erglegall.effectlessonobjective.tech/4r63/HB15FYs4MRXFP8U0iDSm/offer_id/1385974ed5904a438616ff7bdb3f7439/type/ourl/str/bGRrZmEyajJtMzRnc3l3cTNlaWJ0cjR2M3hjdXB6bm9oNA==/camp_id/p44d/trackid/644/ip/MjA0LjEwLjg5LjUw/timestamp/MTY3NDUwNzg5OA==/sentid/NDI4ODM3/emid/MTY1NTAwNA==/statid/bXkwMGFhYWFs
301 Moved Permanently 0 B URL HTTP/1.1 erglegall.effectlessonobjective.tech/4r63/HB15FYs4MRXFP8U0iDSm/offer_id/1385974ed5904a438616ff7bdb3f7439/type/ourl/str/bGRrZmEyajJtMzRnc3l3cTNlaWJ0cjR2M3hjdXB6bm9oNA==/camp_id/p44d/trackid/644/ip/MjA0LjEwLjg5LjUw/timestamp/MTY3NDUwNzg5OA==/sentid/NDI4ODM3/emid/MTY1NTAwNA==/statid/bXkwMGFhYWFs
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /4r63/HB15FYs4MRXFP8U0iDSm/offer_id/1385974ed5904a438616ff7bdb3f7439/type/ourl/str/bGRrZmEyajJtMzRnc3l3cTNlaWJ0cjR2M3hjdXB6bm9oNA==/camp_id/p44d/trackid/644/ip/MjA0LjEwLjg5LjUw/timestamp/MTY3NDUwNzg5OA==/sentid/NDI4ODM3/emid/MTY1NTAwNA==/statid/bXkwMGFhYWFs HTTP/1.1
Host: erglegall.effectlessonobjective.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 23 Jan 2023 21:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 23 Jan 2023 22:05:28 GMT
Location: https://erglegall.effectlessonobjective.tech/4r63/HB15FYs4MRXFP8U0iDSm/offer_id/1385974ed5904a438616ff7bdb3f7439/type/ourl/str/bGRrZmEyajJtMzRnc3l3cTNlaWJ0cjR2M3hjdXB6bm9oNA==/camp_id/p44d/trackid/644/ip/MjA0LjEwLjg5LjUw/timestamp/MTY3NDUwNzg5OA==/sentid/NDI4ODM3/emid/MTY1NTAwNA==/statid/bXkwMGFhYWFs
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGgNTWDaxngnEvyexZq29Devh1g5DBFNaY6CfG6VPx%2BJ4F%2FxkD9GxVMeA%2Bd9iPF80fLtMlu0CwKxHrHtXP1C8s0ehuPiXH8rx7WA%2BjXvqs%2BbW%2FzlqC0P%2BTvwk%2FK3vQYnmsC85HpQWl1Y9AWVQQKpl%2Bzbt6TSu6U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78e37cdb0a741c0e-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2389
Expires: Mon, 23 Jan 2023 21:45:18 GMT
Date: Mon, 23 Jan 2023 21:05:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13922
Expires: Tue, 24 Jan 2023 00:57:31 GMT
Date: Mon, 23 Jan 2023 21:05:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 20:42:37 GMT
content-type: application/json
age: 1372
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4624
Expires: Mon, 23 Jan 2023 22:22:33 GMT
Date: Mon, 23 Jan 2023 21:05:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AkAJXVxQc3MgeS61kgQRZXrv36D+nC2kAY++JdXd7Z07ucbbusCYV33x3vI83c5qWHhVn25pZ60=
x-amz-request-id: 4AEZFH61Y4MEWHF2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 20:18:59 GMT
age: 2790
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 21:05:29 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/_QMqXkWRaRE
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/_QMqXkWRaRE
IP
Hash 53e8bcb76990bdb694403e8713bb8e68
75ce25b47ecbf0241d90da761a1681342620f30f
65f2c1990aa58e9511c2d3e7c597ec8da008f18a65e0d26ff5c2c0aabe69501c
POST /s/gts1p5/_QMqXkWRaRE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 20:48:59 GMT
age: 990
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/_QMqXkWRaRE
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/_QMqXkWRaRE
IP
Hash 53e8bcb76990bdb694403e8713bb8e68
75ce25b47ecbf0241d90da761a1681342620f30f
65f2c1990aa58e9511c2d3e7c597ec8da008f18a65e0d26ff5c2c0aabe69501c
POST /s/gts1p5/_QMqXkWRaRE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash bb280016d8f12fa0a6ae86792ba89e67
53188091dab8e35ba20d2e341624777c2fb1536a
c28ed8dc9af97c7096f60030048432a41fb853e81ea91208e91493784d382bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 39
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:29 GMT
Last-Modified: Mon, 23 Jan 2023 21:04:50 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Apypwtj515nonbXuv+4bkA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Q21r+zmLEkjIaAKJ+y+kvAd9GNc=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9c4121623bc5d1e5304b3fd4c0634ab2
0e065ec4660dbf8220ab29e5342d81b23b86c289
124440a88537ae32cc8daeefb672a122d97e995d650d392bb3fa57f36cf4c189
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124440A88537AE32CC8DAEEFB672A122D97E995D650D392BB3FA57F36CF4C189"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 24 Jan 2023 03:05:30 GMT
Date: Mon, 23 Jan 2023 21:05:30 GMT
Connection: keep-alive
www.zendcart.com/N342qgOzPkJ9MIGlmOwMWjxzn6k0N4oksInBfFLjbBts8nuos8LVFJhslKedu-o3WIUClVZhn1OcewDAwb_OQg~~/9900
302 Found 0 B URL HTTP/1.1 www.zendcart.com/N342qgOzPkJ9MIGlmOwMWjxzn6k0N4oksInBfFLjbBts8nuos8LVFJhslKedu-o3WIUClVZhn1OcewDAwb_OQg~~/9900
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /N342qgOzPkJ9MIGlmOwMWjxzn6k0N4oksInBfFLjbBts8nuos8LVFJhslKedu-o3WIUClVZhn1OcewDAwb_OQg~~/9900 HTTP/1.1
Host: www.zendcart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Date: Mon, 23 Jan 2023 21:05:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Server: Apache
Location: https://www.clonscript.com/o-hxmw-f91-097f11ec87ffc50add1539eff5f9d0c8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7c51967120e9e998299434354e29696d
ae7966da397e8531081e03a7ff544641bebd4698
ca4543e6f77ca7b06eebe2931d655356968de7f13c00cafc86b73a8dad1e4baf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA4543E6F77CA7B06EEBE2931D655356968DE7F13C00CAFC86B73A8DAD1E4BAF"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11490
Expires: Tue, 24 Jan 2023 00:17:01 GMT
Date: Mon, 23 Jan 2023 21:05:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7c51967120e9e998299434354e29696d
ae7966da397e8531081e03a7ff544641bebd4698
ca4543e6f77ca7b06eebe2931d655356968de7f13c00cafc86b73a8dad1e4baf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA4543E6F77CA7B06EEBE2931D655356968DE7F13C00CAFC86B73A8DAD1E4BAF"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11490
Expires: Tue, 24 Jan 2023 00:17:01 GMT
Date: Mon, 23 Jan 2023 21:05:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7c51967120e9e998299434354e29696d
ae7966da397e8531081e03a7ff544641bebd4698
ca4543e6f77ca7b06eebe2931d655356968de7f13c00cafc86b73a8dad1e4baf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA4543E6F77CA7B06EEBE2931D655356968DE7F13C00CAFC86B73A8DAD1E4BAF"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11490
Expires: Tue, 24 Jan 2023 00:17:01 GMT
Date: Mon, 23 Jan 2023 21:05:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c664f89307d9f2cc8170ca0816708ef9
cc010d66fe22fce8e82f9bbc78fc3b836120ff0b
c77d9cae0c4132f2695322b8c33fa875a341948ffb6c3023ddb1d3ef41c9ae23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3814
x-amzn-requestid: 48468720-0305-4f17-862b-f2f854fdfe41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKq8mEPnIAMFzXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdbeb6-470a030661c749ae0fa14c31;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 22:54:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9hQjtfheswJHTaBL6yZ9UoowbsfqvbNqzUb9EOzaAppGv-fHat8O1A==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 23:09:20 GMT
etag: "cc010d66fe22fce8e82f9bbc78fc3b836120ff0b"
content-type: image/jpeg
age: 78971
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3Ke5d5WguVrF_Phnhu9ojzN5Md0VkYnFfxKNoh5HHrmHwPI90IAIdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 05:22:52 GMT
age: 56559
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9c3ffa-5410-4219-9a01-9a5dfe5e8de7.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9c3ffa-5410-4219-9a01-9a5dfe5e8de7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 257cf33430d0e588ce0df41deb9c49d2
c988799bc70b567422821f64bb95ecab4b117e3a
290eec9c2d3874a3951c161174d7fcc297f79d4f547bb9aa741ee85306cd7a90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9c3ffa-5410-4219-9a01-9a5dfe5e8de7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10481
x-amzn-requestid: a9d3763c-d10b-4918-a54d-67215346ba1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFHEVFxUoAMFaCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb854e-1d7dec1810076c6c27f5a44f;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 06:25:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XABOTraN3uT05OLykQNO_cG8YdMyJsc0We-vLtr8XKVRe3cHuFtmBA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 11:26:59 GMT
age: 34712
etag: "c988799bc70b567422821f64bb95ecab4b117e3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e71636bb9a13ad7d52d253e16cd6a3f
401dd58e34982d3434739b9a2f7182487ea1cac5
1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 5469b005-6740-4f3d-80ca-a45fd39cae68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkCFiZoAMF8oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c80-210da08f113a3273257b7d61;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: j3SoP46ER0JjOaLh363bQ9QW4ZIW19_rbgeQ7Ey8W-zgyGMMLSLccA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 04:46:41 GMT
etag: "401dd58e34982d3434739b9a2f7182487ea1cac5"
content-type: image/jpeg
age: 58730
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d95b4a29d3337c5c2ca7e4d31fa3a0b6
4c6d22bdc48d7011e2c875ee18876da6a8401669
23421c7f67582c927dacf52c25779e43f5196a40fb1b70467ed737c2417ba39e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 60a33a3f-36b1-4f6e-a17b-964118a9da31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3AcMGeNoAMFs7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5e11a-7673a87f26759a1a64e4aab2;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 23:43:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yxOiDecizhIzCJoYi-ps_EhYJkKfIagTqM0ybgsgvdVRAgjdsSTRTQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:44:17 GMT
age: 84074
etag: "4c6d22bdc48d7011e2c875ee18876da6a8401669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R-9qgCHHj8iD9FEwYhzLoXAQvdrO6D6qRIWAvyQJyfB-LHDGUjvmzA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:59 GMT
age: 83852
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.clonscript.com/o-hxmw-f91-097f11ec87ffc50add1539eff5f9d0c8
200 OK 805 B URL HTTP/1.1 www.clonscript.com/o-hxmw-f91-097f11ec87ffc50add1539eff5f9d0c8
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (805), with no line terminators
Hash 12818aba7049205a722c164e7e272fa1
6f1722b5dba8b447d3c1e6f54e76723dba98c498
c46f97006333ddd341b8d755fd798e0073c0a2e97eaf67cc5f6b8ae3ca25278b
GET /o-hxmw-f91-097f11ec87ffc50add1539eff5f9d0c8 HTTP/1.1
Host: www.clonscript.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 21:05:32 GMT
Content-Type: text/html
Content-Length: 805
Connection: keep-alive
Last-Modified: Wed, 18 Jan 2023 04:22:00 GMT
ETag: "12818aba7049205a722c164e7e272fa1"
Vary: Accept-Encoding
X-Cache: Error from cloudfront
Via: 1.1 d4269b452831f0e203a89d437c84974c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HIO50-C2
X-Amz-Cf-Id: EJF4iP5Vx2UT1MXT6D1MWNdtEwK8hPoqg7m_xWjP6hQ-mOUjNmrhcA==
Age: 60456
domain-integrity-check: true
X-Proxy-Cache: MISS
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f136e9bdce8b778967f31c138c730bf6
032c6b734540fe786b259ba0c700622b88d768a2
ec9e91a632a1ee89dfd038cbe9700ed8c01e146846433284e81fad0ff2a75192
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-9000201-8
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-9000201-8
IP
File type ASCII text, with very long lines (1921)
Hash e79aae86838b8e3d70776d42d1ea7e9c
a0c7a3bcfde679c2672046aa53fcbbb9e7dca950
2cfc1397b8982aa74f597b45ff23f160de286c4d5e192f357aa2f86d3a23531f
GET /gtag/js?id=UA-9000201-8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clonscript.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 23 Jan 2023 21:05:32 GMT
expires: Mon, 23 Jan 2023 21:05:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43992
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:300,400,500
200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500
IP
Hash a5dbb83db5cacf1b3b8dfba42b300406
16034dbff4bd1774644a9b5a3e81577e0d253223
7613208b82f75be38a1a4ead06d3e1f274423f093be1a8ee02c1761a9ef648a1
GET /css?family=Roboto:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clonscript.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 23 Jan 2023 21:05:32 GMT
date: Mon, 23 Jan 2023 21:05:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.clonscript.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 19:33:54 GMT
expires: Thu, 18 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 437498
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clonscript.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 23 Jan 2023 19:45:20 GMT
expires: Mon, 23 Jan 2023 21:45:20 GMT
cache-control: public, max-age=7200
age: 4812
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d49058d310f4af23788960ce233b8c82
dc5535fd32d7cbcd66eb12d44af2cdb15e60d438
5371cbf7ed4d0aadaa3b1cfc1f01cebcdceb87051e70784f21ef73d07c2393db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9000201-8&cid=1447104623.1674507931&jid=1969775536&gjid=879856087&_gid=1925921573.1674507931&_u=YEBAAUAAAAAAACAAIAB~&z=646941159
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9000201-8&cid=1447104623.1674507931&jid=1969775536&gjid=879856087&_gid=1925921573.1674507931&_u=YEBAAUAAAAAAACAAIAB~&z=646941159
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9000201-8&cid=1447104623.1674507931&jid=1969775536&gjid=879856087&_gid=1925921573.1674507931&_u=YEBAAUAAAAAAACAAIAB~&z=646941159 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.clonscript.com
Connection: keep-alive
Referer: https://www.clonscript.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.clonscript.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 23 Jan 2023 21:05:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clonscript.com/favicon.ico
200 OK 0 B URL HTTP/1.1 www.clonscript.com/favicon.ico
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.clonscript.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clonscript.com/o-hxmw-f91-097f11ec87ffc50add1539eff5f9d0c8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 23 Jan 2023 21:05:32 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da2c90870cbcc7eb4d247fe66a32be33
ca5d60ea46a8d4b79c594191002c67077000cc87
eec1aeddcbebfd509994a4badb273faec2987c7d043090b612794abef0292a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d49058d310f4af23788960ce233b8c82
dc5535fd32d7cbcd66eb12d44af2cdb15e60d438
5371cbf7ed4d0aadaa3b1cfc1f01cebcdceb87051e70784f21ef73d07c2393db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5b30b8284ca26f40e61117727a67f32e
689fa2f274ffc67f271fc35b2aff2001a3195cba
c0bec212fe30dee99a94e74758cc809fddf2bf2d1a4a346df78df1b6b71ac305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9000201-8&cid=1447104623.1674507931&jid=1969775536&_u=YEBAAUAAAAAAACAAIAB~&z=248437788
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9000201-8&cid=1447104623.1674507931&jid=1969775536&_u=YEBAAUAAAAAAACAAIAB~&z=248437788
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9000201-8&cid=1447104623.1674507931&jid=1969775536&_u=YEBAAUAAAAAAACAAIAB~&z=248437788 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clonscript.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 21:05:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9000201-8&cid=1447104623.1674507931&jid=1969775536&_u=YEBAAUAAAAAAACAAIAB~&z=248437788
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9000201-8&cid=1447104623.1674507931&jid=1969775536&_u=YEBAAUAAAAAAACAAIAB~&z=248437788
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9000201-8&cid=1447104623.1674507931&jid=1969775536&_u=YEBAAUAAAAAAACAAIAB~&z=248437788 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clonscript.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 21:05:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da2c90870cbcc7eb4d247fe66a32be33
ca5d60ea46a8d4b79c594191002c67077000cc87
eec1aeddcbebfd509994a4badb273faec2987c7d043090b612794abef0292a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4ec3b5ebec8f98b7435df060984d7ca6
dedffe21033e532f09b5c5e89e76db0853f91b0a
01e21ddc29765a26a6c7e48c1d30bd0c5f6cd3d40ad00e1b67deacc827d341e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 21:05:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sentry.io/api/1314267/envelope/?sentry_key=6c20ba397902400f9d47007cf6200a24&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0
200 OK 2 B URL HTTP/1.1 sentry.io/api/1314267/envelope/?sentry_key=6c20ba397902400f9d47007cf6200a24&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1314267/envelope/?sentry_key=6c20ba397902400f9d47007cf6200a24&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.13.0 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.clonscript.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.clonscript.com
Content-Length: 432
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 23 Jan 2023 21:05:33 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://www.clonscript.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
vary: Origin
x-envoy-upstream-service-time: 1
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 107bb3ac278e686ba38365bcfcc3cd0d
6fea6c72e9131a6e6432d063bf2425c17569d3d2
73ee69fda09bdea2d6671d16c98fd4f2a366abc689bdb281f1bc51f3cc3d698c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133210
Date: Mon, 23 Jan 2023 21:05:33 GMT
Etag: "63ce5267-1d7"
Expires: Wed, 25 Jan 2023 10:05:43 GMT
Last-Modified: Mon, 23 Jan 2023 09:24:55 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: saTb3EsUAXK0X3c42tVt1qzGeP26JxtIVYjusECzFs7GlRk8PBDMKQ==
Age: 2448
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 107bb3ac278e686ba38365bcfcc3cd0d
6fea6c72e9131a6e6432d063bf2425c17569d3d2
73ee69fda09bdea2d6671d16c98fd4f2a366abc689bdb281f1bc51f3cc3d698c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=133210
Date: Mon, 23 Jan 2023 21:05:33 GMT
Etag: "63ce5267-1d7"
Expires: Wed, 25 Jan 2023 10:05:43 GMT
Last-Modified: Mon, 23 Jan 2023 09:24:55 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JpjF7k7DMT3ilIgoJrnD8zY4U1wXg5bwWuMojU1nuB404bk1Kyey4g==
Age: 2448
api.optoutsystem.com/auth/legacy/optout-key
204 No Content 0 B URL HTTP/2 api.optoutsystem.com/auth/legacy/optout-key
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /auth/legacy/optout-key HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.clonscript.com/
Origin: https://www.clonscript.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 23 Jan 2023 21:05:33 GMT
vary: Origin
access-control-allow-origin: https://www.clonscript.com
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
X-Firefox-Spdy: h2
api.optoutsystem.com/auth/legacy/optout-key
200 OK 425 B URL HTTP/2 api.optoutsystem.com/auth/legacy/optout-key
IP
File type JSON data\012- , ASCII text, with very long lines (425), with no line terminators
Hash 227a065f31ce0e81cd76ae0fb83c3996
435afa304bd595f2d76c5badc5870ba79bb3e94c
cd2d533647e41b5b9e946c7834617c8b640d7851ac8ee3a1d04ceab2b8515526
POST /auth/legacy/optout-key HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 53
Origin: https://www.clonscript.com
Connection: keep-alive
Referer: https://www.clonscript.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 21:05:33 GMT
content-type: application/json; charset=utf-8
content-length: 425
vary: Origin
access-control-allow-origin: https://www.clonscript.com
access-control-allow-credentials: true
x-ratelimit-remaining: 1499
x-ratelimit-reset: 1674507993
x-ratelimit-limit: 1500
cache-control: no-cache
pragma: no-cache
expires: -1
X-Firefox-Spdy: h2
api.optoutsystem.com/campaigns/203310/optout-page
204 No Content 0 B URL HTTP/2 api.optoutsystem.com/campaigns/203310/optout-page
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /campaigns/203310/optout-page HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://www.clonscript.com/
Origin: https://www.clonscript.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 23 Jan 2023 21:05:33 GMT
vary: Origin
access-control-allow-origin: https://www.clonscript.com
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: authorization
X-Firefox-Spdy: h2
api.optoutsystem.com/campaigns/203310/optout-page
200 OK 7.1 kB URL HTTP/2 api.optoutsystem.com/campaigns/203310/optout-page
IP
File type JSON data\012- , ASCII text, with very long lines (7117), with no line terminators
Hash e68dc0e86c8ae64253649b194fa860f9
d8378a0ec47256fe88e0d0ef432ae6e2bb160fcb
30146985cdc4a6e38fd395f9a0a37791c44294c58530189ab6a25e65da7dbab1
GET /campaigns/203310/optout-page HTTP/1.1
Host: api.optoutsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0eXBlIjoib3B0b3V0IiwiY2FtcGFpZ25faWQiOjIwMzMxMCwibWFpbGVyX2lkIjoxMDQ3MzQsImNtYV9pZCI6NDYwMjQwMjUsImlhdCI6MTY3NDUwNzkzMywiZXhwIjoxNjc2MzIyMzMzfQ.X_RrqG1WIu1FuZNF_OPdimGK0kwlGGifYjMRFjPhZaU
Origin: https://www.clonscript.com
Connection: keep-alive
Referer: https://www.clonscript.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 23 Jan 2023 21:05:34 GMT
content-type: application/json; charset=utf-8
content-length: 7117
vary: Origin
access-control-allow-origin: https://www.clonscript.com
access-control-allow-credentials: true
x-ratelimit-remaining: 1498
x-ratelimit-reset: 1674507993
x-ratelimit-limit: 1500
cache-control: no-cache
pragma: no-cache
expires: -1
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.clonscript.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 07:51:59 GMT
expires: Thu, 18 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 479615
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
erglegall.effectlessonobjective.tech/4r63/HB15FYs4MRXFP8U0iDSm/offer_id/1385974ed5904a438616ff7bdb3f7439/type/ourl/str/bGRrZmEyajJtMzRnc3l3cTNlaWJ0cjR2M3hjdXB6bm9oNA==/camp_id/p44d/trackid/644/ip/MjA0LjEwLjg5LjUw/timestamp/MTY3NDUwNzg5OA==/sentid/NDI4ODM3/emid/MTY1NTAwNA==/statid/bXkwMGFhYWFs
302 Found 0 B URL HTTP/2 erglegall.effectlessonobjective.tech/4r63/HB15FYs4MRXFP8U0iDSm/offer_id/1385974ed5904a438616ff7bdb3f7439/type/ourl/str/bGRrZmEyajJtMzRnc3l3cTNlaWJ0cjR2M3hjdXB6bm9oNA==/camp_id/p44d/trackid/644/ip/MjA0LjEwLjg5LjUw/timestamp/MTY3NDUwNzg5OA==/sentid/NDI4ODM3/emid/MTY1NTAwNA==/statid/bXkwMGFhYWFs
IP
GET /4r63/HB15FYs4MRXFP8U0iDSm/offer_id/1385974ed5904a438616ff7bdb3f7439/type/ourl/str/bGRrZmEyajJtMzRnc3l3cTNlaWJ0cjR2M3hjdXB6bm9oNA==/camp_id/p44d/trackid/644/ip/MjA0LjEwLjg5LjUw/timestamp/MTY3NDUwNzg5OA==/sentid/NDI4ODM3/emid/MTY1NTAwNA==/statid/bXkwMGFhYWFs HTTP/1.1
Host: erglegall.effectlessonobjective.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 23 Jan 2023 21:05:29 GMT
content-type: text/html; charset=UTF-8
location: https://www.zendcart.com/N342qgOzPkJ9MIGlmOwMWjxzn6k0N4oksInBfFLjbBts8nuos8LVFJhslKedu-o3WIUClVZhn1OcewDAwb_OQg~~/9900
x-powered-by: PHP/7.4.8RC1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYjcQ0JogF%2B1QsI8JTc6Eq%2BsOfoyICZOkWU9ffMeP3iIGuf0iZk6jD%2FfgQlfccVnWJbM4cc38DHOuWiTbu5pTOt0GccLjOxiNT8dbt6wbpxYatbE87Q8bb8faq4gWrwIzlL7Zl5ITFlTHOKq4GpuVQPa3SEoZrs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78e37cdf1a551c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ds2r9mr2r4h38.cloudfront.net/static/css/main.3ec05bac.css
200 OK 0 B URL HTTP/2 ds2r9mr2r4h38.cloudfront.net/static/css/main.3ec05bac.css
IP
GET /static/css/main.3ec05bac.css HTTP/1.1
Host: ds2r9mr2r4h38.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clonscript.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Wed, 18 Jan 2023 04:22:13 GMT
last-modified: Wed, 18 Jan 2023 04:22:02 GMT
etag: W/"94fec3c6987c4a59b2f719672a6eaaf6"
cache-control: max-age=604800
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qNMjxUF3CFEEaDW5KSEUvdZTxf5FDYbAx61vndv5m7JpblCVOq4OKg==
age: 492200
domain-integrity-check: true
X-Firefox-Spdy: h2
ds2r9mr2r4h38.cloudfront.net/static/js/main.95aeef22.js
200 OK 0 B URL HTTP/2 ds2r9mr2r4h38.cloudfront.net/static/js/main.95aeef22.js
IP
GET /static/js/main.95aeef22.js HTTP/1.1
Host: ds2r9mr2r4h38.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.clonscript.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 18 Jan 2023 04:22:20 GMT
last-modified: Wed, 18 Jan 2023 04:22:04 GMT
etag: W/"39a319595da33d4485f6aa8984e45ca6"
cache-control: max-age=604800
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QdmL62LWC0Zhoqeuri-xSlh2xsbW0wOhgU9ITq4_TXj18WGp7gpl1g==
age: 492193
domain-integrity-check: true
X-Firefox-Spdy: h2
104.21.35.130
35.188.42.15
93.184.220.29
95.101.11.115