safexpress.xyz/
172.67.195.190301 Moved Permanently 0 B IP 172.67.195.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: safexpress.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Dec 2022 03:59:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 03 Dec 2022 04:59:09 GMT
Location: https://safexpress.xyz/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaRu8qQZi2UA7sajQiTZYjEOPktfUV6iCk8kjWR2DQVaqDdKWUcMeo9UhIbmJyUX3aWMrydoyzJMU0tE%2FzIiEgyqZp3ur6QsAidUaT8AzUvaC6RTNArojdsUd%2BCg8%2BxelA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77396353b9b4b4f4-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6568
Expires: Sat, 03 Dec 2022 05:48:37 GMT
Date: Sat, 03 Dec 2022 03:59:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 427
Cache-Control: max-age=110353
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:09 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 10:38:22 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5434
Expires: Sat, 03 Dec 2022 05:29:43 GMT
Date: Sat, 03 Dec 2022 03:59:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 03:19:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2351
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YEhVgwVi86mLj/2Aj147VXKqLQmDAH0yqvkEKsxA/NBjR13Nx7TA2igZZSZiZz535bky/sasTtqpseEClI0mHQ==
x-amz-request-id: RHY7WWE3TB2E9AG7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 03:46:25 GMT
age: 764
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 03:59:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dd03c37115cda79f52a5e42939fc615b
79b5ea9101ee0c57d097facf5ad072f46a19513a
ab81e15bad30af30beeeff5077b98b7346576c52a7f8a5e3160dc22387e33d25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "AB81E15BAD30AF30BEEEFF5077B98B7346576C52A7F8A5E3160DC22387E33D25"
Last-Modified: Wed, 30 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Sat, 03 Dec 2022 09:58:24 GMT
Date: Sat, 03 Dec 2022 03:59:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 03:08:58 GMT
cache-control: public,max-age=3600
age: 3012
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 423
Cache-Control: max-age=105287
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:10 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:13:57 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dd03c37115cda79f52a5e42939fc615b
79b5ea9101ee0c57d097facf5ad072f46a19513a
ab81e15bad30af30beeeff5077b98b7346576c52a7f8a5e3160dc22387e33d25
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "AB81E15BAD30AF30BEEEFF5077B98B7346576C52A7F8A5E3160DC22387E33D25"
Last-Modified: Wed, 30 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Sat, 03 Dec 2022 09:58:24 GMT
Date: Sat, 03 Dec 2022 03:59:10 GMT
Connection: keep-alive
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ns26FJ6SunRT69k6pjSDQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CkIGNZ0sgt+McOQYuEyneJam0m8=
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.80200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.80:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 03 Dec 2022 01:28:24 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: r5FFPMstF5yQF24aKTwkDF5aifl43bt6o3EtUtWPEX73iXGfPMV60A==
age: 9048
X-Firefox-Spdy: h2
cdn3.dan.com/assets/public-8ffa433e8f7295de7212a1970b503cbca5e2f51861329f2a83d95683ae5ca9bd.css
143.204.55.93200 OK 70 kB URL HTTP/2 cdn3.dan.com/assets/public-8ffa433e8f7295de7212a1970b503cbca5e2f51861329f2a83d95683ae5ca9bd.css
IP 143.204.55.93:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Hash 00067c642881479946a1cc9726cf90c3
7bc179cdcd23aaefdce393c81d08acc1f35f0f55
d8fc3dd331510ef42b89c5701f6240eb1d64c00a90a47a47cacbbef683df8f54
GET /assets/public-8ffa433e8f7295de7212a1970b503cbca5e2f51861329f2a83d95683ae5ca9bd.css HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 69630
server: openresty
date: Fri, 02 Dec 2022 12:39:13 GMT
last-modified: Fri, 02 Dec 2022 12:22:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kGlzuhooMUZ5GtKdhbqx1f5muaguTWD-fkTzFHa6HVPy3jH3G6L-Gg==
age: 55198
X-Firefox-Spdy: h2
cdn3.dan.com/packs/js/3-9876ac5e584cf01380f0.chunk.js
143.204.55.93200 OK 56 kB URL HTTP/2 cdn3.dan.com/packs/js/3-9876ac5e584cf01380f0.chunk.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (65450)
Hash 344cf972b803b139cbe02cbbd55f0c63
beb028cc1664bce14495b9a4e6d22355c80fd180
08ff1998650ec7851229c8f0c9f231d3facd71bec2d3e52ae525cedd3e5206a0
GET /packs/js/3-9876ac5e584cf01380f0.chunk.js HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 55649
server: openresty
date: Mon, 14 Nov 2022 13:26:19 GMT
last-modified: Mon, 14 Nov 2022 13:24:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MO89r5cMU3oCTW-v-6J-_lJ8OZiNIEtPOMFmEm7ccyzFyyvkAh4smg==
age: 1607572
X-Firefox-Spdy: h2
dan.com/buy-domain/SafExpress.xyz
3.70.113.20200 OK 14 kB URL HTTP/2 dan.com/buy-domain/SafExpress.xyz
IP 3.70.113.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9029)
Hash bddc566635894f99b96cbb7e50df795c
1810078f7561e71eea8456d8c6dd8b829468116e
8037ba15ac166ee025ed6f2ca2bec01fdbe4ab1f1a24542002fd32f6bf981f49
GET /buy-domain/SafExpress.xyz HTTP/1.1
Host: dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://safexpress.xyz/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Sat, 03 Dec 2022 03:59:11 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
etag: W/"0eb972095e0793a4367cbc337ad1f04b"
cache-control: max-age=0, private, must-revalidate
set-cookie: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=8pqtSjK4sZPwhXPfh1lZOyCmlT7t8SV%2FDgrBANCX0yEzt53oKBlXKQn%2FpmRfljHXvHLkZ8968q9C6Ak7nbaNnDu6npA5CZdoK8a3lOCcXTb00PwiKyiaXW77JGxU75K%2FdFj6VUssS8hssRXNR%2BHP6%2BfqWS6c8rJhDPPvgxQzqCg6IEit1rdpBeexX2gmcDs7WCt%2F0SalQ55XTccdJ%2BHz6a7Rt%2BczqhV7YBqm7y7sND4HhnVDO1csHTGJHFn4KpragiYuUKIajUdzCcwpk8YY6g6WTGJbZFjhsrr5sEVqPPKfr7s78dMUTf4Sz33IVlhQxDCKwWrC%2B7Lj6%2BTe3hAqq7QqNS5Ii5SAHqCRUqBejISjEzUSvQyrZmPX8UKaWjK3cRyI0tQwObIAmAmde1ig7TYKWVmNCT1gC89PFSwhui4qF0C9b3FkCjNf47AQiTiNGG3oy%2BjwGw9UUNDLrhF7aA%3D%3D--gi6YyoJ29UvzeJ42--06K5%2FXYnPsnzRAnSoT0c2A%3D%3D; path=/; secure; HttpOnly
x-request-id: ed52c994-76e5-4b09-a177-23e9a6914b7a
x-runtime: 0.072028
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
X-Firefox-Spdy: h2
cdn1.dan.com/packs/js/runtime~public/product-2fe2dda32aa2d2a2aa67.js
143.204.55.93200 OK 786 B URL HTTP/2 cdn1.dan.com/packs/js/runtime~public/product-2fe2dda32aa2d2a2aa67.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (1516)
Hash 37935f037e803e39105049fb0adeb1d4
f0a909ba834ba0ede36be821631ed8146699c8cb
aae6afa879fa3810847400272ebe7786d3f2b2d1be87ef9d16a235f05797b3bf
GET /packs/js/runtime~public/product-2fe2dda32aa2d2a2aa67.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 786
server: openresty
date: Tue, 01 Nov 2022 11:05:04 GMT
last-modified: Tue, 01 Nov 2022 11:03:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uU2hC40j-t2eax653ni_J9acS97WZPRbqAZRHH4IgOS6-JMe1AN80g==
age: 2739247
X-Firefox-Spdy: h2
cdn1.dan.com/assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js
143.204.55.93200 OK 4.4 kB URL HTTP/2 cdn1.dan.com/assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (15400), with no line terminators
Hash de2f4a801d555fd16c042093f091acd4
86110e7d996ff7d52e1bbb9f0083f5369c965634
8d772411db1b7ce8f803656bdc1e7e0dfb299eb51371d957fe5ef8656a4819c6
GET /assets/public/i18n-bb2da241bfcbf784d15a84f03ef6ff7eef33b2c695b6821a6750b29c30faa75e.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 4434
server: openresty
date: Sat, 12 Nov 2022 03:32:31 GMT
last-modified: Thu, 09 Dec 2021 13:49:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 65PYUHu0SGPfSzB3Qvq_C4t_o_yjZbxDPJu0ABo6HhO8YQXPYI-BQw==
age: 1816000
X-Firefox-Spdy: h2
cdn1.dan.com/packs/js/public/fonts-dc8755cfa7d738ff9272.chunk.js
143.204.55.93200 OK 425 B URL HTTP/2 cdn1.dan.com/packs/js/public/fonts-dc8755cfa7d738ff9272.chunk.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (591)
Hash 3dd92657579fb4ef22a0502eb48543b1
6ee0af04b4f4ae96cddfe089c423fb8c849311b7
14cad7e04cdbb39145dc4708ea94a7550fda3d4421eedc5e2c0ff13dec7a61b9
GET /packs/js/public/fonts-dc8755cfa7d738ff9272.chunk.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 425
server: openresty
date: Fri, 11 Nov 2022 12:53:48 GMT
last-modified: Fri, 11 Nov 2022 12:52:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZtZbRMiWknQvmTRbV8wn4tkn100qEYXMD0xgfm0yue2r4KsdeBdIRQ==
age: 1868723
X-Firefox-Spdy: h2
cdn1.dan.com/assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js
143.204.55.93200 OK 982 B URL HTTP/2 cdn1.dan.com/assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (1896), with no line terminators
Hash 7e27a1f78cf2901cf631835d1abdd80d
2a470ea7454f0d0da5d3f8c22052f96fdf949eb4
1b1e6270bc0e76e8f70a5024015b12e3833db1d9a3d8252a343b57edd2efdf2f
GET /assets/vendor/svg4everybody-f514fdcad5509c1d8608ad8ed6b18dc17777e467f3c0ef19b6b8e44753b288be.js HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 982
server: openresty
date: Wed, 16 Nov 2022 01:55:36 GMT
last-modified: Thu, 09 Dec 2021 13:49:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6cQvFmwJCKSmCLfqal2AvMCrZtbF7u-tFmfr3TIaMcOlR17CMhdTbw==
age: 1476215
X-Firefox-Spdy: h2
cdn0.dan.com/packs/js/6-17cd7884e1fbb9bc9d21.chunk.js
143.204.55.93200 OK 65 kB URL HTTP/2 cdn0.dan.com/packs/js/6-17cd7884e1fbb9bc9d21.chunk.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 27e648758f2bca5f82c01704a02cb711
166c0f2e5b295e2f9e475f2c03923de511f83f2a
7e3c00bfc50b0666525c90c95e75f24db094b46ef147710d5b1016355259a311
GET /packs/js/6-17cd7884e1fbb9bc9d21.chunk.js HTTP/1.1
Host: cdn0.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 65352
server: openresty
date: Mon, 14 Nov 2022 13:26:19 GMT
last-modified: Mon, 14 Nov 2022 13:24:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xSbi_5XtXyLGsdsf3f2NBS0tZ8q8vypy53j696FAHNSLhAXvPnFwDg==
age: 1607572
X-Firefox-Spdy: h2
cdn0.dan.com/packs/js/runtime~public/shared-849f663fc27cc3b2248e.js
143.204.55.93200 OK 790 B URL HTTP/2 cdn0.dan.com/packs/js/runtime~public/shared-849f663fc27cc3b2248e.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (1516)
Hash 5ded16adb29a0b410ea4663d16d31c40
dee72581a73c3a15eaa55c2da69baf6920f67871
212fa11629c831197de8b65ec9632e120479f34eeff90626c7f9d9c9d423e247
GET /packs/js/runtime~public/shared-849f663fc27cc3b2248e.js HTTP/1.1
Host: cdn0.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 790
server: openresty
date: Wed, 09 Nov 2022 01:32:23 GMT
last-modified: Tue, 08 Nov 2022 17:04:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vuywAqUa8vA4RtRKqCJz_4v6Jqjb8O-2KbEe8IkkEXSFjTpVS-H9SQ==
age: 2082408
X-Firefox-Spdy: h2
cdn2.dan.com/packs/js/public/product-93565822ce0159cf7dd9.chunk.js
143.204.55.93200 OK 59 kB URL HTTP/2 cdn2.dan.com/packs/js/public/product-93565822ce0159cf7dd9.chunk.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d1d54d6a01808d4a9baf84d5b7c8e076
5d3b4a3a69e8ce2ff17e3ce0e148c0ea34747e16
87d2ad7a0c7c5b57f41dc78f89020d8c9078ae79d48d1e37de908432911905a0
GET /packs/js/public/product-93565822ce0159cf7dd9.chunk.js HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 58634
server: openresty
date: Wed, 30 Nov 2022 13:32:53 GMT
last-modified: Wed, 30 Nov 2022 13:31:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GhcIc0advlCO57nNVrc6HTCYnU58Aw9yqhE7o9ZVi55NwutSwvPI7Q==
age: 224778
X-Firefox-Spdy: h2
cdn2.dan.com/packs/js/7-660c862ac12bd06876b1.chunk.js
143.204.55.93200 OK 3.8 kB URL HTTP/2 cdn2.dan.com/packs/js/7-660c862ac12bd06876b1.chunk.js
IP 143.204.55.93:0
File type ASCII text, with very long lines (10731)
Hash a4e27dceae1246f8f488d2dea69f3417
e3d1a77f5e912f4523c4de215516e414e9bb73ca
1a56a0bc05884f824dc2a48dee55f5fe47eb8bf00e4586765c021e125f63eba1
GET /packs/js/7-660c862ac12bd06876b1.chunk.js HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 3847
server: openresty
date: Wed, 30 Nov 2022 13:32:53 GMT
last-modified: Wed, 30 Nov 2022 13:31:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9DymGm3dMd1efUDrXG_vjpIfOKCfheC5ePgl2bHCyiNPskaTZxgEIw==
age: 224778
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.dan.com/assets/logos/Main@2x-0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379.svg
143.204.55.93200 OK 12 kB URL HTTP/2 cdn2.dan.com/assets/logos/Main@2x-0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379.svg
IP 143.204.55.93:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4396)
Hash 386fcff0359a238feae3616089163f60
3861370145d1176cdbeb8d44c70638efd49507e7
0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379
GET /assets/logos/Main@2x-0d2a786abd69d2da0f8ab1f105c0da3b8e1baf5c46c13169d6aa5b4c5fea7379.svg HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 11658
server: openresty
date: Mon, 22 Aug 2022 01:42:32 GMT
last-modified: Mon, 18 Jul 2022 15:41:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M3QHn0qsgiPXf2_ajbj0iT702PIWptYRx-7O_6BwEgOHpnNO0zvgWQ==
age: 8907399
X-Firefox-Spdy: h2
cdn1.dan.com/assets/public/payment_logos-5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387.png
143.204.55.93200 OK 3.2 kB URL HTTP/2 cdn1.dan.com/assets/public/payment_logos-5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387.png
IP 143.204.55.93:0
File type PNG image data, 272 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 1a20ff7a7df04a852f968c5c988dd6fa
260328a70eeb31d942e6bf3afdc3ba0abf9534f7
5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387
GET /assets/public/payment_logos-5e4dce7612e404dab090fbee14ac1eddd1c710bfce7d22ee87411662934a7387.png HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3181
server: openresty
date: Sun, 28 Aug 2022 01:45:55 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IVnpyJ6ReePTeYvmRfW76aG5k0_S8L_WeWQq4u8bfJhHQbh55QP9dQ==
age: 8388796
X-Firefox-Spdy: h2
cdn2.dan.com/assets/public/benefits-protection-523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f.svg
143.204.55.93200 OK 4.3 kB URL HTTP/2 cdn2.dan.com/assets/public/benefits-protection-523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f.svg
IP 143.204.55.93:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (898)
Hash b4a9f0ba344eb285f99ea324daeab7d0
82020383fea04966c27241f53e7aad2a74eab53a
523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f
GET /assets/public/benefits-protection-523634d05d9535c060cf03d228ff4df6bc4e3a82547bb5320daf91df16d6352f.svg HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4277
server: openresty
date: Wed, 07 Sep 2022 02:34:32 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Dw1tTWy1yqA-pbObC8jGoKOF5izc7mDsk1RVq54KPahJ3azD39yA5A==
age: 7521879
X-Firefox-Spdy: h2
cdn1.dan.com/assets/public/benefits-transfers-374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606.svg
143.204.55.93200 OK 2.5 kB URL HTTP/2 cdn1.dan.com/assets/public/benefits-transfers-374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606.svg
IP 143.204.55.93:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2008)
Hash 60377485c532698023ddb3324aafaff7
9fa2b7b0ee6792bdf3641cb45446b6d72496de1a
374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606
GET /assets/public/benefits-transfers-374cef9ae50af8a199e7054cfe5092643d1c7659965fb9480022e0487d467606.svg HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2452
server: openresty
date: Sat, 05 Nov 2022 03:09:54 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KyjaiuSLGv1iDhWHORolZjrlu9A3lC25lAqK5x_nroO4UQXfXjHqlg==
age: 2422157
X-Firefox-Spdy: h2
cdn0.dan.com/assets/public/benefits-payments-fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851.svg
143.204.55.93200 OK 4.3 kB URL HTTP/2 cdn0.dan.com/assets/public/benefits-payments-fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851.svg
IP 143.204.55.93:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (633)
Hash 4663788bd6ea455409d8d873a1a67005
96bb83e405812d18655e9211ad390d0fbde6a7b1
fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851
GET /assets/public/benefits-payments-fcd4b0fd72963bb6eb6404128536393529f0f4f7b5be664067d679777011b851.svg HTTP/1.1
Host: cdn0.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3.dan.com/
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4341
server: openresty
date: Mon, 31 Oct 2022 09:35:37 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pkIfCCWuMP2E-LUCAE9Y19kbII22qtknhy_ggYfM5fUoxUxqSX_BSQ==
age: 2831014
X-Firefox-Spdy: h2
cdn3.dan.com/assets/GraphikDan-Semibold-Web-560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc.woff2
143.204.55.93200 OK 42 kB URL HTTP/2 cdn3.dan.com/assets/GraphikDan-Semibold-Web-560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc.woff2
IP 143.204.55.93:0
File type Web Open Font Format (Version 2), TrueType, length 42052, version 1.0\012- data
Hash 7d992431ee5e40d98d9ab99cb5cde954
3e82b380c81c2f83e143e4bb1a4437903c689f05
560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc
GET /assets/GraphikDan-Semibold-Web-560a9afe1c7efc78932e5a841e202476c7af320d0aec9d916cc2f065243cfcfc.woff2 HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn3.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 42052
server: openresty
date: Sun, 28 Aug 2022 13:39:13 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9xU4n-ypZpf-vLHrpBvPrrfVxvfgFlKQSMGigtOwYMqJsUGe3JSdEw==
age: 8345998
X-Firefox-Spdy: h2
cdn1.dan.com/assets/GraphikDan-Regular-Web-1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6.woff2
143.204.55.93200 OK 37 kB URL HTTP/2 cdn1.dan.com/assets/GraphikDan-Regular-Web-1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6.woff2
IP 143.204.55.93:0
File type Web Open Font Format (Version 2), TrueType, length 37172, version 1.0\012- data
Hash 6b2f88dd1fc37ad2228bc4b0e12bb011
088cd68a9ce402835ff00e8e2c8ef2ccf4081a3b
1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6
GET /assets/GraphikDan-Regular-Web-1b23e0d886e0602443c35df66f69cf1560710913bf88b512ed9cea147fccf0b6.woff2 HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn3.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 37172
server: openresty
date: Thu, 25 Aug 2022 03:15:09 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZC8JPU8DMflB28UfoVynYNs24jQl648XTdXoY7hPlOUqQDDT1RQb3A==
age: 8642642
X-Firefox-Spdy: h2
cdn2.dan.com/assets/GraphikDan-Bold-Web-11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a.woff2
143.204.55.93200 OK 39 kB URL HTTP/2 cdn2.dan.com/assets/GraphikDan-Bold-Web-11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a.woff2
IP 143.204.55.93:0
File type Web Open Font Format (Version 2), TrueType, length 38556, version 1.0\012- data
Hash 15e0a4e9b6fc2834eec6ccba1973aa45
080a7126b7fb4063ea36c06beca3ebfdc4cc63ef
11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a
GET /assets/GraphikDan-Bold-Web-11f7002d7b0e45f73367bf8e4f5763dc6a7f8f7d6be4f29f26650f13480a5f6a.woff2 HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn3.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 38556
server: openresty
date: Tue, 04 Oct 2022 23:13:23 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lDu1uyH_NnFGECJBvBZhOIi2Ebvm3uEyXmqftD61z_Jurh3jqp6j7w==
age: 5114748
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-SXRF&l=_gaDataLayer
142.250.74.40200 OK 39 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-SXRF&l=_gaDataLayer
IP 142.250.74.40:0
File type ASCII text, with very long lines (3336)
Hash c7fadeb90e74db8ceb642f457fd4335a
276ad4ca5aa0716f31969d879a60881f01ebfd10
eece3529335bb8cac4e7979279bb5b83fb17e747cb8afde5c915be2b5c4f6eb9
GET /gtm.js?id=GTM-SXRF&l=_gaDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 03:59:11 GMT
expires: Sat, 03 Dec 2022 03:59:11 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39167
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn2.dan.com/assets/GraphikDan-Medium-Web-cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3.woff2
143.204.55.93200 OK 36 kB URL HTTP/2 cdn2.dan.com/assets/GraphikDan-Medium-Web-cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3.woff2
IP 143.204.55.93:0
File type Web Open Font Format (Version 2), TrueType, length 36308, version 1.0\012- data
Hash 47f09a78e5d17d771fb06bc91e174499
b335fe0226d224782678ff7bea49773993e6f052
cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3
GET /assets/GraphikDan-Medium-Web-cf2e4f4feea57b2fb89e83ed56fc49bc0bf21a4f1fa20afe2e83d745c8890fc3.woff2 HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn3.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 36308
server: openresty
date: Sat, 01 Oct 2022 04:00:17 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2F71BuxNaNZpjNLzB6puDeapyZ0qEyhQvGj9bggthhInJFBx5bAY6Q==
age: 5443134
X-Firefox-Spdy: h2
cdn1.dan.com/assets/GraphikDan-Light-Web-683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e.woff2
143.204.55.93200 OK 34 kB URL HTTP/2 cdn1.dan.com/assets/GraphikDan-Light-Web-683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e.woff2
IP 143.204.55.93:0
File type Web Open Font Format (Version 2), TrueType, length 34092, version 1.0\012- data
Hash 9e90e7eccd164bdeee5ae1e9331316d5
4a8c44ec681947f676ee97f33aab743a079eff7b
683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e
GET /assets/GraphikDan-Light-Web-683068589a2fceaee125c3a3fd83a27a28f90ce37c099777eb89a4629d9fad3e.woff2 HTTP/1.1
Host: cdn1.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dan.com
Connection: keep-alive
Referer: https://cdn3.dan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff2
content-length: 34092
server: openresty
date: Sun, 02 Oct 2022 02:47:45 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dvHTFWScky57g6KYcnExzXEu0-NqH2Phxue8e1bE695VewC4DsUeFQ==
age: 5361086
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.dan.com/assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png
143.204.55.93200 OK 3.1 kB URL HTTP/2 cdn2.dan.com/assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png
IP 143.204.55.93:0
File type PNG image data, 152 x 152, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c59777f5725af9a1d2d9153da1d7176
bc06fbcbf2170fe049279b7a1b6003eef8d6986a
56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290
GET /assets/icons/touch-icon-ipad-retina-56a8f2519ed554a55e6084d77c1ab7ef3511f8ed5e7877db50a9865621a79290.png HTTP/1.1
Host: cdn2.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3054
server: openresty
date: Tue, 06 Sep 2022 00:23:51 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zPxVvPhLyeu5YKmV9bY7MHpDRra1otvaR8rt6simr1EmksHb2ty6mA==
age: 7616120
X-Firefox-Spdy: h2
cdn3.dan.com/assets/icons/favicon-17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f.ico
143.204.55.93200 OK 15 kB URL HTTP/2 cdn3.dan.com/assets/icons/favicon-17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f.ico
IP 143.204.55.93:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 91b5b75e4f52df43982200873c1feef6
8a01193959229d10a361d4965e305490544c428c
17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f
GET /assets/icons/favicon-17cae8213bf0fbeae27b644f0616b74981f348af943f27b73abf8e7b3a557b8f.ico HTTP/1.1
Host: cdn3.dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 15406
server: openresty
date: Fri, 02 Sep 2022 02:50:15 GMT
last-modified: Thu, 29 Jul 2021 09:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Rr_1Ic2qDPL7AsCYShc3I6ublKApoI17UUrvkOGqJ-1-MTWwxE-5rw==
age: 7952936
X-Firefox-Spdy: h2
d1lr4y73neawid.cloudfront.net/clients/pictures/000/012/546/thumb/789.png?1633982593
54.230.245.229200 OK 4.3 kB URL HTTP/2 d1lr4y73neawid.cloudfront.net/clients/pictures/000/012/546/thumb/789.png?1633982593
IP 54.230.245.229:0
File type PNG image data, 100 x 97, 8-bit/color RGBA, non-interlaced\012- data
Hash 789c528463dd081487fe3ce90c72ad01
5245906359641ca7cf89b43f694d176a0f4902e7
baebdfbff4a93b9f82000a42da824d8102173ea67d6c8683bde8973461d52b82
GET /clients/pictures/000/012/546/thumb/789.png?1633982593 HTTP/1.1
Host: d1lr4y73neawid.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 4278
date: Fri, 02 Dec 2022 22:05:03 GMT
last-modified: Mon, 11 Oct 2021 20:03:14 GMT
etag: "789c528463dd081487fe3ce90c72ad01"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bvrlgzv5anYlw3F7j5QxZXArw6VMAm6OLl7q74WETvC3s4Aybxhy9A==
age: 21249
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 03 Dec 2022 02:46:55 GMT
expires: Sat, 03 Dec 2022 04:46:55 GMT
cache-control: public, max-age=7200
age: 4336
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=739951943&t=event&ni=1&_s=2&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&dr=https%3A%2F%2Fsafexpress.xyz%2F&ul=en-us&de=UTF-8&dt=The%20domain%20name%20SafExpress.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Domain%20Negotiation&ea=00%20-%20Domain%20Detail%20Page%20-%20Viewed&el=&ev=0&_u=YCDAgEABAAAAAEAAI~&jid=&gjid=&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=551397498.1670039950&z=773288313
142.250.74.46200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=739951943&t=event&ni=1&_s=2&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&dr=https%3A%2F%2Fsafexpress.xyz%2F&ul=en-us&de=UTF-8&dt=The%20domain%20name%20SafExpress.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Domain%20Negotiation&ea=00%20-%20Domain%20Detail%20Page%20-%20Viewed&el=&ev=0&_u=YCDAgEABAAAAAEAAI~&jid=&gjid=&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=551397498.1670039950&z=773288313
IP 142.250.74.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j98&aip=1&a=739951943&t=event&ni=1&_s=2&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&dr=https%3A%2F%2Fsafexpress.xyz%2F&ul=en-us&de=UTF-8&dt=The%20domain%20name%20SafExpress.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Domain%20Negotiation&ea=00%20-%20Domain%20Detail%20Page%20-%20Viewed&el=&ev=0&_u=YCDAgEABAAAAAEAAI~&jid=&gjid=&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=551397498.1670039950&z=773288313 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Fri, 02 Dec 2022 21:14:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 24298
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=739951943&t=pageview&_s=1&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&dr=https%3A%2F%2Fsafexpress.xyz%2F&dp=%2Fbuy-domain%2FSafExpress.xyz&ul=en-us&de=UTF-8&dt=The%20domain%20name%20SafExpress.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDAgEABAAAAAAAAI~&jid=34358707&gjid=961921500&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=551397498.1670039950&z=748157991
142.250.74.46200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=739951943&t=pageview&_s=1&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&dr=https%3A%2F%2Fsafexpress.xyz%2F&dp=%2Fbuy-domain%2FSafExpress.xyz&ul=en-us&de=UTF-8&dt=The%20domain%20name%20SafExpress.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDAgEABAAAAAAAAI~&jid=34358707&gjid=961921500&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=551397498.1670039950&z=748157991
IP 142.250.74.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j98&aip=1&a=739951943&t=pageview&_s=1&dl=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&dr=https%3A%2F%2Fsafexpress.xyz%2F&dp=%2Fbuy-domain%2FSafExpress.xyz&ul=en-us&de=UTF-8&dt=The%20domain%20name%20SafExpress.xyz%20is%20for%20sale%20%7C%20Dan.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDAgEABAAAAAAAAI~&jid=34358707&gjid=961921500&cid=1015506207.1652829834&tid=UA-47793354-2&_gid=551397498.1670039950&z=748157991 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Fri, 02 Dec 2022 21:14:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 24298
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2431
Expires: Sat, 03 Dec 2022 04:39:42 GMT
Date: Sat, 03 Dec 2022 03:59:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2431
Expires: Sat, 03 Dec 2022 04:39:42 GMT
Date: Sat, 03 Dec 2022 03:59:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2431
Expires: Sat, 03 Dec 2022 04:39:42 GMT
Date: Sat, 03 Dec 2022 03:59:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2431
Expires: Sat, 03 Dec 2022 04:39:42 GMT
Date: Sat, 03 Dec 2022 03:59:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbee75c6c314655f738b57b828bef016
bb36d39c7adf764e8a7dcf7f91125001623975b4
fd40949b9711db01be746d1723f78c2bb04d356063c6249b8b5ae1470532367a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10877
x-amzn-requestid: bebc4f7f-7349-4973-99f5-d6c3b8a27072
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1G2uIAMFryg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-0637a1a946db78074bc19dc3;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WKEeqfEv-NjZr_39K27vuE9FrqYcJCI5oQk0_JIl_HuO3iA0f57_vw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "bb36d39c7adf764e8a7dcf7f91125001623975b4"
content-type: image/jpeg
age: 22184
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2431
Expires: Sat, 03 Dec 2022 04:39:42 GMT
Date: Sat, 03 Dec 2022 03:59:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ffa12df550123f63b20f67437cd8a04
398fd2d837c73f54c4591b69cd683f29bdf9184a
fd9ac4396488098923c27531295e64475047dd008a901e59915109a73a69f305
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6119
x-amzn-requestid: cac5842e-2b57-4eda-9b09-27ec8a0b1bf8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMiE7Hq0oAMFzHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381b085-151f123551f999a918de8a3a;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 06:21:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mrS561ug59NStQyD3cH4ndqGvY3QiLVeMFOoC86ktj52PghNjeYa5w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 20:55:39 GMT
age: 25412
etag: "398fd2d837c73f54c4591b69cd683f29bdf9184a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 23:43:28 GMT
age: 15343
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94556ef834fbd97092ea3e546fece90d
3f75442d8577c6272b9a3fdf2c5d1305c5e02703
0e49c3b246f4f999404e408e5326c636584f18ddaeec4ff50ffdd74ad48b9dd3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F690354e1-4f19-43a3-a840-dac23e2cbe16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10454
x-amzn-requestid: 3c95e941-d127-43a5-a338-7fff4e751367
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPfcG82IAMF2JA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f95-4dde51fa769890d057216cfa;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9SmDwSJvrZtLjFHfJaAyU400NiFVaBvpQhBGte0ghHYwc2UGj-rT6g==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 08:46:19 GMT
age: 69172
etag: "3f75442d8577c6272b9a3fdf2c5d1305c5e02703"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash becc8cdba57494c6fe212eb67634e1eb
c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8
fbb25b88b10a818bb0c6ad385b1e5ba54b87672c73bfa8a9c1ecb17dcc689d5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11942
x-amzn-requestid: ba8a5d03-7796-4c6d-a6df-3cc71b1c5259
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: chqukGmWoAMFtLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a24c3-609dc90d769060d30a16e3df;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 16:16:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m6j_3bDGFIAHQYzrZ1zXqUb-HbEJ8XCoGH5mgBFOWRbLzoSiuNBnhg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:59:25 GMT
age: 21586
etag: "c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&gjid=961921500&_gid=551397498.1670039950&_u=YCDAgEABAAAAAEAAI~&z=1915156602
108.177.14.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&gjid=961921500&_gid=551397498.1670039950&_u=YCDAgEABAAAAAEAAI~&z=1915156602
IP 108.177.14.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&gjid=961921500&_gid=551397498.1670039950&_u=YCDAgEABAAAAAEAAI~&z=1915156602 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://dan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://dan.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Dec 2022 03:59:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/0bd7e7814002fbb87e2a508205f02600/tcc.min.js
95.101.10.129200 OK 26 kB URL HTTP/2 img6.wsimg.com/wrhs/0bd7e7814002fbb87e2a508205f02600/tcc.min.js
IP 95.101.10.129:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1b35ac89aa280157745cc3b566070fa3
8ae3305e9d1e5e2e7258a48557a15e1e2fc636ad
fe1df342da34e32551cff1e667de4b39d9cca5c022c92a9ade464949558a740d
GET /wrhs/0bd7e7814002fbb87e2a508205f02600/tcc.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "0bd7e7814002fbb87e2a508205f02600"
last-modified: Thu, 01 Dec 2022 16:44:00 GMT
vary: Accept-Encoding
x-amz-id-2: PpHUH6LOgBrEbknCqxTTVhP6ob+Rb+6fNWeuOpbvf/PRd8WlJeSn+8kgwfWK3xDAWj0w5wm/QX0=
x-amz-request-id: 05Y6FBB0K3S54JG8
x-amz-server-side-encryption: AES256
x-amz-version-id: TxSv3j0ESygXAmch._bj0eAa2T9J5IsX
content-length: 26451
cache-control: max-age=31536000
date: Sat, 03 Dec 2022 03:59:11 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
widget.intercom.io/widget/e2frgfyw
143.204.237.85200 OK 6.2 kB URL HTTP/2 widget.intercom.io/widget/e2frgfyw
IP 143.204.237.85:0
File type Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Hash c09ae91e2dcfb777d597f4dedc79710f
d344e323099e3cb698054abbf16d65fc2649eaeb
2fc33c960726f83f005d0990df446e45120785f0b57565cd27799e17ce903204
GET /widget/e2frgfyw HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6169
last-modified: Fri, 02 Dec 2022 13:52:24 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: d_IbJEDUE2FVwmaU2TO8SWvN318LPCj2
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 03:46:35 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "c09ae91e2dcfb777d597f4dedc79710f"
x-cache: Error from cloudfront
via: 1.1 e5f9cea29f02f6a9a9b4da9c89f48d00.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: uaK55y3qHDYmoWJ5R04Z2gvYhYOoZEXmLafQg-ohi3O6nDw3o1PpFA==
age: 840
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
95.101.10.129200 OK 7.5 kB URL HTTP/2 img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
IP 95.101.10.129:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (24676)
Hash b8a5a228a358454084c34dd1cf431c61
37aa5fe6e083b8147156ca66a1993a7bd74e8a61
06fae5ccf58a27a8e2ae6a0e7722f42db507c1873751f587cddd090810d94492
GET /wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "ce554d2333f3801abafb32da18213ff7"
last-modified: Wed, 16 Jun 2021 22:03:01 GMT
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 3
x-edgeconnect-origin-mex-latency: 654
x-amz-id-2: Bt3x3iTv8Fk+aaaS+GUkBMe+ASr0HEMDh339t8gjL9ozG+jBiKIjzxbTtgmm6ZRh5XVuxORtokQ=
x-amz-request-id: XNK8Z8KQATPTCZRH
x-amz-server-side-encryption: AES256
x-amz-version-id: F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-length: 7498
x-edgeconnect-cache-status: 1
cache-control: max-age=31536000
date: Sat, 03 Dec 2022 03:59:12 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
js.intercomcdn.com/vendor.938ae274.js
54.230.111.84200 OK 108 kB URL HTTP/2 js.intercomcdn.com/vendor.938ae274.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (65431)
Size 108 kB (108202 bytes)
Hash b7988c135790ccd3f4d341afb68cca5b
0385874ae2b2bb0020ba46b45c7bab2142302ff7
1956f01618e3481ef2bf085d8e332eb54ee20ec239a419a9ff9194a354e90adf
GET /vendor.938ae274.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108202
last-modified: Thu, 01 Dec 2022 15:09:17 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: tyzNczSTUeCL7.nKG3IX3S.1ZBSF0MXp
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 03:10:55 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "b7988c135790ccd3f4d341afb68cca5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: sT20zqG99-HZpqfB3bqUBzVNkhtkaPuBVav7sgFZbhabAaT3yWNfeQ==
age: 2897
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 585e7e56aed6b2f2f5e658f46bb791c4
34b768eb68f6cb850ff984fd687096e089649523
5412ba902e667571b0bbb3879ba6b9ad39501abce59381e84e6aa09779e7198b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6416
x-amzn-requestid: f5456dd6-8459-4a19-a9b5-b7b567fceb01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cik2pG5aoAMFrVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a81c3-0923232b35133f471332062b;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 22:52:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BcPHhLbQww4yB62w_Sijc6jSoM9okXUlZhMmjri_4thEEniDgcdGuQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:57:10 GMT
etag: "34b768eb68f6cb850ff984fd687096e089649523"
content-type: image/jpeg
age: 121
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&_u=YCDAgEABAAAAAEAAI~&z=1732579131
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&_u=YCDAgEABAAAAAEAAI~&z=1732579131
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&_u=YCDAgEABAAAAAEAAI~&z=1732579131 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 03:59:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&_u=YCDAgEABAAAAAEAAI~&z=1732579131
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&_u=YCDAgEABAAAAAEAAI~&z=1732579131
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-47793354-2&cid=1015506207.1652829834&jid=34358707&_u=YCDAgEABAAAAAEAAI~&z=1732579131 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 03:59:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 2bbe46fa69c17bc5e3500bf9ffa148a5
a4d9195bdf52bc00e934fdff7ccd1552e0cbafae
f2ebec6ae0f33d289de0d86468f249fdc39bf2c8f44a2eb14de1fa2231ca5476
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=137444
Date: Sat, 03 Dec 2022 03:59:12 GMT
Etag: "638a26df-1d7"
Expires: Sun, 04 Dec 2022 18:09:56 GMT
Last-Modified: Fri, 02 Dec 2022 16:25:03 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Q4cwAhCBHOeGx18xY7ecifEbr6ow924uDgs_flr6hNM651e_MwT8QA==
Age: 6293
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 03:59:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1c30f6c1039e48267b51395e9cc95cd2
4e936f935a921b0e1ed9c5594346db864c008b32
63d4a4d1faff59ad6b08f04c1627a9bbaccc19a6ccf2dc0c0e2c7eba4c66573b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120882
Date: Sat, 03 Dec 2022 03:59:12 GMT
Etag: "6389e643-1d7"
Expires: Sun, 04 Dec 2022 13:33:54 GMT
Last-Modified: Fri, 02 Dec 2022 11:49:23 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZgujmZWeNmQdCDZPnMTYQvMdTPAewvoyu3LAVQJ65TLxhqhnlU4EWA==
Age: 6271
events.api.secureserver.net/image.aspx?referrer=https%3A%2F%2Fsafexpress.xyz%2F&trace_id=00b98c789a82577d96a336bc0b284b4f×tamp=1670039950030&corrid=710629098&vs=visible&rand=1903890953&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=2f63b0ae-a86d-58e1-8575-bc97d1c6e3d5&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none
95.101.10.130302 Found 0 B URL HTTP/2 events.api.secureserver.net/image.aspx?referrer=https%3A%2F%2Fsafexpress.xyz%2F&trace_id=00b98c789a82577d96a336bc0b284b4f×tamp=1670039950030&corrid=710629098&vs=visible&rand=1903890953&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=2f63b0ae-a86d-58e1-8575-bc97d1c6e3d5&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none
IP 95.101.10.130:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image.aspx?referrer=https%3A%2F%2Fsafexpress.xyz%2F&trace_id=00b98c789a82577d96a336bc0b284b4f×tamp=1670039950030&corrid=710629098&vs=visible&rand=1903890953&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=2f63b0ae-a86d-58e1-8575-bc97d1c6e3d5&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Origin: https://dan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
access-control-allow-origin: https://dan.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
location: https://events.api.secureserver.net/image.aspx?referrer=https%3A%2F%2Fsafexpress.xyz%2F&trace_id=00b98c789a82577d96a336bc0b284b4f×tamp=1670039950030&corrid=710629098&vs=visible&rand=1903890953&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=2f63b0ae-a86d-58e1-8575-bc97d1c6e3d5&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none&CookieTest=1
date: Sat, 03 Dec 2022 03:59:12 GMT
set-cookie: traffic=; domain=.secureserver.net; path=/;
X-Firefox-Spdy: h2
events.api.secureserver.net/b.aspx?timestamp=1670039950039&corrid=710629098&referrer=https%3A%2F%2Fsafexpress.xyz%2F&vs=visible&rand=363794553&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.log&eventdate=2022-12-03T03%3A59%3A10.040Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1670039949231&connectStart=1670039949170&domComplete=1670039949853&domContentLoadedEventEnd=1670039949753&domContentLoadedEventStart=1670039949752&domInteractive=1670039949734&domLoading=1670039949362&domainLookupEnd=1670039949169&domainLookupStart=1670039949136&fetchStart=1670039949115&navigationStart=1670039949114&requestStart=1670039949231&responseEnd=1670039949359&responseStart=1670039949358&loadEventStart=1670039949853&loadEventEnd=1670039949854&transferSize=14807&encodedBodySize=13416&decodedBodySize=46681&navigationType=navigate&fcp=556&hit_id=9525587b-679a-5495-ba90-0217c04f4b2c&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none&trace_id=00b98c789a82577d96a336bc0b284b4f
95.101.10.130200 OK 43 B URL HTTP/2 events.api.secureserver.net/b.aspx?timestamp=1670039950039&corrid=710629098&referrer=https%3A%2F%2Fsafexpress.xyz%2F&vs=visible&rand=363794553&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.log&eventdate=2022-12-03T03%3A59%3A10.040Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1670039949231&connectStart=1670039949170&domComplete=1670039949853&domContentLoadedEventEnd=1670039949753&domContentLoadedEventStart=1670039949752&domInteractive=1670039949734&domLoading=1670039949362&domainLookupEnd=1670039949169&domainLookupStart=1670039949136&fetchStart=1670039949115&navigationStart=1670039949114&requestStart=1670039949231&responseEnd=1670039949359&responseStart=1670039949358&loadEventStart=1670039949853&loadEventEnd=1670039949854&transferSize=14807&encodedBodySize=13416&decodedBodySize=46681&navigationType=navigate&fcp=556&hit_id=9525587b-679a-5495-ba90-0217c04f4b2c&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none&trace_id=00b98c789a82577d96a336bc0b284b4f
IP 95.101.10.130:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /b.aspx?timestamp=1670039950039&corrid=710629098&referrer=https%3A%2F%2Fsafexpress.xyz%2F&vs=visible&rand=363794553&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.log&eventdate=2022-12-03T03%3A59%3A10.040Z&eventtype=pageperf&nav_type=hard&tccin=auto&connectEnd=1670039949231&connectStart=1670039949170&domComplete=1670039949853&domContentLoadedEventEnd=1670039949753&domContentLoadedEventStart=1670039949752&domInteractive=1670039949734&domLoading=1670039949362&domainLookupEnd=1670039949169&domainLookupStart=1670039949136&fetchStart=1670039949115&navigationStart=1670039949114&requestStart=1670039949231&responseEnd=1670039949359&responseStart=1670039949358&loadEventStart=1670039949853&loadEventEnd=1670039949854&transferSize=14807&encodedBodySize=13416&decodedBodySize=46681&navigationType=navigate&fcp=556&hit_id=9525587b-679a-5495-ba90-0217c04f4b2c&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none&trace_id=00b98c789a82577d96a336bc0b284b4f HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Origin: https://dan.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://dan.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Sat, 03 Dec 2022 03:59:12 GMT
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=gpl/main/202201190854&nocookie=1
2.18.173.203200 OK 2 B URL HTTP/2 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=gpl/main/202201190854&nocookie=1
IP 2.18.173.203:0
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=gpl/main/202201190854&nocookie=1 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
content-length: 2
unused62: 8096267
cache-control: max-age=600
expires: Sat, 03 Dec 2022 04:09:12 GMT
date: Sat, 03 Dec 2022 03:59:12 GMT
X-Firefox-Spdy: h2
events.api.secureserver.net/image.aspx?referrer=https%3A%2F%2Fsafexpress.xyz%2F&trace_id=00b98c789a82577d96a336bc0b284b4f×tamp=1670039950030&corrid=710629098&vs=visible&rand=1903890953&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=2f63b0ae-a86d-58e1-8575-bc97d1c6e3d5&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none&CookieTest=1
95.101.10.130200 OK 43 B URL HTTP/2 events.api.secureserver.net/image.aspx?referrer=https%3A%2F%2Fsafexpress.xyz%2F&trace_id=00b98c789a82577d96a336bc0b284b4f×tamp=1670039950030&corrid=710629098&vs=visible&rand=1903890953&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=2f63b0ae-a86d-58e1-8575-bc97d1c6e3d5&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none&CookieTest=1
IP 95.101.10.130:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /image.aspx?referrer=https%3A%2F%2Fsafexpress.xyz%2F&trace_id=00b98c789a82577d96a336bc0b284b4f×tamp=1670039950030&corrid=710629098&vs=visible&rand=1903890953&sitename=dan.com&page=%2Fbuy-domain%2FSafExpress.xyz&location=https%3A%2F%2Fdan.com%2Fbuy-domain%2FSafExpress.xyz&agent=false&delegated=false&salessite=false&event=gtm.load&app=dan&loadSource=gtm&page_level_properties=loadSource&event_type=page.request&hw=3&browx=1280&browy=939&resx=1280&resy=1024&cdepth=24&hit_id=2f63b0ae-a86d-58e1-8575-bc97d1c6e3d5&visitor_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&visit_guid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&page_count=1&has_consent=0&cv=3.29.0&client_name=tcc&same_site=none&CookieTest=1 HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dan.com
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: https://dan.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Sat, 03 Dec 2022 03:59:12 GMT
X-Firefox-Spdy: h2
nexus-websocket-a.intercom.io/pubsub/5-fn2ToC45Ip8WMiiSh11iVjgLrmaPX89yHZq3cey2F4CdoF2S3Wxm-Ctvpq1EZnLTXksYKMatzHoprwALXuMatMxceUNkxZqnhq-H?c=1&X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
35.174.127.31101 Switching Protocols 0 B URL HTTP/1.1 nexus-websocket-a.intercom.io/pubsub/5-fn2ToC45Ip8WMiiSh11iVjgLrmaPX89yHZq3cey2F4CdoF2S3Wxm-Ctvpq1EZnLTXksYKMatzHoprwALXuMatMxceUNkxZqnhq-H?c=1&X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
IP 35.174.127.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pubsub/5-fn2ToC45Ip8WMiiSh11iVjgLrmaPX89yHZq3cey2F4CdoF2S3Wxm-Ctvpq1EZnLTXksYKMatzHoprwALXuMatMxceUNkxZqnhq-H?c=1&X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://dan.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: J9Zdt2GNZ7ALeweVVNeq4Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Sat, 03 Dec 2022 03:59:13 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JII8r5EpiCJfdlJIR9erl5JHqfE=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover
safexpress.xyz/
172.67.195.190200 OK 0 B IP 172.67.195.190:0
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: safexpress.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 03 Dec 2022 03:59:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNXGdTtR7HFbxF%2Bq%2F3%2BpIFQpDtvKuSlkRD3AknWKX4GwEFryBcBL8FtF5FWBcD%2FDQZjQr0%2FvG12ewhyjtQms3k3KoVcUbN5Kp0dkrXn7kcrF8U3UDSzO5KNcHkx0tH5RQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773963572bacb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dan.com/packs/spritemap.svg
3.70.113.20200 OK 0 B URL HTTP/2 dan.com/packs/spritemap.svg
IP 3.70.113.20:0
GET /packs/spritemap.svg HTTP/1.1
Host: dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/buy-domain/SafExpress.xyz
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0; bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=8pqtSjK4sZPwhXPfh1lZOyCmlT7t8SV%2FDgrBANCX0yEzt53oKBlXKQn%2FpmRfljHXvHLkZ8968q9C6Ak7nbaNnDu6npA5CZdoK8a3lOCcXTb00PwiKyiaXW77JGxU75K%2FdFj6VUssS8hssRXNR%2BHP6%2BfqWS6c8rJhDPPvgxQzqCg6IEit1rdpBeexX2gmcDs7WCt%2F0SalQ55XTccdJ%2BHz6a7Rt%2BczqhV7YBqm7y7sND4HhnVDO1csHTGJHFn4KpragiYuUKIajUdzCcwpk8YY6g6WTGJbZFjhsrr5sEVqPPKfr7s78dMUTf4Sz33IVlhQxDCKwWrC%2B7Lj6%2BTe3hAqq7QqNS5Ii5SAHqCRUqBejISjEzUSvQyrZmPX8UKaWjK3cRyI0tQwObIAmAmde1ig7TYKWVmNCT1gC89PFSwhui4qF0C9b3FkCjNf47AQiTiNGG3oy%2BjwGw9UUNDLrhF7aA%3D%3D--gi6YyoJ29UvzeJ42--06K5%2FXYnPsnzRAnSoT0c2A%3D%3D; time_zone_offset=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 03 Dec 2022 03:59:11 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 02 Dec 2022 15:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
js.intercomcdn.com/frame.369c9ae4.js
54.230.111.84200 OK 0 B URL HTTP/2 js.intercomcdn.com/frame.369c9ae4.js
IP 54.230.111.84:0
GET /frame.369c9ae4.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 138356
last-modified: Fri, 02 Dec 2022 13:50:53 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: DHm_4aT7Sj3vHeacrpdQ2rEImbnQ7YzP
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Dec 2022 03:52:28 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "d11253baa33f7f10ed37abcb98047875"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: _UYLvR2HMb7zQNeVRkf6lL3Pv_hT0eEVXl9BeuP3mSiycT_ORyWXsA==
age: 404
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/gpl/main/prod/utag.js
2.18.173.203200 OK 0 B URL HTTP/2 tags.tiqcdn.com/utag/gpl/main/prod/utag.js
IP 2.18.173.203:0
GET /utag/gpl/main/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "439c93448d07863f01b4baa0db40ee45:1642582496.491697"
last-modified: Wed, 19 Jan 2022 08:54:56 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sat, 03 Dec 2022 04:04:12 GMT
date: Sat, 03 Dec 2022 03:59:12 GMT
X-Firefox-Spdy: h2
dan.com/domain_views
3.70.113.20200 OK 0 B IP 3.70.113.20:0
POST /domain_views HTTP/1.1
Host: dan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dan.com/buy-domain/SafExpress.xyz
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 140
Origin: https://dan.com
Connection: keep-alive
Cookie: _ga=GA1.2.1015506207.1652829834; intercom-id-e2frgfyw=a8a6e11a-4b8f-4662-8c3c-48752c6af55a; _ga_MEVZPVX8WY=GS1.1.1653978938.1.1.1653979303.39; _ga_WXD346M1LN=GS1.1.1654106413.1.0.1654106421.0; _ga_H4YBREXJT6=GS1.1.1654382557.1.0.1654382563.0; bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=8pqtSjK4sZPwhXPfh1lZOyCmlT7t8SV%2FDgrBANCX0yEzt53oKBlXKQn%2FpmRfljHXvHLkZ8968q9C6Ak7nbaNnDu6npA5CZdoK8a3lOCcXTb00PwiKyiaXW77JGxU75K%2FdFj6VUssS8hssRXNR%2BHP6%2BfqWS6c8rJhDPPvgxQzqCg6IEit1rdpBeexX2gmcDs7WCt%2F0SalQ55XTccdJ%2BHz6a7Rt%2BczqhV7YBqm7y7sND4HhnVDO1csHTGJHFn4KpragiYuUKIajUdzCcwpk8YY6g6WTGJbZFjhsrr5sEVqPPKfr7s78dMUTf4Sz33IVlhQxDCKwWrC%2B7Lj6%2BTe3hAqq7QqNS5Ii5SAHqCRUqBejISjEzUSvQyrZmPX8UKaWjK3cRyI0tQwObIAmAmde1ig7TYKWVmNCT1gC89PFSwhui4qF0C9b3FkCjNf47AQiTiNGG3oy%2BjwGw9UUNDLrhF7aA%3D%3D--gi6YyoJ29UvzeJ42--06K5%2FXYnPsnzRAnSoT0c2A%3D%3D; time_zone_offset=0; _gid=GA1.2.551397498.1670039950; _gat=1; traffic=; _policy=%7B%22restricted_market%22:true,%22tracking_market%22:%22explicit%22%7D; pathway=82d45c0d-5378-5c54-865b-ee8fb7a33dfb; fb_sessiontraffic=C_TOUCH=2022-12-03T03:59:10.030Z&pathway=82d45c0d-5378-5c54-865b-ee8fb7a33dfb&V_DATE=2022-12-03T03:59:10.028Z&pc=1; visitor=vid=82d45c0d-5378-5c54-865b-ee8fb7a33dfb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Sat, 03 Dec 2022 03:59:12 GMT
content-type: text/html
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
set-cookie: bc9bd58fe1b6ef954d6d794db6d30e25e8ff50634d24346cf8006ef422e3c05c6e48b07678e34d08c97ad3f91012c80ac690b50f51fbd49b16e301de58d9c5ca=rwGEf3KOBuipC3pBVNn7%2FXQRbPllC8TOR1chwhywwkiDCEpSstjRSKp%2BEGS7vEvzojC9Y02GVYIvNaiW4aOy27N%2FB3Wf6go19UvGp2RpoPNCJwxg65%2FCo%2Fni%2BegEIIKCrXZV3gRLWd4oOoy%2FFgM8v6CH1vbKqNnqJBb41sKvu5vm8lKbStnoADWwgWcthCEuBNZRGJE4pbNeeMI7eCyHK3npkFvrewSejVsF5SQYxxLfj50powH8rqBIcY1izqtrlUExj2di%2FnRMsFpjHwJ%2F9QkGbJMmbq%2FrTmnVPrJr%2F8NhzRpjF2s8jgtkGyHAGAlyDKko%2BY3XjO4pjMYkIrcv9%2F0qrGHlZvf61kg2xEshm3ZQnP9wk0uo%2ByLdXjW42pTOWTcMLIoFHDT24LL9LDp9caM9ICfEBmu19XnTU6GIbo2lQxrsMCgQLOaztSvNtHCKIaO9Pd9x%2F9f86oRWrrzPFhXyH1CTmmiGWyKnojU8Ii%2Fqk6O1W0B%2FGeL%2Bx%2FzFy02fPcwrwKhtCEw2qCnc--VWcM%2FBgUW1WZVt7H--fI%2BlIODYFi9fOCIXkoqyAA%3D%3D; path=/; secure; HttpOnly
x-request-id: 0d77bfcc-9ef9-4ba3-91ed-3b147e3d33e8
x-runtime: 0.012418
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
X-Firefox-Spdy: h2
api-iam.intercom.io/messenger/web/ping
52.20.196.176200 OK 0 B URL HTTP/2 api-iam.intercom.io/messenger/web/ping
IP 52.20.196.176:0
POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 511
Origin: https://dan.com
Connection: keep-alive
Referer: https://dan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 03:59:12 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1670039960
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13319
access-control-allow-origin: https://dan.com
vary: Accept,Accept-Encoding
x-intercom-version: 59933413683577c3bea1b8fcabfd7f09460f2e4a
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 000a3l56js15ad1cs4ag
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"3e1a61f18c1f7011e430a41434a2ae3f"
x-runtime: 0.255750
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-0e0148d2928d0c348
X-Firefox-Spdy: h2