Overview

URL www.regionic.info/jmb/?p=212063
IP83.166.138.58
ASNInfomaniak Network SA
Location Switzerland
Report completed2022-10-04 12:13:31 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 www.regionic.info/jmb/?p=212063 Phishing
2022-10-04 2 www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/cs (...) Phishing
2022-10-04 2 www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/cs (...) Phishing
2022-10-04 2 www.regionic.info/jmb/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 Phishing
2022-10-04 2 www.regionic.info/jmb/wp-content/plugins/cardoza-facebook-like-box/cardozaf (...) Phishing
2022-10-04 2 www.regionic.info/jmb/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Phishing
2022-10-04 2 www.regionic.info/jmb/wp-content/plugins/fb-social-reader/js/sr.min.js?ver= (...) Phishing
2022-10-04 2 www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/js (...) Phishing
2022-10-04 2 www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/js (...) Phishing
2022-10-04 2 www.regionic.info/jmb/wp-content/plugins/srizon-facebook-album/resources/js (...) Phishing
2022-10-04 2 www.regionic.info/jmb/wp-includes/js/comment-reply.min.js?ver=6.0.2 Phishing
2022-10-04 2 www.learningtoolkit.club/link.php?zzz=4 Malware
2022-10-04 2 www.learningtoolkit.club/link.php?zzz=5 Malware
2022-10-04 2 www.learningtoolkit.club/link.php?zzz=5 Malware
2022-10-04 2 www.learningtoolkit.club/link.php?zzz=4 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (39)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.regionic.info (29) 0 2015-11-21 16:54:50 UTC 2022-10-04 07:18:29 UTC 83.166.138.58 Unknown ranking
mnemonic passive DNS www.stumbleupon.com (2) 27615 2019-06-19 13:28:27 UTC 2022-10-04 10:41:28 UTC 76.76.21.61
mnemonic passive DNS odnaknopka.ru (2) 352891 2012-07-15 16:20:00 UTC 2022-10-04 09:14:00 UTC 142.132.202.70
mnemonic passive DNS hyvesgames.nl (2) 0 2017-01-03 14:55:45 UTC 2022-09-28 08:00:36 UTC 104.21.86.44 Unknown ranking
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 34.160.144.191
mnemonic passive DNS platform.twitter.com (4) 597 2012-05-21 03:34:05 UTC 2022-10-04 06:01:50 UTC 151.101.84.157
mnemonic passive DNS ajax.googleapis.com (1) 12905 2013-08-16 09:51:31 UTC 2022-10-04 10:58:46 UTC 142.250.74.138
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-10-04 04:17:03 UTC 31.13.72.36
mnemonic passive DNS button.buffer.com (1) 881070 2017-03-29 19:39:12 UTC 2022-09-27 12:57:51 UTC 104.16.140.52
mnemonic passive DNS developers.google.com (2) 12980 2021-02-04 06:38:37 UTC 2022-10-04 09:04:50 UTC 142.250.74.14
mnemonic passive DNS log.pinterest.com (1) 3464 2015-02-16 23:42:31 UTC 2022-10-04 05:56:00 UTC 151.101.84.84
mnemonic passive DNS static.buffer.com (1) 266833 2016-06-19 23:26:26 UTC 2022-09-28 17:19:06 UTC 104.16.140.52
mnemonic passive DNS www.reddit.com (2) 2161 2012-05-22 18:03:18 UTC 2022-10-04 06:21:13 UTC 151.101.85.140
mnemonic passive DNS api.flattr.com (1) 330989 2015-07-19 19:51:51 UTC 2022-10-04 08:09:50 UTC 172.67.70.66
mnemonic passive DNS www.learningtoolkit.club (4) 0 2018-09-26 14:33:34 UTC 2022-09-27 07:33:55 UTC 54.67.93.101 Unknown ranking
mnemonic passive DNS connect.facebook.net (2) 139 2012-05-22 02:51:28 UTC 2022-10-04 04:17:21 UTC 31.13.72.12
mnemonic passive DNS assets.pinterest.com (3) 2560 2014-11-19 16:42:27 UTC 2022-10-04 05:25:00 UTC 151.101.84.84
mnemonic passive DNS accounts.google.com (1) 81 2016-09-05 09:39:47 UTC 2022-10-04 05:16:29 UTC 216.58.207.237
mnemonic passive DNS r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.77.32
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS www.tipy.com (4) 0 2015-03-18 11:02:52 UTC 2022-09-21 05:50:02 UTC 3.74.170.143 Unknown ranking
mnemonic passive DNS www.repairmywindowsanddoors.co.uk (1) 0 2019-06-07 20:38:21 UTC 2022-09-29 03:59:26 UTC 149.255.62.87 Unknown ranking
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-10-04 09:09:40 UTC 104.18.32.68
mnemonic passive DNS forwardmytraffic.com (1) 0 2018-11-21 17:16:39 UTC 2022-09-23 18:53:06 UTC 192.102.6.94 Unknown ranking
mnemonic passive DNS widgets.pinterest.com (1) 6540 2013-04-10 10:19:37 UTC 2022-10-04 07:09:04 UTC 151.101.84.84
mnemonic passive DNS syndication.twitter.com (1) 833 2013-09-20 01:46:47 UTC 2022-10-04 04:40:21 UTC 104.244.42.72
mnemonic passive DNS static.cloudflareinsights.com (1) 1294 2019-09-24 14:34:56 UTC 2022-10-04 07:04:41 UTC 172.64.156.26
mnemonic passive DNS platform.linkedin.com (1) 3785 2014-10-23 11:50:28 UTC 2022-10-04 04:17:48 UTC 23.36.76.121
mnemonic passive DNS platform.tumblr.com (3) 73765 2014-05-02 21:11:10 UTC 2022-10-02 21:18:17 UTC 74.114.154.15
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-10-04 04:47:48 UTC 104.17.25.14
mnemonic passive DNS www.redditstatic.com (2) 1440 2012-06-30 12:33:28 UTC 2022-10-04 04:30:15 UTC 151.101.85.140
mnemonic passive DNS buttons.reddit.com (1) 61866 2012-06-01 08:33:10 UTC 2022-10-02 22:17:25 UTC 151.101.85.140
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 09:13:54 UTC 143.204.55.35
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS static.bufferapp.com (1) 870242 2013-06-16 07:32:40 UTC 2022-09-27 12:57:51 UTC 104.16.139.31
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-10-04 07:51:20 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-04 04:45:06 UTC 54.187.71.185
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3
mnemonic passive DNS apis.google.com (1) 105 2013-05-30 23:17:44 UTC 2022-10-04 04:25:30 UTC 142.250.74.174


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 83.166.138.58

Date UQ / IDS / BL URL IP
2022-11-24 11:42:11 +0000
0 - 0 - 18 regionic.info/jmb?p=51352 83.166.138.58
2022-11-12 08:38:43 +0000
0 - 0 - 17 regionic.info/jmb/?p=128992 83.166.138.58
2022-11-12 08:38:45 +0000
0 - 0 - 17 regionic.info/jmb?p=219118 83.166.138.58
2022-11-11 14:29:36 +0000
0 - 0 - 16 regionic.info/jmb?tag=storm-damage-in-orange- (...) 83.166.138.58
2022-11-05 00:25:19 +0000
0 - 0 - 16 www.regionic.info/jmb/?p=18298 83.166.138.58

Last 5 reports on ASN: Infomaniak Network SA

Date UQ / IDS / BL URL IP
2022-12-08 08:48:04 +0000
0 - 0 - 1 www.ehpad-charaintru.fr/includes/ee/ 195.15.217.184
2022-12-05 09:09:52 +0000
0 - 0 - 1 i-webproject.ch/ 128.65.195.237
2022-12-04 17:54:22 +0000
0 - 0 - 2 www.portersonenfant.fr/netfilxpaymentalert/ac (...) 83.166.138.43
2022-12-04 17:05:49 +0000
0 - 0 - 2 portersonenfant.fr/netfilxpaymentalert/accoun (...) 83.166.138.43
2022-12-04 17:05:34 +0000
0 - 0 - 2 portersonenfant.fr/netfilxpaymentalert/accoun (...) 83.166.138.43

Last 5 reports on domain: regionic.info

Date UQ / IDS / BL URL IP
2022-11-24 11:42:11 +0000
0 - 0 - 18 regionic.info/jmb?p=51352 83.166.138.58
2022-11-12 08:38:43 +0000
0 - 0 - 17 regionic.info/jmb/?p=128992 83.166.138.58
2022-11-12 08:38:45 +0000
0 - 0 - 17 regionic.info/jmb?p=219118 83.166.138.58
2022-11-11 14:29:36 +0000
0 - 0 - 16 regionic.info/jmb?tag=storm-damage-in-orange- (...) 83.166.138.58
2022-11-05 00:25:19 +0000
0 - 0 - 16 www.regionic.info/jmb/?p=18298 83.166.138.58

No other reports with similar screenshot



JavaScript

Executed Scripts (47)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 178, repeated: 1) - SHA256: 965e8416f38658c498a1a242282618071eaf7e98b769e676077649a4eede315d

                                        < iframe src = "//www.redditstatic.com/button/button1.html?url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063"
height = "22"
width = "120"
scrolling = 'no'
frameborder = '0' > < /iframe>
                                    


HTTP Transactions (108)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7203
Expires: Tue, 04 Oct 2022 14:13:22 GMT
Date: Tue, 04 Oct 2022 12:13:19 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 11:40:45 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L8hIJTLGkUNTgW3UnjTKI4Q8gLtkrHdLVxnVqeNqRo2asI31BQx3kg==
Age: 1953


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5230
Expires: Tue, 04 Oct 2022 13:40:29 GMT
Date: Tue, 04 Oct 2022 12:13:19 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: +U0hfXPCEde4dRg8sOQZ1uDfbMkeqV9gG9LV8AGNEwJOJ8T5qvsLneJlhmlBW15jirom+QxeUp4=
x-amz-request-id: 70B3A3SR51PNGQFD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Oct 2022 11:54:14 GMT
age: 1146
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 12:13:20 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /jmb/?p=212063 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 12:13:19 GMT
Server: Apache
Link: <http://www.regionic.info/jmb/index.php?rest_route=/>; rel="https://api.w.org/", <http://www.regionic.info/jmb/index.php?rest_route=/wp/v2/posts/212063>; rel="alternate"; type="application/json", <http://www.regionic.info/jmb/?p=212063>; rel=shortlink
Upgrade: h2
Connection: Upgrade
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   14782
Md5:    871c7cc788c40cc95ccd55890cb3fbe5
Sha1:   1b2e7ccff89688a861b50152bfb9106a67158bdd
Sha256: 6db22480a0599ba542f8b8a3cd4b404714b10bfcd4fd9cd33943e4e36365a06c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jmb/wp-content/themes/twentyten/style.css HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:18:20 GMT
ETag: "5c67-52d39c977a300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5945


--- Additional Info ---
Magic:  ASCII text, with very long lines (535)
Size:   5945
Md5:    46b42de88554440913c99c306577b122
Sha1:   2c29e19ea1e71895b1b41138a59173dab15dfea5
Sha256: 2fe9193a48d8bb81f482b0cb299456e793d709bc5e86aee1426705d5e03f3743
                                        
                                            GET /js/button.js HTTP/1.1 
Host: static.bufferapp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/

                                         
                                         104.16.139.31
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 04 Oct 2022 13:13:20 GMT
Location: https://static.buffer.com/js/button.js
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754dd4baf99d0b02-OSL

                                        
                                            GET /static/button/button1.js?newwindow=1&url=http://www.regionic.info/jmb/?p=212063 HTTP/1.1 
Host: www.reddit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/

                                         
                                         151.101.85.140
HTTP/1.1 301 Moved Permanently
                                        
Connection: close
Content-Length: 0
Retry-After: 0
Location: https://www.reddit.com/static/button/button1.js?newwindow=1&url=http://www.regionic.info/jmb/?p=212063
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 12:13:20 GMT
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Cache-Control: private, max-age=3600
Server: snooserv
Report-To: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
NEL: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}

                                        
                                            GET /in.js?ver=6.0.2 HTTP/1.1 
Host: platform.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.121
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
server: Play
expires: Tue, 4 Oct 2022 13:11:03 GMT
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 163351
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
x-li-uuid: AAXqNFqjg919pcv/V37yAA==
date: Tue, 04 Oct 2022 12:13:20 GMT
vary: Accept-Encoding
x-cdn-client-ip-version: IPV4
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (41593)
Size:   163351
Md5:    eaa27eb8dacc5231579981de726dd89f
Sha1:   457fd11b97a611d8dde4621453e61b9fe03fd293
Sha256: 86fab1fde96db8eb0c1309f3f3e1dc3168fb472f1cbf1a66edba710e472face3
                                        
                                            GET /jmb/wp-content/plugins/add-link-to-facebook/add-link-to-facebook.css?ver=6.0.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade
Last-Modified: Fri, 04 Mar 2016 14:12:02 GMT
ETag: "10f-52d39b2efd080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 220


--- Additional Info ---
Magic:  ASCII text
Size:   220
Md5:    5960fb646f4ac405f4ec6c2c9ad2a027
Sha1:   0356668a2cf0a15628a6d1d0bea992a4264fc275
Sha256: 6e680f53135a6d4b2b75ffe9c7f687b33c4fe34abc1395e5d0e5acde4aaa595b
                                        
                                            GET /jmb/wp-content/plugins/srizon-facebook-album/resources/css/elastislide.min.css?ver=6.0.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade
Last-Modified: Fri, 04 Mar 2016 14:16:24 GMT
ETag: "7aa-52d39c28d9e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 635


--- Additional Info ---
Magic:  ASCII text, with very long lines (1962), with no line terminators
Size:   635
Md5:    db3c7868bfc439e8374d97ead0d4bdee
Sha1:   9e58e07495cc2d09a4bbcbaeb79f02767b6557c1
Sha256: c50c163a065576f4e979be7146044b2af003b994aa9be1f967bb2fb06b5cf953

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jmb/wp-content/plugins/cardoza-facebook-like-box/cardozafacebook.css?ver=6.0.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade
Last-Modified: Tue, 21 Jun 2022 06:45:11 GMT
ETag: "437-5e1ef8fedeb50-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 332


--- Additional Info ---
Magic:  CSV text\012- , ASCII text, with CRLF line terminators
Size:   332
Md5:    bcb6bcdc3b9f75d9834b745fafbcd2ef
Sha1:   d559a6d33ef73c30d7a546a69e5e6c7843dec4e4
Sha256: ffee38b18271e25849cfd2ce95e3206b34e15d01aa3c21acf6dd29da55ce60f4
                                        
                                            GET /jmb/wp-content/plugins/srizon-facebook-album/resources/css/mag-popup.min.css?ver=6.0.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade
Last-Modified: Fri, 04 Mar 2016 14:16:24 GMT
ETag: "17b1-52d39c28d9e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1705


--- Additional Info ---
Magic:  ASCII text, with very long lines (6065), with no line terminators
Size:   1705
Md5:    af7191bfbee1f7906b91594e564b3b54
Sha1:   d16ecd7e4548743a605d649e90219b4ef69dae01
Sha256: 94e39de77d84991a731ebf77fa6c75641127ce142213b07317536768511b2cbb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jmb/wp-content/plugins/fb-social-reader/css/style.css?ver=6.0.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade
Last-Modified: Fri, 04 Mar 2016 14:13:07 GMT
ETag: "1918-52d39b6cfa2c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1521


--- Additional Info ---
Magic:  ASCII text
Size:   1521
Md5:    846d7d2e9ab8ef1cc3045650d90be00c
Sha1:   4fc113ffe22a5cffb328c1ecb77e409c472c4c96
Sha256: 20c45d712b497f79bf178c2d6ee4a5955e6902c6bb7101969289a49bca98b949
                                        
                                            GET /jmb/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Wed, 13 Jul 2022 04:18:35 GMT
ETag: "15b64-5e3a8141f38c3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11681


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   11681
Md5:    e5548800176e913a9084f47a3e1e04f6
Sha1:   eff4604acc5c26ae82a19188de2f98bf5b79d80c
Sha256: a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jmb/wp-content/plugins/srizon-facebook-album/resources/css/srizon.custom.min.css?ver=2.3 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:24 GMT
ETag: "1f7a-52d39c28d9e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2054


--- Additional Info ---
Magic:  ASCII text, with very long lines (8058), with no line terminators
Size:   2054
Md5:    bfc3097d6a19406d6f000a8514db8c67
Sha1:   e92f355cf2aa7164c37640acab4d0ac189aef9ec
Sha256: f453398a652ea2eeae098967a38ce361a0f0daf260fc33b208ecd97aea47ef90
                                        
                                            GET /jmb/wp-content/plugins/cardoza-facebook-like-box/cardozafacebook.js?ver=6.0.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Tue, 21 Jun 2022 06:45:11 GMT
ETag: "b1f-5e1ef8fedeb50-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 381


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   381
Md5:    c26c1149a61b90738434f96a6eb566be
Sha1:   60b7efad2c1852b4e66737965e2edd6afc8af2e9
Sha256: 5e3dba55cd599aefa42c63e6726f3c2e95cf14b077c7f1a8195f9788d77207d8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/style.css?ver=6.0.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:19 GMT
ETag: "8c2-52d39c24152c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 777


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   777
Md5:    1ce521270815d9f13c11654b2c940766
Sha1:   b87c4a83005a7e36335cea34c80a29d2bcb5eeae
Sha256: 735a289163641abaa57b850a4b4c2c1734766701aaba58d73fb4107ffe2febb7
                                        
                                            GET /jmb/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Tue, 21 Jun 2022 06:43:55 GMT
ETag: "2bd8-5e1ef8b65c353-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4169


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4169
Md5:    5629711d7fdd5b28441bac39b851299f
Sha1:   4e0bf2b7383097f7c352023a1b1b1b48a50356b6
Sha256: 44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
                                        
                                            GET /jmb/wp-content/plugins/recent-facebook-posts/assets/css/default.min.css?ver=2.0.8 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:21 GMT
ETag: "923-52d39c25fd740-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 762


--- Additional Info ---
Magic:  ASCII text, with very long lines (2339), with no line terminators
Size:   762
Md5:    d4b976de1da7f7be59ad8d562245ee96
Sha1:   3a955fa2af18fd9d3bcdec9928021691179e43cf
Sha256: 6237be557b7c7539e51a3780f13bfe59761844242aab8af74f2f281509006c14
                                        
                                            GET /jmb/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Tue, 21 Jun 2022 06:43:55 GMT
ETag: "15db1-5e1ef8b65f233-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30908


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30908
Md5:    9640915738503451aa21181699feab5b
Sha1:   c053eaf36ef0da96619706b3abda326305063bd6
Sha256: f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jmb/wp-content/plugins/srizon-facebook-album/resources/js/jquery.collagePlus.min.js?ver=6.0.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Wed, 21 Nov 2018 20:29:03 GMT
ETag: "1946-57b3299de8183-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2159


--- Additional Info ---
Magic:  ASCII text, with very long lines (6470), with no line terminators
Size:   2159
Md5:    fa84b21a34f2d58c03aef662ae5abd67
Sha1:   7959d25dde0b746fb99b88728aa9f9b6e24de072
Sha256: 2daef4f3fae6b8a14be7374b5358e2a70ca7b82486627b73f94edfab41f054be
                                        
                                            GET /jmb/wp-content/plugins/fb-social-reader/js/sr.min.js?ver=1.6.0.6 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:13:08 GMT
ETag: "dec1-52d39b6dee500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16453


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (56742)
Size:   16453
Md5:    44ee5d1989ce366ebf46a1977c0b4524
Sha1:   89b21bc7b7fcf4d0ab95df2d0d2aea997ca3fa5e
Sha256: 89eb529dbfefcb00a30a74bf8d13f414f37a27bcfcbe8537b62c1d6ca0f55d7c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jmb/wp-content/plugins/srizon-facebook-album/resources/js/modernizr.js?ver=6.0.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:25 GMT
ETag: "23d3-52d39c29ce040-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4042


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (8960)
Size:   4042
Md5:    ddb5e0e67e101b25f75010659ad3f6d6
Sha1:   eef831f9d2e37b5af10d758380844a822e929632
Sha256: 2ff3d1c2cbbe1c09812aa640450044a57965f6525588a11bdf3d1032e251da8b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jmb/wp-content/plugins/srizon-facebook-album/resources/js/mag-popup.js?ver=6.0.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:25 GMT
ETag: "5270-52d39c29ce040-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7677


--- Additional Info ---
Magic:  ASCII text, with very long lines (20844)
Size:   7677
Md5:    dbfe5bc7c17594ecb1c525e501da9564
Sha1:   f65f4f1d4f7043b85898ee231dfb9aba3e4220a1
Sha256: 86688bb51a8303ea530de4fafb4c91d3885e0447f7c10b45b3f1eb44091d558a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 11:29:33 GMT
Expires: Tue, 04 Oct 2022 12:17:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S2IZOO2pPHoqBnbXRMfkZaJCxzzIKWYfIdqI-8m96saSawtI91bdjw==
Age: 2627


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /v1/share.js?ver=6.0.2 HTTP/1.1 
Host: platform.tumblr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/

                                         
                                         74.114.154.15
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Tue, 04 Oct 2022 12:13:20 GMT
Content-Length: 142
Connection: keep-alive
Location: https://platform.tumblr.com/v1/share.js?ver=6.0.2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            GET /jmb/wp-content/plugins/srizon-facebook-album/resources/js/jquery.elastislide.min.js?ver=6.0.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Wed, 21 Nov 2018 20:29:03 GMT
ETag: "351f-57b3299de8183-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4142


--- Additional Info ---
Magic:  ASCII text, with very long lines (13599), with no line terminators
Size:   4142
Md5:    c37425cd901572f8f757e6a36627f2c6
Sha1:   e5810a1f9fb0be1ef033a26296ca3bdb38bdecbc
Sha256: 2e6289be6d9fc69faaf37cc4614af6f6ee9b8bff60259d419e08dc2fa19bcf8f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5935
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 12:13:20 GMT
Last-Modified: Tue, 04 Oct 2022 10:34:25 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /button_compact.gif HTTP/1.1 
Host: www.tipy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/

                                         
                                         3.74.170.143
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.14.2
Date: Tue, 04 Oct 2022 12:13:20 GMT
Content-Length: 185
Connection: keep-alive
Location: https://www.tipy.com/button_compact.gif


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   185
Md5:    4c555068310076e85908835c721911f5
Sha1:   9ec990aabb4391e139034f68e5e657e0f1d0b74d
Sha256: 568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510
                                        
                                            GET /js/0.6/load.js?mode=auto&ver=6.0.2 HTTP/1.1 
Host: api.flattr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.70.66
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Tue, 04 Oct 2022 12:13:20 GMT
content-length: 178
location: https://button.flattr.com/loader.js?mode=auto&ver=6.0.2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1CZZAOhSyuAVunnd0n0tL2apFyBCqmxioRhyvGIGYtplA9usXpmI6IfkAxSOrCOwjWw5MslUw2F4nRKWwfbwGkQqqaecZeuTB9naVoRiGFWoQecVqiU9u0X0%2BhoGdi8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dd4bafd8ab506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /jmb/wp-content/plugins/srizon-facebook-album/resources/js/srizon.custom.min.js?ver=2.3.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:25 GMT
ETag: "2e4d-52d39c29ce040-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3448


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (11853), with no line terminators
Size:   3448
Md5:    15522215729c753f7b3723e5abf2028b
Sha1:   ef370e5c588147a02076ea9ff496ff510e36e39f
Sha256: e9a438f36dc15af555a2bf372a222715f96a8959d62888b386858e53c5c336d3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jmb/wp-includes/js/comment-reply.min.js?ver=6.0.2 HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Tue, 21 Jun 2022 06:43:55 GMT
ETag: "ba5-5e1ef8b691eb3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1351


--- Additional Info ---
Magic:  ASCII text, with very long lines (2946)
Size:   1351
Md5:    28214bc78b9edfcfbc9c7b651fb4f56c
Sha1:   fb0847abdb33dd943a2dcda4c4b905fb5cdd116c
Sha256: 11691bc1acc1f3a7ab8ef7c67fb720ca58fb72e52f510009f7b0cbc2589d45e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/specificfeeds_follow.png HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:19 GMT
ETag: "2ca-52d39c24152c0"
Accept-Ranges: bytes
Content-Length: 714


--- Additional Info ---
Magic:  PNG image data, 26 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size:   714
Md5:    346c3031219692aa036b3f70a049357e
Sha1:   1be1d28a7fd3c97ec06bd5acc0c1965975904dff
Sha256: 8eed0123cea1bc7373855ce7371d01f5c4bfbf58d0f70d9c9f2b945940f48c61
                                        
                                            GET /jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/email.png HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:19 GMT
ETag: "7be-52d39c24152c0"
Accept-Ranges: bytes
Content-Length: 1982


--- Additional Info ---
Magic:  PNG image data, 30 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size:   1982
Md5:    49e12c71bf7fc34e81b089e93cb24e97
Sha1:   6dbacc6dbc4e218bfecd3667027ac60f0f5f2ad8
Sha256: 6716dbbcf4c38a706abf0b7ad4398ca2f1d471c647ea8ef588fe680a1494501a
                                        
                                            GET /jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/rss.png HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:19 GMT
ETag: "407-52d39c24152c0"
Accept-Ranges: bytes
Content-Length: 1031


--- Additional Info ---
Magic:  PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size:   1031
Md5:    05e27acef3866d11912ffd5f5a8082e6
Sha1:   21fdfecf0185d7006dda0ca426926b3ed4d2b2b4
Sha256: 91eebabc35aac7ff6bc31bd78f5bba8ae01a1621dbee807f2fe26aec8076db45
                                        
                                            GET /jmb/wp-content/uploads/2013/05/cropped-Carte_regions_Kamerun_Allemand_Batscham_mark_jmb2012N.jpg HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 04 Oct 2022 12:13:20 GMT
Server: Apache
Last-Modified: Thu, 23 May 2013 11:07:30 GMT
ETag: "19e54-4dd60b0398080"
Accept-Ranges: bytes
Content-Length: 106068


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 940x198, components 3\012- data
Size:   106068
Md5:    ec53ed4bf2c9c19af19954b5f0dd3aaa
Sha1:   0d99b1707f02398171141abf1fd4ef106547cd36
Sha256: bb16a4f2a4fa5fd5c218dd791144a197269bdf8afbbadabed8c8c10ff0cc71ad
                                        
                                            GET /static/button/button1.js?newwindow=1&url=http://www.regionic.info/jmb/?p=212063 HTTP/1.1 
Host: www.reddit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.140
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Mon, 22 Sep 2014 16:25:05 GMT
etag: "610788fd4961c058cee1869f473c374c"
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:13:20 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: private, max-age=3600
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 1074
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1074
Md5:    610788fd4961c058cee1869f473c374c
Sha1:   43c8308946d4f121b91aae5fb1a688392a234d01
Sha256: fdc2e23dcb6a6ce8f2ada0e9933e7edbda5f15d450165c71482eb752c7c5ae24
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B49F1602AFD949E6F33DFEF30F67DABAAC87FE1581ABF6D58011FC9E8CDAE9D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 04 Oct 2022 18:13:20 GMT
Date: Tue, 04 Oct 2022 12:13:20 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xGJ5Z+pZZ0yo9CgHAIlOYQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.187.71.185
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iX/TGI/GkxMDDhW7tKgQNAapIDg=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F3E31017E3606180FF583266EE42523C531C275F7BEF8C83B598A8096ADF20F6"
Last-Modified: Tue, 04 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21560
Expires: Tue, 04 Oct 2022 18:12:40 GMT
Date: Tue, 04 Oct 2022 12:13:20 GMT
Connection: keep-alive

                                        
                                            GET /wp-content/uploads/2018/12/Replacement-Doors-300x200.jpg HTTP/1.1 
Host: www.repairmywindowsanddoors.co.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         149.255.62.87
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 04 Oct 2022 12:13:20 GMT
content-length: 15295
last-modified: Fri, 16 Oct 2020 18:49:03 GMT
etag: "3bbf-5b1ce37f41023"
cache-control: max-age=31536000
expires: Wed, 04 Oct 2023 03:20:55 GMT
referrer-policy:
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", baseline, precision 8, 300x200, components 3\012- data
Size:   15295
Md5:    a419e72becb1d566b40334ed351ba509
Sha1:   8ea8b952b371899e052aaee2f064ce1e127f4d3b
Sha256: 44580446334106a01c65e899790a07398181d8d37e5e9f2625a90126f3583359
                                        
                                            GET /button_compact.gif HTTP/1.1 
Host: www.tipy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.74.170.143
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx/1.14.2
Date: Tue, 04 Oct 2022 12:13:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   232
Md5:    328f87671c7c5a894d4f38b85b3d326b
Sha1:   8fea1b85bc8727669266925e412d94b74a07da38
Sha256: d3dad34c1bffe93e3ec8a432f171db4a1da94b103966c11f277da95157a08ec5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BB967DED05700735966CA7C6BF8ECB2B5655682EE9EA2D9F0AAD581C6C866A5C"
Last-Modified: Tue, 04 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21558
Expires: Tue, 04 Oct 2022 18:12:39 GMT
Date: Tue, 04 Oct 2022 12:13:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 12:13:21 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 08:43:20 GMT
Expires: Mon, 10 Oct 2022 08:43:19 GMT
Etag: "25b7cc92be1d02353ad0c481763067aaaf19cecb"
Cache-Control: max-age=505197,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754dd4be1a32b4f7-OSL

                                        
                                            GET /link.php?zzz=4 HTTP/1.1 
Host: www.learningtoolkit.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.regionic.info
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.67.93.101
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 04 Oct 2022 12:13:18 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: https://www.businessmagazine.org


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/share.js?ver=6.0.2 HTTP/1.1 
Host: platform.tumblr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         74.114.154.15
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: openresty
date: Tue, 04 Oct 2022 12:13:21 GMT
last-modified: Fri, 12 Aug 2022 09:28:23 GMT
vary: Accept-Encoding
etag: W/"62f61d37-60"
expires: Tue, 04 Oct 2022 13:13:21 GMT
pragma: public
content-encoding: br
cache-control: max-age=3600, immutable
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5096
Md5:    b8088094df30267a4ee5136fd729b8db
Sha1:   3dc4c8faa6cdaa6008a83c6ba863291b2d2ce750
Sha256: 4c11968737f009d2a9a536ba7c86e8d570414d4f2e96bab36989a7f321307779
                                        
                                            GET /link.php?zzz=5 HTTP/1.1 
Host: www.learningtoolkit.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.regionic.info
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.67.93.101
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 04 Oct 2022 12:13:18 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: https://www.businessmagazine.org


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /link.php?zzz=5 HTTP/1.1 
Host: www.learningtoolkit.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.regionic.info
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.67.93.101
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 04 Oct 2022 12:13:18 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: https://www.businessmagazine.org


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6F705C33F48C3B554526C6BA20E94AD73E7E520D0114431096DBD7D2E26B0F4E"
Last-Modified: Sun, 02 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4122
Expires: Tue, 04 Oct 2022 13:22:04 GMT
Date: Tue, 04 Oct 2022 12:13:22 GMT
Connection: keep-alive

                                        
                                            GET /ad.js?port=45 HTTP/1.1 
Host: forwardmytraffic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.102.6.94
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Server: nginx/1.14.1
Date: Tue, 04 Oct 2022 12:13:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.4


--- Additional Info ---
Magic:  data
Size:   1608
Md5:    c66f134e8c93ca54814a589751e842d3
Sha1:   de67aacd79a2255641a63ba64a0d8dd5280c876a
Sha256: 4d0ff911c8692a6d913d3a7acac43c43478677a7efa4c916217d7afa10678152
                                        
                                            GET /link.php?zzz=4 HTTP/1.1 
Host: www.learningtoolkit.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.regionic.info
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.67.93.101
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 04 Oct 2022 12:13:18 GMT
Connection: Keep-Alive
Content-Length: 0
X-Frame-Options: SAMEORIGIN
Cache-Control: private, no-cache, no-store, max-age=0
Expires: Mon, 01 Jan 1990 0:00:00 GMT
Location: https://www.businessmagazine.org


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ajax/libs/json2/20121008/json2.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/

                                         
                                         104.17.25.14
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 04 Oct 2022 12:13:22 GMT
Content-Length: 1347
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03ec8-d39"
Last-Modified: Mon, 04 May 2020 16:11:52 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 102847
Expires: Sun, 24 Sep 2023 12:13:22 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRx5WkGdr2z%2BU18jXs%2BL1HaEhR8W3r2MkLl0liBsgXu%2F9KY85rPm105QRBC3gUBNOaa7CYPzVFkb%2F0IcUZT4RACZwfUsiCqCn9p%2BpBA6C5mVTzrgPzJRc2bAkxDPkeYblwDdDjJW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754dd4c5ca6fb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  ASCII text, with very long lines (3385), with no line terminators
Size:   1347
Md5:    9dcd98b378b18da87ab0b80928cab48a
Sha1:   2daa54c68961571f76c9cf230f2c469079ba4629
Sha256: 1766ef15d29039deb1168ca7e34a98cc3b094f7a0d74475216c3696af5d6d6b9
                                        
                                            GET /hostedbadge.php?s=1&r=http://www.regionic.info/jmb/?p=212063 HTTP/1.1 
Host: www.stumbleupon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         76.76.21.61
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
                                        
access-control-allow-origin: *
age: 94396
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="404"
content-encoding: br
date: Tue, 04 Oct 2022 12:13:22 GMT
etag: W/"1a30bd62d0e7d6b9c85d90d076391f09"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /404
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::p4gvd-1664885602214-ca5b23935405
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5822)
Size:   2125
Md5:    6be4499256f23350a0eca5eb0682e77d
Sha1:   e948b498923135cf5fe9bd69cfdc89a2aaab9734
Sha256: d97ba4079b09d7a33ec646c8d807a0368976310ecaf801281c47eeb93f3b1bfd
                                        
                                            GET /button.js HTTP/1.1 
Host: www.tipy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.74.170.143
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx/1.14.2
Date: Tue, 04 Oct 2022 12:13:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   232
Md5:    328f87671c7c5a894d4f38b85b3d326b
Sha1:   8fea1b85bc8727669266925e412d94b74a07da38
Sha256: d3dad34c1bffe93e3ec8a432f171db4a1da94b103966c11f277da95157a08ec5
                                        
                                            GET /ok9.js HTTP/1.1 
Host: odnaknopka.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/

                                         
                                         142.132.202.70
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 04 Oct 2022 12:13:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: dee896cd111d1abc83a40667de41fcc8


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   143
Md5:    01d104f1d2a961f6fc241ec08ba1af54
Sha1:   2e9f73a9137283c94c79bff44fd10f5b1a2738b6
Sha256: f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022
                                        
                                            GET /button/?id=6a28e0056b6cc50f&url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&text=How%20You%20Double%20Glazed%20Window%20Repairs%20Near%20Me%20Your%20Customers%20Can%20Make%20Or%20Break%20Your%20Business&count=horizontal&placement=button&utm_source=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&utm_medium=buffer_button&utm_campaign=buffer HTTP/1.1 
Host: button.buffer.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
Upgrade-Insecure-Requests: 1

                                         
                                         104.16.140.52
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 04 Oct 2022 12:13:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 04 Oct 2022 13:13:22 GMT
Location: https://button.buffer.com/button/?id=6a28e0056b6cc50f&url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&text=How%20You%20Double%20Glazed%20Window%20Repairs%20Near%20Me%20Your%20Customers%20Can%20Make%20Or%20Break%20Your%20Business&count=horizontal&placement=button&utm_source=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&utm_medium=buffer_button&utm_campaign=buffer
Set-Cookie: __cf_bm=bu9Tsda2kuYUTzucPqR2h6x7eXlZXyFf8z5fMrNRvNQ-1664885602-0-AZ0/VVTO6CBNmvi/UAOJScKPRbtI/anDZQK95Ut5BJjwl+KlDuWJwyWjHPgcHliTOPUjFLkNHh94xkvjbxNXKMU=; path=/; expires=Tue, 04-Oct-22 12:43:22 GMT; domain=.buffer.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 754dd4c61c4cb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

                                        
                                            GET /button_compact.gif HTTP/1.1 
Host: www.tipy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.74.170.143
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Server: nginx/1.14.2
Date: Tue, 04 Oct 2022 12:13:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   232
Md5:    328f87671c7c5a894d4f38b85b3d326b
Sha1:   8fea1b85bc8727669266925e412d94b74a07da38
Sha256: d3dad34c1bffe93e3ec8a432f171db4a1da94b103966c11f277da95157a08ec5
                                        
                                            GET /jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/images/facebook-share.png HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/wp-content/plugins/really-simple-facebook-twitter-share-buttons/style.css?ver=6.0.2

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 12:13:22 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:16:19 GMT
ETag: "346-52d39c24152c0"
Accept-Ranges: bytes
Content-Length: 838


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   838
Md5:    95f675e77a2c67a004771ee5d7dce1ee
Sha1:   74151d65e20475ac234287288c56ab2f370f502b
Sha256: 6a0b082d7f6c52899ed6d19d85676486c4a9a37894b7e0daaaeaf065929ab026
                                        
                                            GET /stat.js HTTP/1.1 
Host: odnaknopka.ru
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/

                                         
                                         142.132.202.70
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 04 Oct 2022 12:13:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive

                                        
                                            GET /button/button1.html?url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063 HTTP/1.1 
Host: www.redditstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/
Upgrade-Insecure-Requests: 1

                                         
                                         151.101.85.140
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Connection: keep-alive
Content-Length: 1709
Last-Modified: Wed, 30 Jul 2014 19:09:19 GMT
ETag: "ce91c4f683d32f8907f0e97f3fb93696"
Expires: Thu, 31 Dec 2037 23:59:59 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 12:13:22 GMT
Vary: Accept-Encoding,Origin
Server: snooserv
Report-To: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
NEL: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1522)
Size:   1709
Md5:    4a408b7d64f2c0937eb0d1b944e3229e
Sha1:   e9edc11acdf9d5ae0357b680590d3dc719bf0adc
Sha256: 91aee29aee50d42c1a027a0c9b82f759847e37b6027af3d7b96ccf68db3fe685
                                        
                                            GET /jmb/wp-content/uploads/2012/03/bmask_pedjo_blanc_301.png HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 12:13:22 GMT
Server: Apache
Last-Modified: Fri, 09 Mar 2012 17:32:38 GMT
ETag: "eda1-4bad2c7649980"
Accept-Ranges: bytes
Content-Length: 60833


--- Additional Info ---
Magic:  PNG image data, 138 x 237, 8-bit/color RGB, non-interlaced\012- data
Size:   60833
Md5:    b74ef2596fd00a4b03c23aa91d9c92cf
Sha1:   4f5bc4506d9d95e1999b9088bd2acbe529c20707
Sha256: ebb9cb51888811438828a39576992f273077047babbb1951c6a666b913fffcad
                                        
                                            GET /button/button-embed.js HTTP/1.1 
Host: www.redditstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.redditstatic.com/button/button1.html?url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063

                                         
                                         151.101.85.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: keep-alive
Content-Length: 983
Last-Modified: Wed, 22 Oct 2014 17:47:37 GMT
ETag: "f6e79e0098bfda54ca2e0e02da223645"
Expires: Thu, 31 Dec 2037 23:59:59 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 12:13:22 GMT
Vary: Accept-Encoding,Origin
Server: snooserv
Report-To: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
NEL: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}


--- Additional Info ---
Magic:  ASCII text
Size:   983
Md5:    894ad3ef79db45d25e29d456dc0d4749
Sha1:   44560c5236cc799ab5cb2e9aa39dfe85d2d9b120
Sha256: d61a96c13920a9de38d7d426dde2c890535856bda84a26845dc0272f05b33e2d
                                        
                                            GET /jmb/wp-content/themes/twentyten/images/wordpress.png HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/wp-content/themes/twentyten/style.css

                                         
                                         83.166.138.58
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 04 Oct 2022 12:13:22 GMT
Server: Apache
Last-Modified: Fri, 04 Mar 2016 14:18:20 GMT
ETag: "31a-52d39c977a300"
Accept-Ranges: bytes
Content-Length: 794


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   794
Md5:    f51375d00e7d0a70c801c6256d432d3b
Sha1:   313aff1fffa73433673203db25ff4154d07511e2
Sha256: 61d00189e16b4ae467e9f3283ccf459d666950277c866c82f337534951b50f51
                                        
                                            GET /fr_FR/sdk.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/

                                         
                                         31.13.72.12
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 1e54cd6b5d7d4a255cee2a4570f371d6
ETag: "bb86a949c8facc29cf78a270916adc8a"
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Tue, 04 Oct 2022 12:30:07 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: CYROWULlTvi6wwjS6bR3Wg==
X-FB-Debug: yojnjDOs0jlNyhCZIQ895u6ldSRxpWdOdCXmf/vsw1njlzkkzou5kIv/vx4BgoAYQSOj9RHbJ9N8XgDF7kDc9Q==
X-FB-TRIP-ID: 1904183273
Date: Tue, 04 Oct 2022 12:13:22 GMT
Alt-Svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 1686


--- Additional Info ---
Magic:  ASCII text, with very long lines (1961)
Size:   1686
Md5:    09844e5942e54ef8bac308d2e9b4775a
Sha1:   56c4ea413d7819c245c2e27f17621661fdd00a4f
Sha256: e040e381ae3a494efd98bf0273592c312a3979fd4fa2e1bb88d030cc4e12cf77
                                        
                                            GET /js/pinit.js HTTP/1.1 
Host: assets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/

                                         
                                         151.101.84.84
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Length: 290
ETag: "82bfd941d2c9b3b9e0650a27c9d11737"
Content-Encoding: gzip
X-CDN: fastly
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: X-CDN
Vary: Accept-Encoding, Origin
Cache-Control: max-age=300
date: Tue, 04 Oct 2022 12:13:22 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (361), with no line terminators
Size:   290
Md5:    82bfd941d2c9b3b9e0650a27c9d11737
Sha1:   2eb742a101e79067c9df4d15b518bde85e8eeb2e
Sha256: 3f6e9b85ad3ee165ec6c9587d98d2a43588f7ba0f63d31ad019a0d4cbfd3f3d1
                                        
                                            GET /images/pidgets/pin_it_button.png HTTP/1.1 
Host: assets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.84
HTTP/2 200 OK
content-type: image/png
                                        
etag: "cf5ce2d2dcfa060f6032b0af60d45aa2"
x-cdn: fastly
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Origin
cache-control: max-age=86400
date: Tue, 04 Oct 2022 12:13:22 GMT
content-length: 909
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 40 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size:   909
Md5:    cf5ce2d2dcfa060f6032b0af60d45aa2
Sha1:   7a2370ff54f007a20d64d57c9547736136612869
Sha256: f942d5999c18b372d0c74273c936fce1723b0761e67d56dfa80abac87eff864e
                                        
                                            GET /button_info.json?jsonp=buttonEmbed.parseSubmission&url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063 HTTP/1.1 
Host: buttons.reddit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.redditstatic.com/

                                         
                                         151.101.85.140
HTTP/1.1 404 Not Found
Content-Type: text/plain
                                        
Connection: close
Content-Length: 13
Server: Varnish
Retry-After: 0
Accept-Ranges: bytes
Date: Tue, 04 Oct 2022 12:13:22 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1633-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1664885602.477360,VS0,VE0


--- Additional Info ---
Magic:  data
Size:   4559
Md5:    f8b62ac1e6dd299a983c42d2bc2eab6f
Sha1:   020a54776779cfe0ace833925ab0ddcbe11b0023
Sha256: 7438bca640b429430539a853b199ea0e9a41ec4068c29410e46636a402e38646
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.regionic.info
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/jmb/?p=212063

                                         
                                         83.166.138.58
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Tue, 04 Oct 2022 12:13:22 GMT
Server: Apache
Last-Modified: Wed, 18 Apr 2007 14:03:27 GMT
ETag: "201-42e638ce069c0;5c39cb01f3d05
Accept-Ranges: bytes
Content-Length: 513


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   513
Md5:    e0640c95d0fc6b7a735a5d2baf676660
Sha1:   e6d90be255108401c93d14421bc8a4d29112b52f
Sha256: b01e87d193e77bc8cde43397dfb7892b153ce6aab744f4bc6406d854c97e6265
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 12:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/share_2.png HTTP/1.1 
Host: platform.tumblr.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.regionic.info/

                                         
                                         74.114.154.15
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: openresty
Date: Tue, 04 Oct 2022 12:13:22 GMT
Content-Length: 142
Connection: keep-alive
Location: https://platform.tumblr.com/v1/share_2.png


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   142
Md5:    82c98e8e012b79c922655461171cc2fa
Sha1:   0828d79135573276005b04be42d79a8a3291292b
Sha256: 745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5764
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:13:22 GMT
Connection: keep-alive

                                        
                                            GET /widgets.js HTTP/1.1 
Host: platform.twitter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Wed, 28 Sep 2022 20:05:37 GMT
cache-control: public, max-age=1800
etag: "f26384f93da6974ed577808dfa1fede5+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:13:22 GMT
x-served-by: cache-iad-kcgs7200070-IAD, cache-bma1624-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 29223
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (33915)
Size:   29223
Md5:    e14c76a2eab620fda0ad73aa2a3ebc03
Sha1:   1da8baee6c0987e8232b129daeab14adfd379592
Sha256: 7873fecf29f91e4b8e81051e29da6ef51c27aae9ca1c1adc85b55903372a60dd
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 12:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/pinit_main.js?0.4612080263702357 HTTP/1.1 
Host: assets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.84.84
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
etag: "3725764cf05d1a0938de73d398772331"
content-encoding: br
x-cdn: fastly
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
date: Tue, 04 Oct 2022 12:13:22 GMT
content-length: 18679
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32016)
Size:   18679
Md5:    3725764cf05d1a0938de73d398772331
Sha1:   abdc742d760ca9c8f28c8d44ca9796d9ad6c0bc7
Sha256: f8c41f2f59fc9e9d088bc9002eef583c3cf256b4cd371619b18107b4abd92812
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 49443
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 51396
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 51448
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /ajax/libs/jquery/1.9.0/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.138
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33140
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 13:16:55 GMT
expires: Mon, 02 Oct 2023 13:16:55 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 168987
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32132)
Size:   33140
Md5:    19367efa6245eafdd8c6111a367da696
Sha1:   901ec681692d88afa09c28cee299ba120ca33a8b
Sha256: cb11ee5a06892d5ffea634705118e1cc48f276c6d18fa20605c9bf5b9c33dc32
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5764
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:13:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5764
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:13:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 74
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 12:13:22 GMT
Last-Modified: Tue, 04 Oct 2022 12:12:08 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8508
x-amzn-requestid: 63afa079-f66e-428a-b491-c5859aed2e3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJFU9EknoAMF1uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63338285-54f784262318d7ca0e560d44;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 23:08:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GWTKxBPZnk_dqf9onY05WB16ubdsa93FcrjpqVxBrqBbCZXLSk_HHg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 14:41:51 GMT
age: 77491
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8508
Md5:    515e23ff5ef0fc336ac5ec7fd31dfacd
Sha1:   a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
Sha256: 77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7H1QKlOtoBoVz93G5lddxHSGiTjtMnHJCZX5FhwqhNPkspslaDoFQA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:57:01 GMT
age: 51381
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4151
Md5:    24a4a122273ef9f772852031eb13114a
Sha1:   c20f1fac9020eb4bd6c84583f73872979639b991
Sha256: 8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 12:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /fr_FR/sdk.js?hash=9ffc0c7eccd30a15a9930c39feb44963 HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.regionic.info
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 24c6571362c696e52f245b20f99afbec
etag: "c938dc776c59dfee149b98090d3467f0"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 04 Oct 2023 10:33:50 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: +eHLsl5BieFeCjx/POnfTg==
x-fb-debug: EXj2XmCj9hxj2rTzfW/yVLPvYCgBShe/SjerHU/OWT02hAj068/EbHXaLxHWqV/CvXbMKD7hx9PpRBOcerGD0g==
content-length: 86993
x-fb-trip-id: 1904183273
date: Tue, 04 Oct 2022 12:13:22 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13192)
Size:   86993
Md5:    f9e1cbb25e4189e15e0a3c7f3ce9df4e
Sha1:   3b4c796f693b4d15c258f3d5498875253f8f3f8d
Sha256: fc2d048ec295a50a8e5e446e5dbd9d0fb952cfb324c6171ce1af33a4ee87fbf2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 74
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 12:13:22 GMT
Last-Modified: Tue, 04 Oct 2022 12:12:08 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 12:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: developers.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.regionic.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         142.250.74.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Location: https://developers.google.com/
X-Cloud-Trace-Context: 85fe059b139fcbd1c0c11eabf5b7bb05
Date: Tue, 04 Oct 2022 12:13:22 GMT
Server: Google Frontend
Content-Length: 0

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 12:13:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/plusone.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20362
date: Tue, 04 Oct 2022 12:13:22 GMT
expires: Tue, 04 Oct 2022 12:13:22 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "5f35d22782378ad2"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 12:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fwww.regionic.info&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__ HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 Oct 2022 12:13:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'nonce-BLqfEJWAoxYbwrGzHw2N4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2267)
Size:   4655
Md5:    da1bf8c5e55834b47f6e62fd99dc2528
Sha1:   0eaf51a63be149ce62783239e237c13b54c816ec
Sha256: 6c6c2c26e4c2d4700306a3d71ee0502a2ac7236a79b38d52b516ee381a34324a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 12:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/urls/count.json?url=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&callback=PIN_1664885602157.f.callback[0] HTTP/1.1 
Host: widgets.pinterest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.84.84
HTTP/2 200 OK
content-type: application/javascript
                                        
x-content-type-options: nosniff
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
expires: Tue, 04 Oct 2022 12:28:22 GMT
x-envoy-upstream-service-time: 4
x-pinterest-rid: 9980521573826138
date: Tue, 04 Oct 2022 12:13:22 GMT
age: 0
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   450
Md5:    cdbf88e194c26e2edcc7319ba77d5c52
Sha1:   bb752c83aa4b000f9c15eea0f47f732a3e48fd6d
Sha256: 0c23162ad1c5d005979538483127a6f38fa4dc39f636d6cda978f278f4231989
                                        
                                            GET /js/button.d2f864f87f544dc0c11d7d712a191c1f.js HTTP/1.1 
Host: platform.twitter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.84.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Wed, 28 Sep 2022 20:04:20 GMT
cache-control: public, max-age=315360000
etag: "7bb2d17ac20be3bd6ec1079356afecd9+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:13:23 GMT
x-served-by: cache-iad-kcgs7200178-IAD, cache-bma1624-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 2362
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7017), with no line terminators
Size:   2362
Md5:    dd0db11eb64751c6c3b8cecfb5b77f2f
Sha1:   b79a753d0bc720adbbd9f566f11764dd0e1cbe2c
Sha256: c80ffb7bf5d6d523bd483d7eeba3b3334d25ee8d66ddba80eaf448d07da2e2ff
                                        
                                            GET /widgets/tweet_button.7dae38096d06923d683a2a807172322a.fr.html HTTP/1.1 
Host: platform.twitter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.84.157
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
last-modified: Wed, 28 Sep 2022 20:04:24 GMT
cache-control: public, max-age=315360000
etag: "4abc5d81b356cf1d001fb3645cc09ccc+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:13:23 GMT
x-served-by: cache-iad-kiad7000073-IAD, cache-bma1624-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 13993
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32033)
Size:   13993
Md5:    0ed523ddddeab94b38bcdac0daa43c17
Sha1:   ac718c642c722aeae472780ec7d3530e71860296
Sha256: 2a0c8e770237bb57c3fc69d35aca57e5a6954a0f44f5d15b27d16fff942db6e4
                                        
                                            GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22fr%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664885602821%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=863ab95f098138407225788d2649f2fd191b1d97 HTTP/1.1 
Host: syndication.twitter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.244.42.72
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 04 Oct 2022 12:13:22 GMT
perf: 7626143928
vary: Origin
server: tsa_o
cache-control: must-revalidate, max-age=600
last-modified: Tue, 04 Oct 2022 12:13:23 GMT
content-length: 43
x-transaction-id: 8286cd9ee7b849cd
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: 465eb6cc1f37bf0283387190bb83626f1325491180dee611bf31e5f2aae7bc47
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    377d257f2d2e294916143c069141c1c5
Sha1:   b7cae69682cf31dd670b65088db8395acda6ed3e
Sha256: ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
                                        
                                            GET /?type=pidget&guid=S_Y82YV4kqXq&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&viaSrc=canonical HTTP/1.1 
Host: log.pinterest.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.84.84
HTTP/2 200 OK
                                        
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-envoy-upstream-service-time: 2
server: envoy
x-pinterest-rid: 1195568221107864
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:13:23 GMT
via: 1.1 varnish
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664885604.676419,VS0,VE94
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /v2.0/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df85d1e2259fe2%26domain%3Dwww.regionic.info%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.regionic.info%252Ffb71bc2bcfbdc8%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.regionic.info%2Fjmb%2F%3Fp%3D212063&layout=button_count&locale=fr_FR&sdk=joey&share=true&width=100 HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: t7PPwUjHUrcHvHaV2Ht5lz0im6kWH+vZ3LntdCCp38JBmspoBlZcFtDtBD3dD3b8ZhknMklzdf6cDzV7vAiYkg==
content-length: 0
date: Tue, 04 Oct 2022 12:13:25 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /forwarded HTTP/1.1 
Host: hyvesgames.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.21.86.44
HTTP/2 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
                                        
date: Tue, 04 Oct 2022 12:13:22 GMT
location: https://hyvesgames.nl/forwarded/
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3LDv0qo4KwyolGTPTk6G4sWhEFx1zZt%2FSqfeoaLDFoddBHF5azHa%2Fp4aFwwCrUKIhEy9OZBomlBQT9C25PStHATpa2X4nhxYPa2X37lrlLcwCNGlm%2B5zqIVHiN2nl8U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dd4c69e3eb4f7-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: developers.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.14
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
last-modified: Thu, 22 Sep 2022 21:43:21 GMT
set-cookie: _ga_devsite=GA1.3.3143803857.1664885604; Expires=Thu, 03 Oct 2024 12:13:24 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-TqEruM3meIpei5JAyqXUsLRK1vfs4u' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 78bd99d8518695da4b40865f0cadcebf
vary: Accept-Encoding
date: Tue, 04 Oct 2022 12:13:24 GMT
server: Google Frontend
content-length: 21644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=http%3A%2F%2Fwww.regionic.info HTTP/1.1 
Host: platform.twitter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.84.157
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
last-modified: Wed, 28 Sep 2022 20:04:27 GMT
cache-control: public, max-age=315360000
etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:13:22 GMT
x-served-by: cache-iad-kcgs7200106-IAD, cache-bma1624-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 105445
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /hostedbadge.php?s=1&r=http://www.regionic.info/jmb/?p=212063 HTTP/1.1 
Host: www.stumbleupon.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.regionic.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         76.76.21.61
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
                                        
access-control-allow-origin: *
age: 94395
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="404"
content-encoding: br
date: Tue, 04 Oct 2022 12:13:20 GMT
etag: W/"1a30bd62d0e7d6b9c85d90d076391f09"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /404
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::jg7gs-1664885600507-8fa9584087ee
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1 
Host: static.cloudflareinsights.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://button.buffer.com
Connection: keep-alive
Referer: https://button.buffer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.156.26
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Tue, 04 Oct 2022 12:13:22 GMT
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dd4c70c300b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/button.js HTTP/1.1 
Host: static.buffer.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.140.52
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 04 Oct 2022 12:13:20 GMT
x-amz-id-2: Ez4lz1aR1yMYZHegBAJ5vo0CmbjWEJDT1L7iuTPXlEI15UkH8cOSAh+JlIzIVKpOc5SOw7ZdQLw=
x-amz-request-id: PR1Y3NMPESV3ARMJ
last-modified: Sat, 01 Apr 2017 01:06:37 GMT
etag: W/"c8686dc19498aa717127b1d47a53a912"
cf-cache-status: HIT
age: 2011
expires: Tue, 04 Oct 2022 16:13:20 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=ONSoTbbctlIArJHL1GFrSxqPPmAn1R4oa_bs1hqBcvw-1664885600-0-AWGO3QIwgC91qk+jSrqH+Z2TqoiFKCFjhTVtPcILvQKXG0LCc1Z3mDT+gzF6WCoZcLU5m2zX/JOfPOe2MiOFqg4=; path=/; expires=Tue, 04-Oct-22 12:43:20 GMT; domain=.buffer.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754dd4bb5cd9b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /forwarded/ HTTP/1.1 
Host: hyvesgames.nl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.regionic.info/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.86.44
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 04 Oct 2022 12:13:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
last-modified: Fri, 30 Sep 2022 12:23:14 GMT
vary: Accept-Encoding
p3p: CP="IDC DSP DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS UNI NAV INT PRE", CP="NOI DSP COR NID PSA ADM OUR IND NAV COM"
content-security-policy: sandbox allow-same-origin allow-scripts allow-orientation-lock allow-pointer-lock allow-forms allow-popups allow-top-navigation-by-user-activation;
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRCFIpPUQDrBEZlhcOfcuTxBeXpj7r4%2BhRweyUs1DlXef0e1wDrsDLBy0fTNxfcKSl7bIG5yAur4j7si%2BK2tNX8kQ9J6y1iEeuG6vVXR6yfQYvj%2FIBOUG7gAPINDpJWp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754dd4c70f36b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---