is.gd/T8Yv9y
104.25.234.53301 Moved Permanently 0 B IP 104.25.234.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /T8Yv9y HTTP/1.1
Host: is.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 09:31:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 08 Dec 2022 10:31:37 GMT
Location: https://is.gd/T8Yv9y
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77647d38c845fac0-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16474
Expires: Thu, 08 Dec 2022 14:06:11 GMT
Date: Thu, 08 Dec 2022 09:31:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5364
Expires: Thu, 08 Dec 2022 11:01:01 GMT
Date: Thu, 08 Dec 2022 09:31:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 09:08:11 GMT
content-type: application/json
age: 1407
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2883
Expires: Thu, 08 Dec 2022 10:19:41 GMT
Date: Thu, 08 Dec 2022 09:31:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9epFPJ8/ZoxAAwrEZRq0f3JCJ7WZPOzwoJQX6UAgP5pjn5eR7vmNLhfV6rWex7kAuTyXFaZ5/MA=
x-amz-request-id: H82SVW8A8NAP00C2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 08:47:51 GMT
age: 2627
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:31:38 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 09:07:58 GMT
age: 1420
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3548
Cache-Control: max-age=88460
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:31:38 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:05:58 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.26.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.26.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5A5/q2QsxfGVXJp6FYAk1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: on8q9r1DMbMFWjfF6f0+3+s0fJU=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aeb85b6df6609979a8022398fc1fe737
5e8435e55d4ab8ec5ac4761ffd5b19a6b2f146ec
fa8392624b28c81bc2353328b7b0da259c05ae6588192e5ce44d2bb1c60026cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA8392624B28C81BC2353328B7B0DA259C05AE6588192E5CE44D2BB1C60026CF"
Last-Modified: Wed, 07 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15635
Expires: Thu, 08 Dec 2022 13:52:14 GMT
Date: Thu, 08 Dec 2022 09:31:39 GMT
Connection: keep-alive
blocket.paymentu-l.cfd/56792262215
185.106.93.93200 OK 3.1 kB URL HTTP/1.1 blocket.paymentu-l.cfd/56792262215
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (23074)
Hash bdaf56ab1d6f25ce4121ac5d449f42a7
6ded94a544c12518f3e12dbe8457a32f057feec1
237f4b3f8749f505b8bef9b013965336976efd8db25c1cee76bacfbaa6b3d057
Analyzer Verdict Alert quad9 Sinkholed
GET /56792262215 HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
blocket.paymentu-l.cfd/runtime.6122e5a5f4936958.js
185.106.93.93200 OK 1.6 kB URL HTTP/1.1 blocket.paymentu-l.cfd/runtime.6122e5a5f4936958.js
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type ASCII text, with very long lines (2995), with no line terminators
Hash 6210b22b8f3d253f792de54aad88b652
4803eaa830e53d0106cb3c3198c2db8c2992c1f1
cc018cd5c1f4e4e85a731bc3a459c80ca5d15926a29fc5d7b3bf59ce4569707a
Analyzer Verdict Alert quad9 Sinkholed
GET /runtime.6122e5a5f4936958.js HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:39 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 15:31:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6390b1e9-bb3"
Expires: Thu, 08 Dec 2022 10:31:39 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
blocket.paymentu-l.cfd/polyfills.2ca2558b5505e406.js
185.106.93.93200 OK 15 kB URL HTTP/1.1 blocket.paymentu-l.cfd/polyfills.2ca2558b5505e406.js
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type ASCII text, with very long lines (45558), with no line terminators
Hash c15665d5b3dbdb3f2a25e171c312eaad
c7f639a9c153e5d6482ba67537f717cbbcd6ee24
883c5b1f04dea6f1b60f4dbe73c1eae032502f3c0484b8b2c56ec37a924f5ba7
Analyzer Verdict Alert quad9 Sinkholed
GET /polyfills.2ca2558b5505e406.js HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:39 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 15:31:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6390b1e9-b1f6"
Expires: Thu, 08 Dec 2022 10:31:39 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
blocket.paymentu-l.cfd/roboto-v20-latin-ext_latin-regular.5c59b24786083ffe.woff2
185.106.93.93200 OK 23 kB URL HTTP/1.1 blocket.paymentu-l.cfd/roboto-v20-latin-ext_latin-regular.5c59b24786083ffe.woff2
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type Web Open Font Format (Version 2), TrueType, length 22644, version 1.0\012- data
Hash c5bf51b68dc9fd7fe944d8947fe12518
a39cd33a2457d12a3eb61e0841c91b73e4af90ac
b86b128b0701a436d02aa06fb2027845a0e69e4bebdd22012c1e0578508e34d1
Analyzer Verdict Alert quad9 Sinkholed
GET /roboto-v20-latin-ext_latin-regular.5c59b24786083ffe.woff2 HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:39 GMT
Content-Type: application/octet-stream
Content-Length: 22644
Last-Modified: Wed, 07 Dec 2022 15:31:53 GMT
Connection: keep-alive
ETag: "6390b1e9-5874"
Accept-Ranges: bytes
blocket.paymentu-l.cfd/styles.319ec47afc3920b5.css
185.106.93.93200 OK 26 kB URL HTTP/1.1 blocket.paymentu-l.cfd/styles.319ec47afc3920b5.css
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 21f4c40d14da6c793d7f5f01c68ddecf
33cc67fa7a14a8e3d7cbee4a4aba88c2524fbb39
4f270bbcc3cbcb1c3a7617ba4e45b141c8f9061a82cf28ed8d1de67c45b93f57
Analyzer Verdict Alert quad9 Sinkholed
GET /styles.319ec47afc3920b5.css HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:39 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Dec 2022 15:31:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6390b1e9-372d4"
Expires: Thu, 08 Dec 2022 10:31:39 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
blocket.paymentu-l.cfd/main.c63ca010df27124b.js
185.106.93.93200 OK 208 kB URL HTTP/1.1 blocket.paymentu-l.cfd/main.c63ca010df27124b.js
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type ASCII text, with very long lines (65536), with no line terminators
Size 208 kB (208153 bytes)
Hash 36aee0a40dcefd68f753d6d6bc50e3f7
51b4cfb653c707af276621d9bf921dec7aa8965e
20e77eeee8163c0004a82ae0781ce5b07f45f70747ba5b45071451e780e93360
Analyzer Verdict Alert quad9 Sinkholed
GET /main.c63ca010df27124b.js HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:39 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 15:31:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6390b1e9-e7b82"
Expires: Thu, 08 Dec 2022 10:31:39 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
blocket.paymentu-l.cfd/assets/favicon.ico
185.106.93.93200 OK 318 B URL HTTP/1.1 blocket.paymentu-l.cfd/assets/favicon.ico
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Hash 0eb6a3e58fb0f61f080bfd48d9be4a2d
669802179243bd9c47aae26d03090f5f8e40a015
3755ed10fae26af17e06f7ff740b9138c0f6b47b524d6bbbaae98f999433e1ea
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/favicon.ico HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:39 GMT
Content-Type: image/x-icon
Content-Length: 318
Last-Modified: Wed, 07 Dec 2022 15:31:54 GMT
Connection: keep-alive
ETag: "6390b1ea-13e"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2871
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 09:31:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2871
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 09:31:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2871
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 09:31:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2871
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 09:31:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2871
Expires: Thu, 08 Dec 2022 10:19:31 GMT
Date: Thu, 08 Dec 2022 09:31:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb1ea0161d261518c99909aff49e6f58
c3b915cb579b651db25442fea0bbedd0d292c0fc
d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6110
x-amzn-requestid: ddb5c208-5bfe-4e8c-9fdd-55076fac9eb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czg9FGl2IAMFxYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63914853-148fec9213f360520ff3c52a;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 02:13:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: l8PbqnzJrf0uHiLE9iy5PSfKl8f4520ddTxkji7GyUyAWuX9Sc4U0w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 04:20:38 GMT
age: 18662
etag: "c3b915cb579b651db25442fea0bbedd0d292c0fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d44d17585c9a536c8da0e75ed90d175
9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 12:11:17 GMT
age: 76823
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce35df4fe4f77c950e40dc44b311bab4
aadf97d040e3577599581e892ee20f88d191bf91
f9c4cfc384213f77c0bbb252f3d6fbc22be60e1ecc158eece857d5050c8ced3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5620
x-amzn-requestid: fadda084-c7fc-4ec0-bad0-27e97b8349d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gHGIMIAMFy_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-5dc824963fe82ab927205128;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MWB80hrfUMDjexNsySVGMXtm6Wva4t1gkJXaesFKRaGSkFS1r1zIrw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
age: 40696
etag: "aadf97d040e3577599581e892ee20f88d191bf91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57a992ab666f21c6da0057fefb622ff2
c36381d6744ae44360b2a37ca7586028e980714b
afe4050d9b07dcab509c95eb8d75ca410db74bd59f39561e5d190550cb61503e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13556
x-amzn-requestid: 3e79e2da-80ea-404c-8d87-939c7682dbe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4h8EuUIAMFkIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639107a5-68318f164708882a43fb0f12;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7RZTh3iQHGp_XffXQQw13UUWqPNZQFJ_e4pIvNPgAaA1aGy_cXMueA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "c36381d6744ae44360b2a37ca7586028e980714b"
content-type: image/jpeg
age: 40696
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 311cb4353566dfb426dbc692fde93223
979910df445a5c4d3513c8c25e289800335f646d
5ecd5c12620c0b8b6bbf456cb6c016168479a735f4eb67a9a1047677b9d798fb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8179
x-amzn-requestid: 39aa4016-4f48-4d2a-b94b-05432980d66a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czCruHckIAMFkHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639117e4-1953985a5c8d2da8239ec8e8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKaRX4QpQU2U8J-jk1lWjhAooObsgxfHuNXv5Bbc69IEMCXAyIESeQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:50:01 GMT
age: 38499
etag: "979910df445a5c4d3513c8c25e289800335f646d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 35768
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
blocket.paymentu-l.cfd/api/56792262215/order
185.106.93.93200 OK 588 B URL HTTP/1.1 blocket.paymentu-l.cfd/api/56792262215/order
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type JSON data\012- , ASCII text, with very long lines (961), with no line terminators
Hash 6afb8258b41523a483a567674dac5d63
3e2983ffcbf3ae0b7f9cb567fbf2d539367797d5
a2b205d01937e7f9c254414a8f10230e32055a7562e068866321a3a38dc454dd
Analyzer Verdict Alert quad9 Sinkholed
GET /api/56792262215/order HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 588
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
blocket.paymentu-l.cfd/583.7094c409ccdcc9a1.js
185.106.93.93200 OK 4.8 kB URL HTTP/1.1 blocket.paymentu-l.cfd/583.7094c409ccdcc9a1.js
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type ASCII text, with very long lines (19591), with no line terminators
Hash a9e316b20801f57709923eb902598dbc
7282866d7b1876fbe6d9996b75f30985a1652567
055f8f8f59aaf4074f10452af1837fb1ed47d9ecb9d2563e0d5577396a99e979
Analyzer Verdict Alert quad9 Sinkholed
GET /583.7094c409ccdcc9a1.js HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 15:31:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6390b1e9-4c87"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
blocket.paymentu-l.cfd/664.656232a5e33c52f6.js
185.106.93.93200 OK 6.2 kB URL HTTP/1.1 blocket.paymentu-l.cfd/664.656232a5e33c52f6.js
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type ASCII text, with very long lines (23362), with no line terminators
Hash 064037b93fd642795cde64d7f909f00c
ea2907592d8347d9ccdf1e3a36092325e54723f8
55cf02a1ec10c5b84c80980b895a1ca6288408d5f4c8e3b5025f0c342c57e992
Analyzer Verdict Alert quad9 Sinkholed
GET /664.656232a5e33c52f6.js HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 15:31:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6390b1e9-5b42"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
blocket.paymentu-l.cfd/716.44da8d1a8e24ca07.js
185.106.93.93200 OK 4.7 kB URL HTTP/1.1 blocket.paymentu-l.cfd/716.44da8d1a8e24ca07.js
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type ASCII text, with very long lines (14801), with no line terminators
Hash 9c01f4ba92a8580a0d16f5f011229213
1bf177bed91292e81ea37bf3f0a364cbc9d2089b
0f8bff4d15c710f54ebe14386e4540ddbe80e8f86f14461fb19ce936590d21df
Analyzer Verdict Alert quad9 Sinkholed
GET /716.44da8d1a8e24ca07.js HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 15:31:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6390b1e9-39d1"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
blocket.paymentu-l.cfd/255.3b5f4e9f1f2ae616.js
185.106.93.93200 OK 19 kB URL HTTP/1.1 blocket.paymentu-l.cfd/255.3b5f4e9f1f2ae616.js
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type ASCII text, with very long lines (65536), with no line terminators
Hash f9ac678a2882f888c1810f968d29bfad
a7956349ae03d61cf54a92e3f61fd58f5575a773
f42233ea7e61a187e20b05e5ce8396eeedfef0d2d09dbe02cf1737130f2b65e0
Analyzer Verdict Alert quad9 Sinkholed
GET /255.3b5f4e9f1f2ae616.js HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 15:31:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6390b1e9-19d0b"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
blocket.paymentu-l.cfd/assets/img/platform/logo/blocket.svg
185.106.93.93200 OK 3.5 kB URL HTTP/1.1 blocket.paymentu-l.cfd/assets/img/platform/logo/blocket.svg
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (519)
Hash 4f2c8df66c83a8e9f0efd7745046d231
4deb6a1ff68a1643a880b5ab2747e6c36c09df95
8ee774194bbaa441c9016d95b3da820798582801f14bffd9001a0efb7b7f9771
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/platform/logo/blocket.svg HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: image/svg+xml
Content-Length: 3462
Last-Modified: Wed, 07 Dec 2022 15:31:54 GMT
Connection: keep-alive
ETag: "6390b1ea-d86"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
blocket.paymentu-l.cfd/633.1de75ce700257d19.js
185.106.93.93200 OK 8.8 kB URL HTTP/1.1 blocket.paymentu-l.cfd/633.1de75ce700257d19.js
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type ASCII text, with very long lines (47335), with no line terminators
Hash f5f7ccfd98b5442d094970b110d3de83
57fa7d3fbc0b1f178bd87c273f49269a36375969
52b978f69f2eafe91d3293d8f286d4a368cd5d00969e9627a6f3944060d016b8
Analyzer Verdict Alert quad9 Sinkholed
GET /633.1de75ce700257d19.js HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 15:31:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6390b1e9-b8e7"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
blocket.paymentu-l.cfd/387.d94f44171f435f33.js
185.106.93.93200 OK 301 kB URL HTTP/1.1 blocket.paymentu-l.cfd/387.d94f44171f435f33.js
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type ASCII text, with very long lines (65536), with no line terminators
Size 301 kB (301383 bytes)
Hash 4184024b46af197b9be9accf07fe5955
81fa9eedad1bc0effcd1c6775a194502e05cbf98
79208262e1c252b3b2eacc520613a008805515a2960f30fdd9db94140de7e167
Analyzer Verdict Alert quad9 Sinkholed
GET /387.d94f44171f435f33.js HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: application/javascript
Last-Modified: Wed, 07 Dec 2022 15:31:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6390b1e9-2272da"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
blocket.paymentu-l.cfd/api/1997300/order/id
185.106.93.93200 OK 592 B URL HTTP/1.1 blocket.paymentu-l.cfd/api/1997300/order/id
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type JSON data\012- , ASCII text, with very long lines (963), with no line terminators
Hash d18e748f92b24d7638f6dddda1683b67
6b7c871612be64256794ce972fcb6e9b946ac7d3
81d03f57184416bedc7610a7383ded778aba9c88b6d8e76629787f361241c5cb
Analyzer Verdict Alert quad9 Sinkholed
GET /api/1997300/order/id HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 592
Connection: keep-alive
Access-Control-Allow-Origin: *
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
blocket.paymentu-l.cfd/roboto-v20-latin-ext_latin-500.de270e01b582cd35.woff2
185.106.93.93200 OK 23 kB URL HTTP/1.1 blocket.paymentu-l.cfd/roboto-v20-latin-ext_latin-500.de270e01b582cd35.woff2
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type Web Open Font Format (Version 2), TrueType, length 22732, version 1.0\012- data
Hash 15431381890720a5a4b62b33c8ae06c5
6266cfccbd3281630cd4ba6d7dfd953999268480
fa074f87d637e60c5639e30dc8f11787bb2400bc759e56fa7ddae1c28bdb4278
Analyzer Verdict Alert quad9 Sinkholed
GET /roboto-v20-latin-ext_latin-500.de270e01b582cd35.woff2 HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/styles.319ec47afc3920b5.css
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: application/octet-stream
Content-Length: 22732
Last-Modified: Wed, 07 Dec 2022 15:31:53 GMT
Connection: keep-alive
ETag: "6390b1e9-58cc"
Accept-Ranges: bytes
blocket.paymentu-l.cfd/assets/img/ui-icon/shield_user.svg
185.106.93.93200 OK 878 B URL HTTP/1.1 blocket.paymentu-l.cfd/assets/img/ui-icon/shield_user.svg
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (774)
Hash 7e06de5e99d0958a484ce9917c1c318f
8e18572317b59e7f10a42faf13221362a7e81ed8
4074546a01d83bcb37a7c889990b39ee667b0fe5e1b886c2bdbaec0f7fe6b2d8
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/ui-icon/shield_user.svg HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: image/svg+xml
Content-Length: 878
Last-Modified: Wed, 07 Dec 2022 15:31:54 GMT
Connection: keep-alive
ETag: "6390b1ea-36e"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
blocket.paymentu-l.cfd/assets/img/ui-icon/pack.svg
185.106.93.93200 OK 744 B URL HTTP/1.1 blocket.paymentu-l.cfd/assets/img/ui-icon/pack.svg
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (640)
Hash 739d6be061ecbc6a41956b221c4f85df
e1a88e9140e35f1defa95dcb446a6ec63b0ae8fb
3a08506d6e95175a97d2d3794a0fe29b886d9f674637f4ba92c8bf77d47bbd0e
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/ui-icon/pack.svg HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: image/svg+xml
Content-Length: 744
Last-Modified: Wed, 07 Dec 2022 15:31:54 GMT
Connection: keep-alive
ETag: "6390b1ea-2e8"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
blocket.paymentu-l.cfd/assets/img/ui-icon/people.svg
185.106.93.93200 OK 1.1 kB URL HTTP/1.1 blocket.paymentu-l.cfd/assets/img/ui-icon/people.svg
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (960)
Hash 44eaebf5c2c68d480954e8460b43c047
8785a3dc839f4821ec708bc967376b7a54fec235
88e4a87487220fa62c04405803be443a5b992d405a75e3e0ca00a2b8413f9195
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/ui-icon/people.svg HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: image/svg+xml
Content-Length: 1064
Last-Modified: Wed, 07 Dec 2022 15:31:54 GMT
Connection: keep-alive
ETag: "6390b1ea-428"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
blocket.paymentu-l.cfd/assets/img/ui-icon/map-point.svg
185.106.93.93200 OK 677 B URL HTTP/1.1 blocket.paymentu-l.cfd/assets/img/ui-icon/map-point.svg
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (573)
Hash fbb5e5f64689f2ebe2080df0508debf4
a7afba6b43920ac385d2dcbac867da962f6d3abe
aebf30fc3c97800ffa1f90fcf230775b1aaf1b71dec32b58176086a57f84d27d
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/ui-icon/map-point.svg HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: image/svg+xml
Content-Length: 677
Last-Modified: Wed, 07 Dec 2022 15:31:54 GMT
Connection: keep-alive
ETag: "6390b1ea-2a5"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
blocket.paymentu-l.cfd/assets/img/ui-icon/mobile.svg
185.106.93.93200 OK 508 B URL HTTP/1.1 blocket.paymentu-l.cfd/assets/img/ui-icon/mobile.svg
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (404)
Hash a4b58dacfb444bc9e6db28172dac6319
b9ce2f85688b01b923497bef70feced7ab1233dc
c76a1e8867b5d7fafdf273dad117cc562712600f1484a6a93ac2157513180b44
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/ui-icon/mobile.svg HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: image/svg+xml
Content-Length: 508
Last-Modified: Wed, 07 Dec 2022 15:31:54 GMT
Connection: keep-alive
ETag: "6390b1ea-1fc"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
blocket.paymentu-l.cfd/assets/img/ui-icon/i.svg
185.106.93.93200 OK 765 B URL HTTP/1.1 blocket.paymentu-l.cfd/assets/img/ui-icon/i.svg
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (665)
Hash 4647873b8f941bfc66bce5083bac04c4
41326a49f0fde093808802364a2e21e8db04305e
025c3ee5d30da434517ea2304ced30515f33ae862605679e9852e824157fb7e8
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/ui-icon/i.svg HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: image/svg+xml
Content-Length: 765
Last-Modified: Wed, 07 Dec 2022 15:31:54 GMT
Connection: keep-alive
ETag: "6390b1ea-2fd"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
blocket.paymentu-l.cfd/assets/i18n/sv.json
185.106.93.93200 OK 5.3 kB URL HTTP/1.1 blocket.paymentu-l.cfd/assets/i18n/sv.json
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1121)
Hash d1584304a9d6f5de104b6940b54a10ed
0838e5c3ba76f1c777765737f18e7a5c557a2f29
0b436533c9159f05ed5831c98c8a09c9e2a86c6494ffc2d1524115987d6c4a60
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/i18n/sv.json HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: application/json
Last-Modified: Wed, 07 Dec 2022 15:31:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6390b1ea-4033"
Content-Encoding: gzip
blocket.paymentu-l.cfd/assets/img/platform/deliveryLogos/postnord.svg
185.106.93.93200 OK 32 kB URL HTTP/1.1 blocket.paymentu-l.cfd/assets/img/platform/deliveryLogos/postnord.svg
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (31142)
Hash 553fbd1274ed676f7830a8fdd16210f5
3dcfc55d645caf87aebd5b7ecedbdfa4578afaef
5b13e71796450ba6f88e905f7c0bb1eefa188eaebd4e96a9563bfeb19a8ff8a9
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/platform/deliveryLogos/postnord.svg HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:40 GMT
Content-Type: image/svg+xml
Content-Length: 31781
Last-Modified: Wed, 07 Dec 2022 15:31:54 GMT
Connection: keep-alive
ETag: "6390b1ea-7c25"
Expires: Thu, 08 Dec 2022 10:31:40 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
i.blocketcdn.se/pictures/3401465045.webp?type=original
143.204.55.28200 OK 155 kB URL HTTP/2 i.blocketcdn.se/pictures/3401465045.webp?type=original
IP 143.204.55.28:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 155 kB (155060 bytes)
Hash 3487e6d90f50797cd032565f29301eac
e7f478191f8ed3c79747b2724573e73793406203
e0fcb19285748cefda479d64267f8c3746859e784eadb2f5f29ce236edf03c07
GET /pictures/3401465045.webp?type=original HTTP/1.1
Host: i.blocketcdn.se
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 155060
date: Thu, 08 Dec 2022 09:12:28 GMT
etag: "ocX3jcYCPquM2g-TNd0ehwnsQ6JYnSu-iP41GyNhcsM/RIjk0MjBmMzViYzcyMWJjNjBhNjhmZDA1NjgyZTIxYjc4Ig"
cache-control: max-age=2592000
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: R7WuB0HtjeRuBcJZ5DtjSsSoe0G3vYeoe26NgrdDp2FCWt381ROAog==
age: 1152
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash f3729ffb6b8809b776fac4781400bf72
fee2eae07f2c0cf5cb168df7d0e89a5aa1153d54
d28548a1aff6bf4f8f6e79e2499cbe54fdfc38fdb9481de14533071c4418d75a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123239
Date: Thu, 08 Dec 2022 09:31:40 GMT
Etag: "6390d4e7-1d7"
Expires: Fri, 09 Dec 2022 19:45:39 GMT
Last-Modified: Wed, 07 Dec 2022 18:01:11 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: z8VL51-GxD0YjgxTux7nKnRfiwm4vs2XpUZuTRAKU3W0B7JtBgGlQQ==
Age: 6268
blocket.paymentu-l.cfd/api/1997300/order/id
185.106.93.93200 OK 590 B URL HTTP/1.1 blocket.paymentu-l.cfd/api/1997300/order/id
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type JSON data\012- , ASCII text, with very long lines (963), with no line terminators
Hash efa7faa641d287cff901e3b71cd60ddf
a20457b98d2f8ae37606ac2d9e48f52e2bfba0b5
f18b2501a7c06c5293ac680a162606ca25bfce6e16556fca44f07283eeca82d6
Analyzer Verdict Alert quad9 Sinkholed
GET /api/1997300/order/id HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 590
Connection: keep-alive
Access-Control-Allow-Origin: *
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
blocket.paymentu-l.cfd/api/1997300/order/id
185.106.93.93200 OK 591 B URL HTTP/1.1 blocket.paymentu-l.cfd/api/1997300/order/id
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type JSON data\012- , ASCII text, with very long lines (963), with no line terminators
Hash e3584763fa903a74c1f86968730c800b
453036a7b3e96a13ada411311af01fe74018af7e
6eb69a2f8120b9976ef24eb2cc7e69f1d1b56cc0129ec3aabc7143da4ae8112e
Analyzer Verdict Alert quad9 Sinkholed
GET /api/1997300/order/id HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:42 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 591
Connection: keep-alive
Access-Control-Allow-Origin: *
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
blocket.paymentu-l.cfd/api/1997300/order/id
185.106.93.93200 OK 591 B URL HTTP/1.1 blocket.paymentu-l.cfd/api/1997300/order/id
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type JSON data\012- , ASCII text, with very long lines (963), with no line terminators
Hash 387e38ae244b5f0950914606f88bae5f
59fff22fee7290e5df85b5ca6ed1092266f41fd6
f59481f1aacbf64119873a5acac0d910fb6d181ed137db003eec1ec351631065
Analyzer Verdict Alert quad9 Sinkholed
GET /api/1997300/order/id HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:43 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 591
Connection: keep-alive
Access-Control-Allow-Origin: *
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
blocket.paymentu-l.cfd/api/1997300/order/id
185.106.93.93200 OK 591 B URL HTTP/1.1 blocket.paymentu-l.cfd/api/1997300/order/id
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type JSON data\012- , ASCII text, with very long lines (963), with no line terminators
Hash 973d0faebb0596e85a9aa1d827e34f87
939188ccee5adf94ea47e35f86ededbcd1628692
ad3524982f66c2c19c554b1c9dc3b0f6b5fe3cc8d2f3c0960f45eeddf4efe7e9
Analyzer Verdict Alert quad9 Sinkholed
GET /api/1997300/order/id HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 591
Connection: keep-alive
Access-Control-Allow-Origin: *
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
blocket.paymentu-l.cfd/api/1997300/order/id
185.106.93.93200 OK 591 B URL HTTP/1.1 blocket.paymentu-l.cfd/api/1997300/order/id
IP 185.106.93.93:0
ASN #50113 NTX Technologies s.r.o.
File type JSON data\012- , ASCII text, with very long lines (963), with no line terminators
Hash a28288c2d535d235340f4be617bdc366
1d97010e2d6e3441200fe2930eaabfb44b4c368a
ea9067bfeca91a787b7a0451abedca34450247f2725fde6124f560e317332cbe
Analyzer Verdict Alert quad9 Sinkholed
GET /api/1997300/order/id HTTP/1.1
Host: blocket.paymentu-l.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blocket.paymentu-l.cfd/56792262215
Cookie: PHPSESSID=kelq8svto31c1eq2gaai4ho9hu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 09:31:46 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 591
Connection: keep-alive
Access-Control-Allow-Origin: *
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
is.gd/T8Yv9y
172.67.83.132301 Moved Permanently 0 B IP 172.67.83.132:0
GET /T8Yv9y HTTP/1.1
Host: is.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Thu, 08 Dec 2022 09:31:38 GMT
content-type: text/html; charset=UTF-8
location: https://blocket.paymentu-l.cfd/56792262215
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77647d3abf82b512-OSL
X-Firefox-Spdy: h2