun, 29 Oct 2023 14:13:58 GMT; secure; SameSite=None
afoffers={"1072":1667052838}; expires=Sun, 29 Oct 2023 14:13:58 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdyXtRPgdtveJHjTjHWHOrTc7Qtq6WQDMrOis9PoVWftkmEolfvmit1GRwE4cEPPMGj3RcJTqt0PPPSq%2Bd0mYf9VmpKX%2FRKmCDJYymp0eTuFNdF90mcQxXDLajdefibU%2Bks26Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 761c83d1acb0b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb491912a5694181391243270244a614
64e179933378400d996b875098dc09eacd248886
5d16fc8e0dbe48586f838381ecbebc2691a7c2fe1c82ca60b5abe79c11ffa589
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5D16FC8E0DBE48586F838381ECBEBC2691A7C2FE1C82CA60B5ABE79C11FFA589"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2750
Expires: Sat, 29 Oct 2022 14:59:48 GMT
Date: Sat, 29 Oct 2022 14:13:58 GMT
Connection: keep-alive
zzotrack.com/86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=&sub2=28575&campaign=&sum=&clickid=635d352692b78b00015788b8
18.184.38.55302 Found 0 B URL HTTP/2 zzotrack.com/86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=&sub2=28575&campaign=&sum=&clickid=635d352692b78b00015788b8
IP 18.184.38.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=&sub2=28575&campaign=&sum=&clickid=635d352692b78b00015788b8 HTTP/1.1
Host: zzotrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sat, 29 Oct 2022 14:13:58 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=w78kjo02o2asee3k2cq4vb9a&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740
pragma: no-cache
set-cookie: 86f47e59-27d7-4e44-bd9c-5042398e42a9-v4=S5AukWxOEKghkOuTXnk3t0tZna2E2feBjSR0ANrNB7k; Max-Age=86400; Expires=Sun, 30-Oct-2022 14:13:58 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=1bInsCTgXxIJrFLt1fuAWKvh0PQetZWvCUVZSsXH3eX4I1oXc3iSAHAp349QQYp3xs34%2BmPq1NKuMC5eFr11MA3qFCI%2BRinWd%2B5PFmI6gyHbVxJOYW0fpIPWi%2FbPtL4V29gOCeidbisIpbem8NqTpw%3D%3D; Max-Age=31536000; Expires=Sun, 29-Oct-2023 14:13:58 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 02c0a9a87ce6e1b2cd49513ab971a704
f2cee56097f19f65fbdb3854a5449b9bd4517aac
56898b0086f6bb80377d5ca8070ba9d4839080c792b758e094619f5368022282
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156464
Date: Sat, 29 Oct 2022 14:13:59 GMT
Etag: "635cebc0-1d7"
Expires: Mon, 31 Oct 2022 09:41:43 GMT
Last-Modified: Sat, 29 Oct 2022 09:00:48 GMT
Server: ECS (dcb/7EA4)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PPkASCZ7Ca9nmKEyQYH7mKmaPtAybdSLa5jsYeYX8axv2_aetOPQyQ==
Age: 2455
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6649
Expires: Sat, 29 Oct 2022 16:04:48 GMT
Date: Sat, 29 Oct 2022 14:13:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6649
Expires: Sat, 29 Oct 2022 16:04:48 GMT
Date: Sat, 29 Oct 2022 14:13:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6649
Expires: Sat, 29 Oct 2022 16:04:48 GMT
Date: Sat, 29 Oct 2022 14:13:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6649
Expires: Sat, 29 Oct 2022 16:04:48 GMT
Date: Sat, 29 Oct 2022 14:13:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6649
Expires: Sat, 29 Oct 2022 16:04:48 GMT
Date: Sat, 29 Oct 2022 14:13:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42eeb84c-c3e1-43c4-8856-79cf05355dd2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42eeb84c-c3e1-43c4-8856-79cf05355dd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4598687f05036d866bcf142e32f4ec7b
ef1f79a7d09291ed12dd7837f8219550e4df3581
aa232240158f1a022509380282190bbcac8bec54709e2931aef2570ced77982f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42eeb84c-c3e1-43c4-8856-79cf05355dd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10813
x-amzn-requestid: 3d9d26e0-d891-4bfa-ba4f-6751252710bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: arwxXEJGoAMF8iw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635afb3b-2fe9e82f5034fc9f5f812f0d;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 21:42:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _iHC08sIfN2TGrMjC7v0tTYqkqN1sPodxmhRmSwfTeNhYJO1efCDXA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 12:27:07 GMT
age: 6412
etag: "ef1f79a7d09291ed12dd7837f8219550e4df3581"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493e6c0e-987f-4e8a-b2a1-5fe4f452da17.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493e6c0e-987f-4e8a-b2a1-5fe4f452da17.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3044824aa388754b4834dc79496d135b
ee65caaa8a746599f6c29d74900472a98c121499
1e7f15e9d74e3559bbe51f66a861045d02a1cb227c978ba09c47e52972095930
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493e6c0e-987f-4e8a-b2a1-5fe4f452da17.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6036
x-amzn-requestid: 3614efdd-d9db-4461-a335-30cfc17cf8b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCGmEyVoAMFnPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a2a-5f619a592c75e97c3dc2689a;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: W1LaF7xWMkFRekTvIhe1Ft7v8vQMW-_sLLrjtu5SluHUg48esy5cdA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:51:02 GMT
age: 58977
etag: "ee65caaa8a746599f6c29d74900472a98c121499"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8326b70116b95839cb92a20987ff62bf
e39efc9edc67abdbc8b67e56ea3aa3f169600055
9bb70165db081deb009c8da7f4fcafff66bf4f3ce68c88dd11b21ab1665f8a30
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8381
x-amzn-requestid: affd1381-e8d6-406e-bdfd-43095e110aa9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCJEHAUoAMFQPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a39-738547cc62556b0f6cc604cf;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:37 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FpVYEpuzxdqeInQrm5_-ZU4tLonMfDWY3D3DxRd0JD3uh4emzrgklA==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 22:02:40 GMT
age: 58279
etag: "e39efc9edc67abdbc8b67e56ea3aa3f169600055"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c7269e7-b618-4700-9a4e-8dd88078670e.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c7269e7-b618-4700-9a4e-8dd88078670e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 810ba4a29aeb678e3a85cefce6ef81f6
af589048cc676d45060198d7fce3a338d681d201
3503f05f67b381aef650141a5ad2083890a197231cf6dfde99c2fb3ff4de57e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c7269e7-b618-4700-9a4e-8dd88078670e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9718
x-amzn-requestid: e7339861-3974-4569-b282-502667c970fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCIxHPToAMFoLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a37-661fecca54b9a038565e0fcb;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0Rwj6cW5bSmvUt1d92sn_CPelMoM0-VFSd7M9NeerwIiuUATUGpKqQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:59:11 GMT
etag: "af589048cc676d45060198d7fce3a338d681d201"
content-type: image/jpeg
age: 58488
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ed0e856-e7a8-4b66-8b47-6376c7ef215f.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ed0e856-e7a8-4b66-8b47-6376c7ef215f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29f8a8bdab8c8b28242ea7227be2d471
aa097b7f69b5369277d405238bbbb19081c3c3da
ec9a37f12ce0fb63e907ac3e5cbba04f392dfe44432422a839fc9c6ea66ec176
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ed0e856-e7a8-4b66-8b47-6376c7ef215f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8239
x-amzn-requestid: 7dd9eebd-2c20-4e7c-ba5d-349dc15abe61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCGmH3eIAMFhcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a2a-3dfa40935763bd2641e7e53a;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:22 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9tjWGS2L9mjQHuhRpOmnR5jIxAys2om70GRzupGsQ4rZZPaz7uITog==
via: 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 22:02:40 GMT
age: 58279
etag: "aa097b7f69b5369277d405238bbbb19081c3c3da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd830c901-a7fd-448a-9a5c-b65235a10127.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd830c901-a7fd-448a-9a5c-b65235a10127.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ccb6be5f8a61354dfff4fa9d48852fe
33b4a66a9693ca4c327c13303cb4f1aa4354b261
aa48f106bdfd580cea5f691ddf2c7e0445a30d89526355953ae9d87881ad6495
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd830c901-a7fd-448a-9a5c-b65235a10127.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15494
x-amzn-requestid: 5c6a874b-b97e-44ba-93e2-ebc4517220d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apSLZGNGoAMFrgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359fd7b-0a756fdd554b64381bf74525;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 03:39:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IZrTbVtjoc8LALwjuxZKdHwsRJ6EOAPwdJgdAFxYcNKdIVtVV7mSsQ==
via: 1.1 c4e77f714a7aade06aaed8bdc8b66fca.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 09:48:52 GMT
age: 15907
etag: "33b4a66a9693ca4c327c13303cb4f1aa4354b261"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=0b8106a14288eae551a233439f3afb06&s3=558
45.141.159.22200 OK 2.2 kB URL HTTP/1.1 smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=0b8106a14288eae551a233439f3afb06&s3=558
IP 45.141.159.22:0
ASN #206776 Ophidian Network Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (597), with CRLF line terminators
Hash 7270c02cace2ed8f77162046706d038f
2d52e31b9b54728fd008a09e39a0b33459c2c25c
9eb6d16e3cdd75136afe97001ba19620bcfeb0c8beed6822f38cdf9e7a435a1b
GET /smartlink/?a=89072&sm=9474&mt=2&s1=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&s2=0b8106a14288eae551a233439f3afb06&s3=558 HTTP/1.1
Host: smartsecuredt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 29 Oct 2022 14:13:59 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Set-Cookie: v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5RsEN6077+uO511Az+k7drc=; Domain=.smartsecuredt.com; Expires=Fri, 27-Jan-2023 14:13:59 GMT; Path=/
gdm_uid_v1_1_001=BtvsdMJijaGnPrBve7kgSzu3eqdmKR7hwd8mQ+5/qq2GY7VbvSh1VA2kHJn7uQ96; Domain=.smartsecuredt.com; Expires=Fri, 27-Jan-2023 14:13:59 GMT; Path=/
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.smartsecuredt.com; Expires=Fri, 27-Jan-2023 14:13:59 GMT; Path=/; Secure; SameSite=None
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.smartsecuredt.com; Expires=Fri, 27-Jan-2023 14:13:59 GMT; Path=/
v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5RsEN6077+uO511Az+k7drc=; Domain=.smartsecuredt.com; Expires=Fri, 27-Jan-2023 14:13:59 GMT; Path=/; Secure; SameSite=None
gdm_uid_v2_1_001=BtvsdMJijaGnPrBve7kgSzu3eqdmKR7hwd8mQ+5/qq2GY7VbvSh1VA2kHJn7uQ96; Domain=.smartsecuredt.com; Expires=Fri, 27-Jan-2023 14:13:59 GMT; Path=/; Secure; SameSite=None
gdm_visit_freq_v1_1_001=gJLhXJbXqrGXm/hn4dYEDTLM+ijQzWEqpvrIp7ReDxIMQ25qefraUhVdSxSQ5G6X; Domain=.smartsecuredt.com; Expires=Fri, 27-Jan-2023 14:13:59 GMT; Path=/
gdm_visit_freq_v2_1_001=gJLhXJbXqrGXm/hn4dYEDTLM+ijQzWEqpvrIp7ReDxIMQ25qefraUhVdSxSQ5G6X; Domain=.smartsecuredt.com; Expires=Fri, 27-Jan-2023 14:13:59 GMT; Path=/; Secure; SameSite=None
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: Sat, 1 May 2020 12:00:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b8639c22ec1353e0b40849cbada1ce1
4c149c902b3fcc42013391d474b360f9a68fc930
9a5bb657516332d82448e3355ef6510fb25cb3654b520c5f5e6e5d5fb55fd543
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A5BB657516332D82448E3355EF6510FB25CB3654B520C5F5E6E5D5FB55FD543"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4454
Expires: Sat, 29 Oct 2022 15:28:13 GMT
Date: Sat, 29 Oct 2022 14:13:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b8639c22ec1353e0b40849cbada1ce1
4c149c902b3fcc42013391d474b360f9a68fc930
9a5bb657516332d82448e3355ef6510fb25cb3654b520c5f5e6e5d5fb55fd543
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A5BB657516332D82448E3355EF6510FB25CB3654B520C5F5E6E5D5FB55FD543"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4454
Expires: Sat, 29 Oct 2022 15:28:13 GMT
Date: Sat, 29 Oct 2022 14:13:59 GMT
Connection: keep-alive
cdn.smrt-assets.com/assets/1144/js/translatesrules.js
23.36.76.163200 OK 9.7 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1144/js/translatesrules.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
Hash f09a391ba297c3912759882db1a9e38a
a7866e21b4febbf58a635613ec30608a9dfda386
2a734d2af14f59cdad75b60742d94cef667bb3271d2a8a2557be99796a840d3e
GET /assets/1144/js/translatesrules.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Last-Modified: Tue, 02 Feb 2021 11:29:28 GMT
ETag: "f889c7341bca7408551f0da6879237a9"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: o0JI-D14FY46mUFaOurcdIXuAiNK9FRy0hlR2hHzIjPPV_ulUFWuSA==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 29 Oct 2022 14:13:59 GMT
Content-Length: 9749
Connection: keep-alive
cdn.smrt-assets.com/assets/1144/css/main.css
23.36.76.163200 OK 2.1 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1144/css/main.css
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 977c6a0b5a9ea85f1861a0e9089a05c1
6a8155cda967fda2a16fc759deca252634aa0c78
2c1a4fed0126274ac848bade732edac2023c6389486e5c02cdc0be77548cd093
GET /assets/1144/css/main.css HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 02 Feb 2021 11:39:55 GMT
ETag: "fb41dc3d2a4826c0dd868c64bae7c77c"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: 6T72l0QFrSOjNpG37gHCrWR4JlltkKRjMcmj4QL5H4DRr0wvRi4Ylg==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 29 Oct 2022 14:13:59 GMT
Content-Length: 2061
Connection: keep-alive
cdn.smrt-assets.com/assets/1144/js/jquery.min.js
23.36.76.163200 OK 30 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1144/js/jquery.min.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (32065)
Hash 2fa28552f1ee4e1382ee43930b53afb8
803670da6a35378bf4eb73acc8e72fe4feb5ca30
ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
GET /assets/1144/js/jquery.min.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Last-Modified: Tue, 02 Feb 2021 11:29:28 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: rNAVYdmHMAMpMHYv4HPJBhrAtesAUrOBckV9PxD5uVlG8zkUkRY0ng==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 29 Oct 2022 14:13:59 GMT
Content-Length: 29855
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 89643d2109e09c2c32f8e67de2d35df0
7d57d55fe52e166f75f93efab1a784e840c25757
672d341ec656ed18d6484ab814ab4f888b37624bfb49e9c2d95860168246b46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 14:13:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 89643d2109e09c2c32f8e67de2d35df0
7d57d55fe52e166f75f93efab1a784e840c25757
672d341ec656ed18d6484ab814ab4f888b37624bfb49e9c2d95860168246b46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 14:13:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.smrt-assets.com/prod/push-subscriber.js
23.36.76.163200 OK 4.4 kB URL HTTP/1.1 cdn.smrt-assets.com/prod/push-subscriber.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
Hash d87a44d0aa0b54e75b2eb54c76bcf152
f765110fd22c73d181d9a2ea1b20de424b3d9e35
6ec5fc6e201f4cf0ba2754f2510363cad0ea29076f9775cc25a06ff71763c0f7
GET /prod/push-subscriber.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 29 Mar 2022 15:19:51 GMT
ETag: "6b5bccad39f7057909ad0660f33cc2fa"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: 35kqMJuJ1u5RjAKtxbnFwd5U4zZZCXGXjyOLiAvqNh6C3w79fp8VLA==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 29 Oct 2022 14:13:59 GMT
Content-Length: 4395
Connection: keep-alive
cdn.smrt-assets.com/prod/push-lang-config.js
23.36.76.163200 OK 2.4 kB URL HTTP/1.1 cdn.smrt-assets.com/prod/push-lang-config.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (7658), with no line terminators
Hash 86caa25373c28e4a962df5e15f4c160f
7a992cdd21a4074c155ccc7016e7cf836a66dd85
fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11
GET /prod/push-lang-config.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT
ETag: "7152525f63649929a736f6efb78b58a5"
x-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: PlzHg_kpLQKC63Gp9E61K1OBX5ibTIl975NYZyc2dmovD1t05XIN0Q==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 29 Oct 2022 14:13:59 GMT
Content-Length: 2366
Connection: keep-alive
cdn.smrt-assets.com/assets/1387/js/backoffer.js
23.36.76.163200 OK 660 B URL HTTP/1.1 cdn.smrt-assets.com/assets/1387/js/backoffer.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash e7e1dc07852a36f89e4be03aa3787316
0dc3f8e7eb943af093cf8f4600fcf0e421891025
33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388
GET /assets/1387/js/backoffer.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 660
Last-Modified: Thu, 06 May 2021 12:38:04 GMT
ETag: "e7e1dc07852a36f89e4be03aa3787316"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P2
X-Amz-Cf-Id: wMlw0DS_2cpDlmt-hXkUlzPF3cZyUBp0ipiQ_g-kkKca6KpQvvKboA==
Date: Sat, 29 Oct 2022 14:13:59 GMT
Connection: keep-alive
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
142.250.74.163200 OK 10 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (35547)
Hash fa9987a23f5a9d865766e952511baa30
f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 24 Oct 2022 18:29:53 GMT
expires: Tue, 24 Oct 2023 18:29:53 GMT
cache-control: public, max-age=31536000
age: 416646
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
142.250.74.163200 OK 8.6 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (25088)
Hash 73069e532b7039778d3a7128c997c61a
c523bbf1ac7f4e612c8ade75434c42fbca885adc
b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Oct 2022 20:25:10 GMT
expires: Sat, 28 Oct 2023 20:25:10 GMT
cache-control: public, max-age=31536000
age: 64129
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a34a3d6697eb937f0b134e68e9fb2b99
dc432dc7c8692383d17e593a93e60857d9398082
e11fbf49eb07b649e29e7965e888397956e4476873c9e55812ef10f722bbc994
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 14:13:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 89643d2109e09c2c32f8e67de2d35df0
7d57d55fe52e166f75f93efab1a784e840c25757
672d341ec656ed18d6484ab814ab4f888b37624bfb49e9c2d95860168246b46b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 14:13:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.smrt-assets.com/assets/1144/images/17477724.png
23.36.76.163200 OK 127 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1144/images/17477724.png
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type PNG image data, 540 x 614, 8-bit colormap, non-interlaced\012- data
Size 127 kB (127399 bytes)
Hash 48b5cf504b501519436d17763f4b52bd
b3fe5b65f350ad10b103a0cbbc4e79952358803d
3def9cfd1107dc28c620d5442e44474e820f91e99011e3d9eebc5572f653b509
GET /assets/1144/images/17477724.png HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.smrt-assets.com/assets/1144/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 127399
Last-Modified: Tue, 02 Feb 2021 11:30:11 GMT
ETag: "48b5cf504b501519436d17763f4b52bd"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: oY9muSQRdUKiS1F6QjLdA1C6zzPiT-jc42BDhY7vd-qOiB1Nizbi5A==
Date: Sat, 29 Oct 2022 14:14:00 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a34a3d6697eb937f0b134e68e9fb2b99
dc432dc7c8692383d17e593a93e60857d9398082
e11fbf49eb07b649e29e7965e888397956e4476873c9e55812ef10f722bbc994
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 14:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Oct 2022 16:40:18 GMT
expires: Fri, 27 Oct 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 164022
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c38d7d921acdf1366a9d005ae733f173
b90bc7558a2c9cc0871243584397dd1e317bdad1
9bf166fa1fe39701758fb862610e423b26c9726038f9f3290d6615e13972af69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 14:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX
142.250.74.168200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash c13a7aa09ce17f013f6657ab7e3e74f6
98ef6adfef92a6d5336bed2045b7f157457fec23
c23fe1a1f80b3e855d42ce22a48ee97f0f571878bb65289b592ae43c07303719
GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 29 Oct 2022 14:14:00 GMT
expires: Sat, 29 Oct 2022 14:14:00 GMT
cache-control: private, max-age=900
last-modified: Sat, 29 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c38d7d921acdf1366a9d005ae733f173
b90bc7558a2c9cc0871243584397dd1e317bdad1
9bf166fa1fe39701758fb862610e423b26c9726038f9f3290d6615e13972af69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 14:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 9de428e23b0343a77c5ccd0d9276fdbf
ccf3ae813f9ace92c43f96dec5ae41ff71ced2a0
b8d8bee88c1896ef18f784c02d7fda61c28c3addac6f63659b854a175e8f40bb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124545
Date: Sat, 29 Oct 2022 14:14:00 GMT
Etag: "635c61ef-1d7"
Expires: Mon, 31 Oct 2022 00:49:45 GMT
Last-Modified: Fri, 28 Oct 2022 23:12:47 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: toWSAJ5C_IuLVuVT1ztDzC9lfTF1fI5lBnG0OH1xrgfcrpu32oOaug==
Age: 5819
tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}
136.243.69.157200 OK 35 B URL HTTP/1.1 tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}
IP 136.243.69.157:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead} HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://smartsecuredt.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 29 Oct 2022 14:14:00 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 35
Connection: keep-alive
Pragma: no-cache
Expires: 0
Vary: *
X-Api-Version: 1
X-Request-Id: 8bbf90f65bfedaae
Set-Cookie: ts_rt_3f949dfe-3372-4caa-baf0-047f88323cfa=ANmUCUOmR4kbQgQSPEjEBJwwZ8rYSVPmThmDCB9GnFixDMOA; expires=Sun, 29 Oct 2023 14:14:00 GMT; path=/; HttpOnly; secure; SameSite=None
Cache-Control: no-cache, no-store, no-transform, must-revalidate, no-transform
X-Robots-Tag: none, noindex, nofollow
Report-To: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
statisticresearch.com/user-segments/?pid=TH
34.199.255.102200 OK 1.2 kB URL HTTP/2 statisticresearch.com/user-segments/?pid=TH
IP 34.199.255.102:0
Hash ee5e1ad993c1c65866ff682d5a2f95a0
dd98bbb5bdd7f5ce00fa59a5aa43e5e36f433fba
0a8462e97029081036fe7d00c2c54a4d6e67dbf43cc2eed1fc9f76dd80d52648
GET /user-segments/?pid=TH HTTP/1.1
Host: statisticresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 29 Oct 2022 14:14:00 GMT
server: nginx
X-Firefox-Spdy: h2
static.trafficjunky.com/js/mp.min.js
205.185.208.79200 OK 3.6 kB URL HTTP/1.1 static.trafficjunky.com/js/mp.min.js
IP 205.185.208.79:0
File type ASCII text, with very long lines (10690), with no line terminators
Hash 044c370813dc1ea880f32a5be81384e7
53b0733cfc26f2bc7e83d1da0c087d5513fcf548
2acb7fa7d04e9c94971b02b9f67140f2bcc9fb51ee361096c735e7f81518c94c
GET /js/mp.min.js HTTP/1.1
Host: static.trafficjunky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://smartsecuredt.com/
HTTP/1.1 200 OK
Date: Sat, 29 Oct 2022 14:14:00 GMT
Connection: Keep-Alive
ETag: "1652721327"
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 3628
Content-Type: application/javascript
Last-Modified: Mon, 16 May 2022 17:15:27 GMT
Accept-Ranges: bytes
X-HW: 1667052840.dop220.sk1.t,1667052840.cds003.sk1.c
Access-Control-Allow-Origin: *
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 29 Oct 2022 12:41:09 GMT
expires: Sat, 29 Oct 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 5571
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f331a42514e31cd1fa0ee4b183e181b9
ec51490d94b697f50238a4eb1360c70cbcd7db76
594e990b677a3811125884bb166da7dba31434a2ff4b6fe3f2c24d2a23fec575
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 14:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=1562037048.1667052838&jid=1351821266&gjid=1285745960&_gid=1600292505.1667052838&_u=YADAAEAAAAAAACAAI~&z=562251955
173.194.222.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=1562037048.1667052838&jid=1351821266&gjid=1285745960&_gid=1600292505.1667052838&_u=YADAAEAAAAAAACAAI~&z=562251955
IP 173.194.222.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=1562037048.1667052838&jid=1351821266&gjid=1285745960&_gid=1600292505.1667052838&_u=YADAAEAAAAAAACAAI~&z=562251955 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://smartsecuredt.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 29 Oct 2022 14:14:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f331a42514e31cd1fa0ee4b183e181b9
ec51490d94b697f50238a4eb1360c70cbcd7db76
594e990b677a3811125884bb166da7dba31434a2ff4b6fe3f2c24d2a23fec575
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 14:14:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRPS8FB>m=2oeaq0&_p=1385643678&cid=1562037048.1667052838&ul=en-us&sr=1280x1024&_s=1&sid=1667052838&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D86f47e59-27d7-4e44-bd9c-5042398e42a9_740%26s2%3D0b8106a14288eae551a233439f3afb06%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRPS8FB>m=2oeaq0&_p=1385643678&cid=1562037048.1667052838&ul=en-us&sr=1280x1024&_s=1&sid=1667052838&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D86f47e59-27d7-4e44-bd9c-5042398e42a9_740%26s2%3D0b8106a14288eae551a233439f3afb06%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-C3EPRPS8FB>m=2oeaq0&_p=1385643678&cid=1562037048.1667052838&ul=en-us&sr=1280x1024&_s=1&sid=1667052838&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D86f47e59-27d7-4e44-bd9c-5042398e42a9_740%26s2%3D0b8106a14288eae551a233439f3afb06%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://smartsecuredt.com
date: Sat, 29 Oct 2022 14:14:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 6a90e5e1974043db1b9e006dca3d98cf
55c7d7a8b7f862dba3d88d069dd612912d957427
bcd63873ae5ea7f42da3a5344927da45edb77c1622a3c93e6f9bf3cf2448c66c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128189
Date: Sat, 29 Oct 2022 14:14:01 GMT
Etag: "635c72bf-1d7"
Expires: Mon, 31 Oct 2022 01:50:30 GMT
Last-Modified: Sat, 29 Oct 2022 00:24:31 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PAbqOn9_qA-Qv8XLWtZukX_11glfNKUdyP0b76XAICHQEPw1xv0vCA==
Age: 5159
guard.cdtbox.rocks/color?x=1&forScheme=aHR0cDovL3NtYXJ0c2VjdXJlZHQuY29tL3NtYXJ0bGluay8/YT04OTA3MiZzbT05NDc0Jm10PTImczE9ODZmNDdlNTktMjdkNy00ZTQ0LWJkOWMtNTA0MjM5OGU0MmE5Xzc0MCZzMj0wYjgxMDZhMTQyODhlYWU1NTFhMjMzNDM5ZjNhZmIwNiZzMz01NTg=
34.193.131.238200 OK 2 B URL HTTP/2 guard.cdtbox.rocks/color?x=1&forScheme=aHR0cDovL3NtYXJ0c2VjdXJlZHQuY29tL3NtYXJ0bGluay8/YT04OTA3MiZzbT05NDc0Jm10PTImczE9ODZmNDdlNTktMjdkNy00ZTQ0LWJkOWMtNTA0MjM5OGU0MmE5Xzc0MCZzMj0wYjgxMDZhMTQyODhlYWU1NTFhMjMzNDM5ZjNhZmIwNiZzMz01NTg=
IP 34.193.131.238:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
GET /color?x=1&forScheme=aHR0cDovL3NtYXJ0c2VjdXJlZHQuY29tL3NtYXJ0bGluay8/YT04OTA3MiZzbT05NDc0Jm10PTImczE9ODZmNDdlNTktMjdkNy00ZTQ0LWJkOWMtNTA0MjM5OGU0MmE5Xzc0MCZzMj0wYjgxMDZhMTQyODhlYWU1NTFhMjMzNDM5ZjNhZmIwNiZzMz01NTg= HTTP/1.1
Host: guard.cdtbox.rocks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 29 Oct 2022 14:14:01 GMT
content-type: application/json
content-length: 2
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F036fdb83-72c9-40f5-9e16-f4502570667e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F036fdb83-72c9-40f5-9e16-f4502570667e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a37da3b0df2c3eb74825cdad7dff6d4
01125adb299608812ffca7fb3c0ad526803bd723
351fdadfc462aa0c8a38964217c40f085e62d65335152d0530233017f9fc0df6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F036fdb83-72c9-40f5-9e16-f4502570667e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11107
x-amzn-requestid: 6fc669c8-f46f-4f5a-a538-b4a49c43319e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: amdsuE6GoAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358dcb7-0c9461505096b7d92509e55e;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 07:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BzeW9D2DmkFVHVzWCV9ZZUx62NboDogcBvN96OikqnyImftEXu9RnQ==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 07:21:41 GMT
age: 24745
etag: "01125adb299608812ffca7fb3c0ad526803bd723"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=w78kjo02o2asee3k2cq4vb9a&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740
3.65.209.247302 Found 0 B URL HTTP/2 v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=w78kjo02o2asee3k2cq4vb9a&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740
IP 3.65.209.247:0
Analyzer Verdict Alert quad9 Sinkholed
GET /click?a=558&o=2892&sub_id1=w78kjo02o2asee3k2cq4vb9a&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740 HTTP/1.1
Host: v2.trckguardlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 29 Oct 2022 14:13:59 GMT
content-type: text/html; charset=UTF-8
location: https://v2.trckguardlnk.com/click?a=558&sub_id1=w78kjo02o2asee3k2cq4vb9a&sub_id3=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&o=2219
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; expires=Mon, 28-Nov-2022 14:13:59 GMT; Max-Age=2592000; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
IP 142.250.74.10:0
GET /css?family=Montserrat:400,500,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.smrt-assets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 29 Oct 2022 14:13:59 GMT
date: Sat, 29 Oct 2022 14:13:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2