r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6641
Expires: Wed, 01 Feb 2023 23:37:43 GMT
Date: Wed, 01 Feb 2023 21:47:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2244
Expires: Wed, 01 Feb 2023 22:24:26 GMT
Date: Wed, 01 Feb 2023 21:47:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 21:43:26 GMT
content-type: application/json
age: 216
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4532
Expires: Wed, 01 Feb 2023 23:02:34 GMT
Date: Wed, 01 Feb 2023 21:47:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JZU+nEWlGA4hkYJwUC/WxgSyLURrbxGJXlKBASa7k42H3/JBq+HVV/eSRVMwTOVXBm1/Ogheprk1JLQb2yN4XA==
x-amz-request-id: 2FB0T278PJHT4ZJ2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 21:22:49 GMT
age: 1453
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 21:47:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 21:41:42 GMT
age: 320
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.vova.com/pt/Criativo-Bonito-Swan-Gel-Caneta-Estudante-Papelaria-Material-GSN1556101005822526244041890-g190681-m1190599?currency=BRL&country_code=BR
69.16.230.226200 OK 2.3 kB URL HTTP/1.1 www.vova.com/pt/Criativo-Bonito-Swan-Gel-Caneta-Estudante-Papelaria-Material-GSN1556101005822526244041890-g190681-m1190599?currency=BRL&country_code=BR
IP 69.16.230.226:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (626)
Hash ea6acedaa74d08728a99c7bae565d08f
74519c2fda6f84166eebf1c0d9b0afdd6775a0bb
d29d25e9ccc5e1a891c090a0f152fe47b51b9033bce6ae75e75bc259a1082122
GET /pt/Criativo-Bonito-Swan-Gel-Caneta-Estudante-Papelaria-Material-GSN1556101005822526244041890-g190681-m1190599?currency=BRL&country_code=BR HTTP/1.1
Host: www.vova.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 21:47:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17091
Expires: Thu, 02 Feb 2023 02:31:53 GMT
Date: Wed, 01 Feb 2023 21:47:02 GMT
Connection: keep-alive
www.vova.com/page/bouncy.php?&bpae=GbhGtK3mvUx7Npvv%2ByrAz33O2kviQyghfgAqZi%2B%2FNwBsojflfRPKSPNDfW3P0stXwlRjcgmhpBdeKdQYfPdwQgpqrvg1AOmkQPdIa4AZAekeBG5LDjoyOUMNzhujEeev8v4F6hcqs1Pf4Yt5LG8qz0WVSw3fImduyrF6A4fzBBd0EY43w5vYhpNvJKXpVCZm293JaMTf8oU2H80W3XpDGtpoVFk%2BNdmUYB5E46RdiXlgb1lVhmH7P5qFeSz3EWzxhh67AfNc7s7Igwlq%2F8UE7gjthLBzsCzBbcH3GnucBHl0L%2FtDIHoJ%2FZbRN0ETCjCv1Na2a8WRbZDyKwLn6wz4oCi516vElVxp1oY9W6ik%2FURrtFv8mVKQNhEVKaM4i5KIj%2BJ9c2N3ibxPRindrcjTkRsR8Kclj%2FDfnXK3ytP6JHSMdOjEA%2FJ5ejeivMznkrK2yf29HyJsd%2FDE2FMDo8km%2BgeIbcOk9l023ji6Uth8fSn9qnQllqPOO4aD2Nk%3D&redirectType=js&inIframe=false&inPopUp=false
69.16.230.226200 OK 982 B URL HTTP/1.1 www.vova.com/page/bouncy.php?&bpae=GbhGtK3mvUx7Npvv%2ByrAz33O2kviQyghfgAqZi%2B%2FNwBsojflfRPKSPNDfW3P0stXwlRjcgmhpBdeKdQYfPdwQgpqrvg1AOmkQPdIa4AZAekeBG5LDjoyOUMNzhujEeev8v4F6hcqs1Pf4Yt5LG8qz0WVSw3fImduyrF6A4fzBBd0EY43w5vYhpNvJKXpVCZm293JaMTf8oU2H80W3XpDGtpoVFk%2BNdmUYB5E46RdiXlgb1lVhmH7P5qFeSz3EWzxhh67AfNc7s7Igwlq%2F8UE7gjthLBzsCzBbcH3GnucBHl0L%2FtDIHoJ%2FZbRN0ETCjCv1Na2a8WRbZDyKwLn6wz4oCi516vElVxp1oY9W6ik%2FURrtFv8mVKQNhEVKaM4i5KIj%2BJ9c2N3ibxPRindrcjTkRsR8Kclj%2FDfnXK3ytP6JHSMdOjEA%2FJ5ejeivMznkrK2yf29HyJsd%2FDE2FMDo8km%2BgeIbcOk9l023ji6Uth8fSn9qnQllqPOO4aD2Nk%3D&redirectType=js&inIframe=false&inPopUp=false
IP 69.16.230.226:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 47dc5570733a9b006a6c613a9f261530
a36bfaebd407d244371f3023b73dc6d9a7cfe4e4
44c1885beb6646101896314ab1980df2edfda7877aaae31be36305a2d48f83bc
GET /page/bouncy.php?&bpae=GbhGtK3mvUx7Npvv%2ByrAz33O2kviQyghfgAqZi%2B%2FNwBsojflfRPKSPNDfW3P0stXwlRjcgmhpBdeKdQYfPdwQgpqrvg1AOmkQPdIa4AZAekeBG5LDjoyOUMNzhujEeev8v4F6hcqs1Pf4Yt5LG8qz0WVSw3fImduyrF6A4fzBBd0EY43w5vYhpNvJKXpVCZm293JaMTf8oU2H80W3XpDGtpoVFk%2BNdmUYB5E46RdiXlgb1lVhmH7P5qFeSz3EWzxhh67AfNc7s7Igwlq%2F8UE7gjthLBzsCzBbcH3GnucBHl0L%2FtDIHoJ%2FZbRN0ETCjCv1Na2a8WRbZDyKwLn6wz4oCi516vElVxp1oY9W6ik%2FURrtFv8mVKQNhEVKaM4i5KIj%2BJ9c2N3ibxPRindrcjTkRsR8Kclj%2FDfnXK3ytP6JHSMdOjEA%2FJ5ejeivMznkrK2yf29HyJsd%2FDE2FMDo8km%2BgeIbcOk9l023ji6Uth8fSn9qnQllqPOO4aD2Nk%3D&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: www.vova.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.vova.com/pt/Criativo-Bonito-Swan-Gel-Caneta-Estudante-Papelaria-Material-GSN1556101005822526244041890-g190681-m1190599?currency=BRL&country_code=BR
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 21:47:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
34.213.61.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.61.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4bwLQw9hyQpFi5eWXBCPBg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8UJKdxeVEODuzo8GqhSUvzTUOWg=
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 2f0fcc1515118018840ab3b19e36efe2
b2878093b46837dce2fb73fdb4ed2e7e6e5e00f4
38ee1489e1905c509c5827a54112ebb96bc22d67da06de4f19084c6f9951b6d4
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=94530
Date: Wed, 01 Feb 2023 21:47:03 GMT
Etag: "63d99ad1-1d7"
Expires: Fri, 03 Feb 2023 00:02:33 GMT
Last-Modified: Tue, 31 Jan 2023 22:48:49 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cw2rC0thTT5n1y9p6OQIU_dbhs98dI0HHRM3ij518xk0Cp5I2HGY_w==
Age: 4424
alia-iso.com/zcvisitor/f5fec353-a279-11ed-b94e-0a4a7c31a319/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=a7959120-7ac0-11ed-9544-0a918cbcbb97
52.7.54.238200 OK 1.8 kB URL HTTP/2 alia-iso.com/zcvisitor/f5fec353-a279-11ed-b94e-0a4a7c31a319/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=a7959120-7ac0-11ed-9544-0a918cbcbb97
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (656)
Hash fec7d8362bce8feac298ec5741e33491
461a4737013a91be04e896c34958d1cad1399282
3e6a86aaeee5ded150134ca7140c014855661dd9eed5c93b2a0a0a2b524876ba
GET /zcvisitor/f5fec353-a279-11ed-b94e-0a4a7c31a319/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=a7959120-7ac0-11ed-9544-0a918cbcbb97 HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.vova.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 21:47:03 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: dWeWiQhl
X-Firefox-Spdy: h2
alia-iso.com/zcredirect?visitid=f5fec353-a279-11ed-b94e-0a4a7c31a319&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
52.7.54.238200 OK 778 B URL HTTP/2 alia-iso.com/zcredirect?visitid=f5fec353-a279-11ed-b94e-0a4a7c31a319&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (346)
Hash 07a95cad27ff6b252988f22163829305
5c844dd7f7f087d89a5ec9396cfe7f311e5253f0
5e66d5d08f531002fa27c9a03aa013f7c69f0e58ecebf1731673d07787be7917
GET /zcredirect?visitid=f5fec353-a279-11ed-b94e-0a4a7c31a319&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcvisitor/f5fec353-a279-11ed-b94e-0a4a7c31a319/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=a7959120-7ac0-11ed-9544-0a918cbcbb97
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 21:47:03 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: dWeWiQhl
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6981
Expires: Wed, 01 Feb 2023 23:43:25 GMT
Date: Wed, 01 Feb 2023 21:47:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6981
Expires: Wed, 01 Feb 2023 23:43:25 GMT
Date: Wed, 01 Feb 2023 21:47:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6981
Expires: Wed, 01 Feb 2023 23:43:25 GMT
Date: Wed, 01 Feb 2023 21:47:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:53:10 GMT
age: 50034
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:57:42 GMT
age: 85762
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71bb87d4-a329-46af-946e-9b5edda7dddb.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71bb87d4-a329-46af-946e-9b5edda7dddb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2419bbbf287e620325438f5620183e32
257963245f14742bf9cd90e71ca748066d5495c3
47c7495be97a81189da17fc3abf430d1f4ecae95fdda30006cc462a4cea4c643
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71bb87d4-a329-46af-946e-9b5edda7dddb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7628
x-amzn-requestid: 29c70d62-ed3a-4c90-8f32-2dc0c1caf5e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcDSnG4RIAMF5eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4b276-0267c928110be13d26906bed;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 05:28:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nW57-OyTmJaehRAaQAG-qljKRd2_tDViGnSn8Pj_z8xndH_oVnE8pQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 04:57:03 GMT
age: 60601
etag: "257963245f14742bf9cd90e71ca748066d5495c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4MpUHqMYJoNA7QuRuQwbJIodNkhizq6EL5SPbIoSKFQjtoAKQgLuEg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:25 GMT
age: 86139
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 22:03:43 GMT
age: 85401
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:15:18 GMT
age: 52306
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.dql2clk.com/cmp/ZGSRP1/27W1G/?source_id=SOURCEID&sub1=SUBSOURCE&sub5=w54v3eaerire4tami7g7didi
34.117.199.78302 Found 281 B URL HTTP/2 www.dql2clk.com/cmp/ZGSRP1/27W1G/?source_id=SOURCEID&sub1=SUBSOURCE&sub5=w54v3eaerire4tami7g7didi
IP 34.117.199.78:0
File type HTML document, ASCII text
Hash 61efcb419127c724a29f96a1ea68a5bd
d229ea2249736fd4164591654765c1a7c22b47e4
2d2d8a4860fbbcf663a935223a55d85ec701380ce5012907c70476b9d6b23f20
GET /cmp/ZGSRP1/27W1G/?source_id=SOURCEID&sub1=SUBSOURCE&sub5=w54v3eaerire4tami7g7didi HTTP/1.1
Host: www.dql2clk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 01 Feb 2023 21:47:04 GMT
content-type: text/html; charset=utf-8
content-length: 281
location: https://www.fuckmore.com/2487/?country=NO®ion=Oslo+County&city=Oslo&brands=fuckmore.com&clickid=0c550a55f47444f59456151c2fc3400d&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w54v3eaerire4tami7g7didi¬if=1
set-cookie: uniqueClick_27W1G=c85516f7-0d39-4318-8630-d19f963fef7d:1675288024; Path=/; Expires=Thu, 02 Feb 2023 21:47:04 GMT
transaction_id=0c550a55f47444f59456151c2fc3400d; Path=/; Expires=Tue, 02 May 2023 21:47:04 GMT
vary: Origin
x-eflow-request-id: e89fcd82-3b78-4f48-a90e-961fcebc73e1
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 0649d7bc5bbc8bf35c1fd06ca00eba14
9233da525778bec7a96f6271135c7e85fac28cd4
c89a35db1a55e52ec32605d50a9131c059f2d190866bf7863dbb8fe0d1630338
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 21:47:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 21:54:40 GMT
Expires: Wed, 01 Feb 2023 21:54:40 GMT
ETag: "9233da525778bec7a96f6271135c7e85fac28cd4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash c5b5d7013e1bbc38ad5e28b0ed65ec61
b8db537043d6c7251a9e79f3b8bea7e5a3141b69
fa5af9168ed28c78e7e842325d6f4b4e6c6ad9114b974fcd71c42f6738fba4f7
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156580
Date: Wed, 01 Feb 2023 21:47:05 GMT
Etag: "63da8e22-1d7"
Expires: Fri, 03 Feb 2023 17:16:45 GMT
Last-Modified: Wed, 01 Feb 2023 16:06:58 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4Aj3znL_kly5pjNMqV8Hc8bYCk6s1KEwSC6262teHF8tgGYpUp1XTw==
Age: 4187
www.fuckmore.com/2487/?country=NO®ion=Oslo+County&city=Oslo&brands=fuckmore.com&clickid=0c550a55f47444f59456151c2fc3400d&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w54v3eaerire4tami7g7didi¬if=1
18.194.85.12200 OK 7.0 kB URL HTTP/2 www.fuckmore.com/2487/?country=NO®ion=Oslo+County&city=Oslo&brands=fuckmore.com&clickid=0c550a55f47444f59456151c2fc3400d&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w54v3eaerire4tami7g7didi¬if=1
IP 18.194.85.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (550)
Hash d2de14babe93ee01b369b79dacc169e5
78e9418a81609e62a2397d3f3d59fec190709198
bf72cddfbacdeea51bc0058cd806e7edbb9c02646baaf90e84302077de29120c
GET /2487/?country=NO®ion=Oslo+County&city=Oslo&brands=fuckmore.com&clickid=0c550a55f47444f59456151c2fc3400d&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w54v3eaerire4tami7g7didi¬if=1 HTTP/1.1
Host: www.fuckmore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 21:47:05 GMT
content-type: text/html; charset=UTF-8
content-length: 6958
server: Apache/2.4.38 (Debian)
x-powered-by: PHP/7.1.33
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.fuckmore.com/2487/css/style.css
18.194.85.12200 OK 2.0 kB URL HTTP/2 www.fuckmore.com/2487/css/style.css
IP 18.194.85.12:0
File type ASCII text, with very long lines (7031)
Hash abe920e4bbd0ff4e0ae2c5cedca7ffac
a5313a70e2352bfd77429bed85470441b6d613de
cdd3c329815c17b652c652f945c126128a950b7099ea4a1e7e89033181f2529b
GET /2487/css/style.css HTTP/1.1
Host: www.fuckmore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fuckmore.com/2487/?country=NO®ion=Oslo+County&city=Oslo&brands=fuckmore.com&clickid=0c550a55f47444f59456151c2fc3400d&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w54v3eaerire4tami7g7didi¬if=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 21:47:05 GMT
content-type: text/css
content-length: 1988
server: Apache/2.4.38 (Debian)
last-modified: Thu, 26 Jan 2023 09:36:10 GMT
etag: "1c54-5f3277a9df680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.fuckmore.com/2487/css/jquery-ui.css
18.194.85.12200 OK 8.4 kB URL HTTP/2 www.fuckmore.com/2487/css/jquery-ui.css
IP 18.194.85.12:0
File type ASCII text, with very long lines (2363)
Hash eb890942f434115913de08899ef174a4
84518af33d2157bf638eecd96ec00eeb378f547d
65c520e543b735967301de8a17d88ebfe96f9969d596fe477ebe4850f99f5d32
GET /2487/css/jquery-ui.css HTTP/1.1
Host: www.fuckmore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fuckmore.com/2487/?country=NO®ion=Oslo+County&city=Oslo&brands=fuckmore.com&clickid=0c550a55f47444f59456151c2fc3400d&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w54v3eaerire4tami7g7didi¬if=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 21:47:05 GMT
content-type: text/css
content-length: 8405
server: Apache/2.4.38 (Debian)
last-modified: Thu, 26 Jan 2023 09:36:10 GMT
etag: "8d02-5f3277a9df680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8e186dce1fd1ccf03fdcee7d14ffa216
03814faf439fe941ef696a02fca0e10ca8e6c0a1
6f0e98fcf2266d560f28288fb755123bd9ad00aa285413cdafb0a9ed09813b0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5127
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 21:47:05 GMT
Last-Modified: Wed, 01 Feb 2023 20:21:38 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
www.fuckmore.com/2487/css/all.css
18.194.85.12200 OK 13 kB URL HTTP/2 www.fuckmore.com/2487/css/all.css
IP 18.194.85.12:0
Hash 6e1c3aca47f069f2db83cb3f51a77a51
6c13be14da8fd2dfc21acbb2e9a522d9ddca6407
47d437ca52e359dd783dc40df4f0ddb8cadc41f7d0af0ded61e848e769f1755b
GET /2487/css/all.css HTTP/1.1
Host: www.fuckmore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fuckmore.com/2487/?country=NO®ion=Oslo+County&city=Oslo&brands=fuckmore.com&clickid=0c550a55f47444f59456151c2fc3400d&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w54v3eaerire4tami7g7didi¬if=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 21:47:05 GMT
content-type: text/css
content-length: 13377
server: Apache/2.4.38 (Debian)
last-modified: Thu, 26 Jan 2023 09:36:10 GMT
etag: "11f99-5f3277a9df680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.fuckmore.com/2487/media/png/image_01.png
18.194.85.12302 Found 337 B URL HTTP/2 www.fuckmore.com/2487/media/png/image_01.png
IP 18.194.85.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bd60774dde7c0c41015c7cc8d212518e
9a2550184dce2f312254c1139a3d352b23d19917
0e8dcbff0c4b0b08303172d62cd0a90c99a5eac43fb8d469d50fa7034ae3f53a
GET /2487/media/png/image_01.png HTTP/1.1
Host: www.fuckmore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fuckmore.com/2487/?country=NO®ion=Oslo+County&city=Oslo&brands=fuckmore.com&clickid=0c550a55f47444f59456151c2fc3400d&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w54v3eaerire4tami7g7didi¬if=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 01 Feb 2023 21:47:05 GMT
content-type: text/html; charset=iso-8859-1
content-length: 337
location: https://d1zp0skjzco26d.cloudfront.net/media/2487/media/png/image_01.png
server: Apache/2.4.38 (Debian)
X-Firefox-Spdy: h2
www.fuckmore.com/2487/media/png/image_02.png
18.194.85.12302 Found 337 B URL HTTP/2 www.fuckmore.com/2487/media/png/image_02.png
IP 18.194.85.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fbdab324a02f6ecb4a28b8fdcc41bbec
f201aa14f169b4c251b307c7ee7fcd67bbac15c9
303d83a5b764a1c204fd85f1ea3c1cfbcd5872870ee95067ddb66c948f8f4c09
GET /2487/media/png/image_02.png HTTP/1.1
Host: www.fuckmore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fuckmore.com/2487/?country=NO®ion=Oslo+County&city=Oslo&brands=fuckmore.com&clickid=0c550a55f47444f59456151c2fc3400d&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w54v3eaerire4tami7g7didi¬if=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 01 Feb 2023 21:47:05 GMT
content-type: text/html; charset=iso-8859-1
content-length: 337
location: https://d1zp0skjzco26d.cloudfront.net/media/2487/media/png/image_02.png
server: Apache/2.4.38 (Debian)
X-Firefox-Spdy: h2
www.fuckmore.com/2487/media/png/arrow.png
18.194.85.12302 Found 334 B URL HTTP/2 www.fuckmore.com/2487/media/png/arrow.png
IP 18.194.85.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09a5cdbd4b6ecb26c280b7e70b5f1ca5
9b270a23a779bf8077f1ffafaa34cab40fcc0485
b0c0f5bd1e017ae169b79175576a1b2e86cb35005198d5579df1750204dbc51a
GET /2487/media/png/arrow.png HTTP/1.1
Host: www.fuckmore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fuckmore.com/2487/?country=NO®ion=Oslo+County&city=Oslo&brands=fuckmore.com&clickid=0c550a55f47444f59456151c2fc3400d&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w54v3eaerire4tami7g7didi¬if=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 01 Feb 2023 21:47:05 GMT
content-type: text/html; charset=iso-8859-1
content-length: 334
location: https://d1zp0skjzco26d.cloudfront.net/media/2487/media/png/arrow.png
server: Apache/2.4.38 (Debian)
X-Firefox-Spdy: h2
www.fuckmore.com/2487/media/png/image_03.png
18.194.85.12302 Found 337 B URL HTTP/2 www.fuckmore.com/2487/media/png/image_03.png
IP 18.194.85.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash de4ffc8c078317ff662768407dcc317a
9d755345faef5ff82b2a2e3ee5ba43976ac20efa
c566008b2072de7016272c7b4848b3b0551735772721cef72bf317940cd26958
GET /2487/media/png/image_03.png HTTP/1.1
Host: www.fuckmore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fuckmore.com/2487/?country=NO®ion=Oslo+County&city=Oslo&brands=fuckmore.com&clickid=0c550a55f47444f59456151c2fc3400d&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w54v3eaerire4tami7g7didi¬if=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 01 Feb 2023 21:47:05 GMT
content-type: text/html; charset=iso-8859-1
content-length: 337
location: https://d1zp0skjzco26d.cloudfront.net/media/2487/media/png/image_03.png
server: Apache/2.4.38 (Debian)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 21:47:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 21:47:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.42200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fuckmore.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 03:27:00 GMT
expires: Thu, 01 Feb 2024 03:27:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 66005
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8e186dce1fd1ccf03fdcee7d14ffa216
03814faf439fe941ef696a02fca0e10ca8e6c0a1
6f0e98fcf2266d560f28288fb755123bd9ad00aa285413cdafb0a9ed09813b0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5127
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 21:47:05 GMT
Last-Modified: Wed, 01 Feb 2023 20:21:38 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js
142.250.74.42200 OK 255 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js
IP 142.250.74.42:0
File type Unicode text, UTF-8 text, with very long lines (64399)
Size 255 kB (255084 bytes)
Hash 1e2047978946a1d271356d0b557a84a3
5f29a324c8affb1fdb26ad4564b1e044372beed2
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
GET /ajax/libs/jqueryui/1.13.2/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fuckmore.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 255084
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:42:04 GMT
expires: Fri, 26 Jan 2024 21:42:04 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 20 Jul 2022 08:22:53 GMT
content-type: text/javascript; charset=UTF-8
age: 518701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 21:47:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.fuckmore.com/2487/webfonts/fa-solid-900.woff2
18.194.85.12200 OK 80 kB URL HTTP/2 www.fuckmore.com/2487/webfonts/fa-solid-900.woff2
IP 18.194.85.12:0
File type Web Open Font Format (Version 2), TrueType, length 80252, version 331.-31327\012- data
Hash 9ae050d1876ac1763eb6afe4264e6d5a
72344eab2e7431eec313caa21f266cbfda7caf60
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Analyzer Verdict Alert fortinet Phishing
GET /2487/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.fuckmore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.fuckmore.com/2487/css/all.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 21:47:05 GMT
content-type: font/woff2
content-length: 80252
server: Apache/2.4.38 (Debian)
last-modified: Thu, 26 Jan 2023 09:36:10 GMT
etag: "1397c-5f3277a9df680"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 6ec9fd86e90c30d52fd776a03607e288
0b170e55122b9e0d364d31ae24fb3ba286746b40
e3af7f140fd2e1169db4c320c8a39e725a330e9287d09c37e54a4a88ad28d78a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 01 Feb 2023 21:47:05 GMT
Last-Modified: Wed, 01 Feb 2023 20:45:42 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: W9ZEbjImbLPkDgb2zInZ7B9eofPaDBiVMJlFKCmj6lorVdO-IkH2dA==
Age: 3683
d1zp0skjzco26d.cloudfront.net/media/2487/media/png/arrow.png
54.230.245.168200 OK 2.8 kB URL HTTP/2 d1zp0skjzco26d.cloudfront.net/media/2487/media/png/arrow.png
IP 54.230.245.168:0
File type PNG image data, 450 x 234, 8-bit/color RGBA, non-interlaced\012- data
Hash cce175c3ee70c7dc162b755dfaba7092
55e34965de0d4b46647eb646c7bd4d5eaaffeb4f
7fb581e353b2415bb343b6053b9b51130c5a80219b567244039fd67b588547d4
GET /media/2487/media/png/arrow.png HTTP/1.1
Host: d1zp0skjzco26d.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.fuckmore.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2754
date: Tue, 31 Jan 2023 22:47:12 GMT
last-modified: Tue, 20 Dec 2022 09:39:28 GMT
etag: "cce175c3ee70c7dc162b755dfaba7092"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gu1ytQEoCl7adMW8SWwjczkEAEgxedRm4GHgEOZAG91E5_KfCreOig==
age: 82794
X-Firefox-Spdy: h2
d1zp0skjzco26d.cloudfront.net/media/2487/media/png/image_01.png
54.230.245.168200 OK 2.3 MB URL HTTP/2 d1zp0skjzco26d.cloudfront.net/media/2487/media/png/image_01.png
IP 54.230.245.168:0
File type PNG image data, 1632 x 1920, 8-bit/color RGB, non-interlaced\012- data
Size 2.3 MB (2337394 bytes)
Hash 1e658f3d3c5594ed6372a210d11f1dee
7fd9157a8e7890cf71b606cd26d70d86e690d84f
88d0ffedaf15648245f8d35018451f4426effb6d04a4702bfb77bccdc8c29bdb
GET /media/2487/media/png/image_01.png HTTP/1.1
Host: d1zp0skjzco26d.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.fuckmore.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2337394
date: Tue, 31 Jan 2023 22:47:12 GMT
last-modified: Tue, 20 Dec 2022 09:39:24 GMT
etag: "1e658f3d3c5594ed6372a210d11f1dee"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1LpqAENOgAZCeiXuGuyEYQfyyJxC4JcTOpjbHhIUFiHA7x1FGY_pig==
age: 82794
X-Firefox-Spdy: h2
www.fuckmore.com/2487/media/favicon.ico
18.194.85.12200 OK 1.2 kB URL HTTP/2 www.fuckmore.com/2487/media/favicon.ico
IP 18.194.85.12:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 18c8ba52db1ac2d3ccc020ba3c4a45bd
8820194d2f624ca833b1e1a35dc9def09c168a10
8faeb3f7a932e056b5d3939667c8209c4d8eea833e8d3997e6244493537615ed
GET /2487/media/favicon.ico HTTP/1.1
Host: www.fuckmore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fuckmore.com/2487/?country=NO®ion=Oslo+County&city=Oslo&brands=fuckmore.com&clickid=0c550a55f47444f59456151c2fc3400d&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w54v3eaerire4tami7g7didi¬if=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 21:47:05 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
server: Apache/2.4.38 (Debian)
last-modified: Thu, 26 Jan 2023 09:36:10 GMT
etag: "47e-5f3277a9df680"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 0649d7bc5bbc8bf35c1fd06ca00eba14
9233da525778bec7a96f6271135c7e85fac28cd4
c89a35db1a55e52ec32605d50a9131c059f2d190866bf7863dbb8fe0d1630338
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 21:47:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 31 Jan 2023 21:54:40 GMT
Expires: Wed, 01 Feb 2023 21:54:40 GMT
ETag: "9233da525778bec7a96f6271135c7e85fac28cd4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
live.connect2api.com/langlog?country=NO&lang=en&en=1&nl=0&de=0&es=0&fr=0&it=0&langs=en-US,en
3.69.229.125200 OK 99 B URL HTTP/2 live.connect2api.com/langlog?country=NO&lang=en&en=1&nl=0&de=0&es=0&fr=0&it=0&langs=en-US,en
IP 3.69.229.125:0
File type JSON data\012- , ASCII text
Hash aef377e477b35e8352ffb4dfadccf881
3dc7cf829839b732cd764e1a36905f47e83d43ff
06a81b1f0fda6bc4c6cd8a0a0321b3ed9e944ebdf2c40433b4dad32c0aa371f7
GET /langlog?country=NO&lang=en&en=1&nl=0&de=0&es=0&fr=0&it=0&langs=en-US,en HTTP/1.1
Host: live.connect2api.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fuckmore.com
Connection: keep-alive
Referer: https://www.fuckmore.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 21:47:06 GMT
content-type: application/json
content-length: 99
server: Apache/2.4.54 () PHP/7.4.32
x-powered-by: PHP/7.4.32
access-control-allow-origin: *
access-control-allow-headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
allow: GET, POST, OPTIONS, PUT, DELETE
app: MadOffersAPI
cache-control: no-cache, private
set-cookie: laravel_session=eyJpdiI6ImV1M0JibDVhNGR6SFIvM1NEWW9QNVE9PSIsInZhbHVlIjoiaEZPZVhveS9jTXc0MnVCem9hOWdPTE9jKzFaeE9MTHBHSVdldGNzQldWZTd0bTFoQlpHaGRDVTUwZUVUclhYQzc2RWtLSVArZExtSHZxOHN6S2pheTRZd1hVV3draHMzWTVLdUdOVklqOFVBS1JvYXJ5ZmNmZ3VIZnB1UUtRc0siLCJtYWMiOiIzMDNjM2YyM2FlZTdhMTBkNTcxYmJhZjEzZTU3Y2U5YmFhODUwMDY5NTQ3M2JiYTVkNTNjYmU3MTNmYzFlMTVhIn0%3D; expires=Wed, 01-Feb-2023 23:47:06 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-Firefox-Spdy: h2
d1zp0skjzco26d.cloudfront.net/media/2487/media/png/image_03.png
54.230.245.168200 OK 1.4 MB URL HTTP/2 d1zp0skjzco26d.cloudfront.net/media/2487/media/png/image_03.png
IP 54.230.245.168:0
File type PNG image data, 1632 x 1920, 8-bit/color RGB, non-interlaced\012- data
Size 1.4 MB (1360953 bytes)
Hash 0385e34673b9dbc26954405e45ca3a06
d98cfeaac3ab8364f73e6eb9688f8c6c301d3575
deddffd4613f919379bece9d6554d106f606b0db55b47b470d0365924beaa1e7
GET /media/2487/media/png/image_03.png HTTP/1.1
Host: d1zp0skjzco26d.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.fuckmore.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1360953
date: Tue, 31 Jan 2023 22:47:12 GMT
last-modified: Tue, 20 Dec 2022 09:39:27 GMT
etag: "0385e34673b9dbc26954405e45ca3a06"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PLK9xbrN-SlKsCfhS9uu92blwk5niR3MeDdYp3l263Xm-390gMqAkw==
age: 82794
X-Firefox-Spdy: h2
d1zp0skjzco26d.cloudfront.net/media/2487/media/png/image_02.png
54.230.245.168200 OK 2.6 MB URL HTTP/2 d1zp0skjzco26d.cloudfront.net/media/2487/media/png/image_02.png
IP 54.230.245.168:0
File type PNG image data, 1632 x 1920, 8-bit/color RGB, non-interlaced\012- data
Size 2.6 MB (2608516 bytes)
Hash c642dda33a56f1ee02236013dfcd62cd
f34f5b8191c6583d542986c865ccf3b71adb74f0
0c0467837e1b05ed2f502ce7eb1dcf6b7c08ceb554dfdeac4fe6b5aa2e2897c9
GET /media/2487/media/png/image_02.png HTTP/1.1
Host: d1zp0skjzco26d.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.fuckmore.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2608516
date: Wed, 01 Feb 2023 15:13:50 GMT
last-modified: Tue, 20 Dec 2022 09:39:26 GMT
etag: "c642dda33a56f1ee02236013dfcd62cd"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BZ8vjkkrDobqzObXdpqNXV5pjE-dOjttkurVx4C0UoEmrBCEoGKSvw==
age: 23596
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fuckmore.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 21:47:05 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3488
expires: Sat, 04 Feb 2023 21:47:05 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 792de22f4ad50b39-OSL
content-encoding: br
X-Firefox-Spdy: h2