urlz.fr/guQu
104.21.234.215301 Moved Permanently 0 B IP 104.21.234.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /guQu HTTP/1.1
Host: urlz.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Sep 2022 20:18:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://urlz.fr/guQu
Expires: Mon, 05 Sep 2022 20:19:19 GMT
Cache-Control: max-age=60
X-FastCGI-Cache: MISS
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scxXQZnKcZb551fmEyENHDwUYvD0uhOZ4e2vveAzK6IXGtpC8U4zE8VHomru2IsHZkPhb1AuSxUcog0j2xc6rGG%2FSoR22hMOE%2Fo4ilQReuJbXAEy0KGbOM2L"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7461a749ed128e2a-LHR
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 19:44:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3wcBW-ApYh_Whn4BdIvn7Md9jix6kpXg0uxlOwSUVZS_Qo8MwE9v8g==
Age: 2002
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3646
Expires: Mon, 05 Sep 2022 21:19:06 GMT
Date: Mon, 05 Sep 2022 20:18:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SpqMkKOreC3s4igZdsX2dOGtW-cSngjggqyZh6Jh8sBBWUh6XD7epA==
age: 68583
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fr.calameo.com/read/004771106a6dafc49c057?authid=0OVrErHtp4Zy
85.233.202.179200 OK 1.8 kB URL HTTP/1.1 fr.calameo.com/read/004771106a6dafc49c057?authid=0OVrErHtp4Zy
IP 85.233.202.179:0
ASN #15830 Telecitygroup International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (470)
Hash 81524da16480a990a46b451035601a97
2df8564cafdf8fc1af49d97319d0472dfe6dbbea
eb71a93760a2fdb2b5eb04d0ebb9744debb98b0c1e60c1bc91446d51e5ba7f3d
GET /read/004771106a6dafc49c057?authid=0OVrErHtp4Zy HTTP/1.1
Host: fr.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 20:18:20 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1845
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Sep 2022 13:31:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 24412
X-Server: CALAMVN01
Cache-Control: max-age=36000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 20:18:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-162669458-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-162669458-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 08e282dd45046f09d61ff13532c3357d
80a05e987fb825779422447047e6f1e7d0318121
2f5d2945697bba8c961308f8cf695dec53f55b7eb6fd3f0d9dfd6d3e656e78c9
GET /gtag/js?id=UA-162669458-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Sep 2022 20:18:20 GMT
expires: Mon, 05 Sep 2022 20:18:20 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41910
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 20:18:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
v.calameo.com/8337-000136/pinwheel/viewer/scripts/loader.js
205.185.216.42200 OK 97 kB URL HTTP/1.1 v.calameo.com/8337-000136/pinwheel/viewer/scripts/loader.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (32002)
Hash f7436e30acb31d387a63a90b4f0dec91
8bc17fe1aafda848e7beb74467822860f25fb5bc
2a0674c9d30ee816e466a562b6158bd71ad5ab89e7b165c5bc71d1fc0121fbea
GET /8337-000136/pinwheel/viewer/scripts/loader.js HTTP/1.1
Host: v.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.calameo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:20 GMT
Connection: Keep-Alive
ETag: "1652084897"
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Length: 96681
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 09 May 2022 08:28:17 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1662409100.dop014.sk1.t,1662409100.cds228.sk1.shn,1662409100.dop014.sk1.t,1662409100.cds240.sk1.c
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 05 Sep 2022 19:38:16 GMT
Expires: Mon, 05 Sep 2022 20:29:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ui419phnuBgs6_Okv27QhUcdPznh6vnlMRy5txHFJKooSGjDN6_ldg==
Age: 2404
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 4720ec41641224f963f9924b8d2568d3
5b4265b694bd18480e85c6d109ce41c7a7e93225
b3d62c6bf495f5cb88e684440651edc3ac164ebf71c8410bd8b6117584e2ea9b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3452
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 20:18:20 GMT
Last-Modified: Mon, 05 Sep 2022 19:20:48 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 312
ad.adxcore.com/a/init/?site=23152
172.67.42.35302 Found 21 kB URL HTTP/2 ad.adxcore.com/a/init/?site=23152
IP 172.67.42.35:0
Hash 17151a2e0408935e42a3127e6874561d
00f8c0215e368df7ba4df69728862d8a529444f6
b6b5003724cdc6fd64c4c800a6fcef6fb4ad3efcf27d26cf7acfc16768bf9a2e
GET /a/init/?site=23152 HTTP/1.1
Host: ad.adxcore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
location: https://adaccess.fr/a/init/index.php?site=23152
cf-cache-status: BYPASS
set-cookie: DYNAMIC=D11; path=/; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7461a74dde00b4f7-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 350d3cc577167b51a5c6f976a8fcedcf
7c8110ab9e9d11e270bcc462e08bd0c8af8010d0
f8971481912dec4db21107f64283ab57301b1d49204ce029c7c7784fd48a76fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8971481912DEC4DB21107F64283AB57301B1D49204CE029C7C7784FD48A76FC"
Last-Modified: Mon, 05 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5079
Expires: Mon, 05 Sep 2022 21:42:59 GMT
Date: Mon, 05 Sep 2022 20:18:20 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5539
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 20:18:20 GMT
Last-Modified: Mon, 05 Sep 2022 18:46:01 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
185.76.9.14200 OK 22 kB URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (27421)
Hash cb4fecd360e1a7b63890b07369060a4c
550ea2db44860956e5fbc059f137a780f7e3ebe3
e6785446a7be5fbb8378ec7b10765bf7e4eb7285a113f49ecf7a903c6b71538f
GET /s/requestform.js?siteId=15056&formatId=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1662438653
server: CDN77-Turbo
x-77-nzt: AblMCQ2PvVv/D94AAA
x-77-nzt-ray: GqgFye5HWlc
x-cache: HIT
x-age: 56847
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=1
185.76.9.14200 OK 2.2 kB URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=1
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (2659)
Hash d8e667fa80e37622723e3f6a6e16fad9
e253b8868c533497d82fc0aed959f388df7dd636
6055fb44bc2fd72dfd4781d09450088683eec20f9249d9878dfd86cead714e1c
GET /s/gen.js?type=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1662437000
server: CDN77-Turbo
x-77-nzt: AblMCQ3iRK7/hOQAAA
x-77-nzt-ray: 0cTa7i5W1EE
x-cache: HIT
x-age: 58500
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
c.tmyzer.com/c/?s=15056&f=28&fi=99
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=15056&f=28&fi=99
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=15056&f=28&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://urlz.fr
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 20:16:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:8790_36264064:01BB_6316598C_13A0C402:EE4B
X-IPLB-Instance: 41595
fr.calameo.com/read/004771106a6dafc49c057?authid=0OVrErHtp4Zy
85.233.202.179200 OK 1.8 kB URL HTTP/1.1 fr.calameo.com/read/004771106a6dafc49c057?authid=0OVrErHtp4Zy
IP 85.233.202.179:0
ASN #15830 Telecitygroup International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (470)
Hash 81524da16480a990a46b451035601a97
2df8564cafdf8fc1af49d97319d0472dfe6dbbea
eb71a93760a2fdb2b5eb04d0ebb9744debb98b0c1e60c1bc91446d51e5ba7f3d
GET /read/004771106a6dafc49c057?authid=0OVrErHtp4Zy HTTP/1.1
Host: fr.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 20:18:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1845
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Sep 2022 13:31:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 24413
X-Server: CALAMVN01
Cache-Control: max-age=36000
Accept-Ranges: bytes
confiant-integrations.global.ssl.fastly.net/6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/config.js
151.101.85.194200 OK 19 kB URL HTTP/1.1 confiant-integrations.global.ssl.fastly.net/6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/config.js
IP 151.101.85.194:0
File type C source, ASCII text, with very long lines (63895)
Hash 7d76bd0a3bd6f440d373b579bd74a3ee
f7d13582df04c46b0b905b030c7e51a13ba29d95
de9db902af8ae92e5ce866cae74f6ccfdf0920c266f715e62f227528c164afbb
GET /6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/config.js HTTP/1.1
Host: confiant-integrations.global.ssl.fastly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 18712
x-amz-id-2: ELXQ7hOnRXmfe9MIzpefn6h9+e5btKvmiq27wjtqSflGxDLwMfhMhWCxyAkmAe13epVIx/svZQk=
x-amz-request-id: HHXBNHSZ1Y58CK64
Last-Modified: Mon, 05 Sep 2022 20:00:16 GMT
ETag: "7d76bd0a3bd6f440d373b579bd74a3ee"
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Content-Encoding: gzip
Content-Type: text/javascript
Server: AmazonS3
Accept-Ranges: bytes
Date: Mon, 05 Sep 2022 20:18:21 GMT
Via: 1.1 varnish
Age: 433
X-Served-By: cache-bma1679-BMA
X-Cache: HIT
X-Cache-Hits: 22
X-Timer: S1662409101.064424,VS0,VE0
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b235894be7f7794235336074f5dbb962
2e89f41286133bc8743a72a7c74d0955c9f1c909
4b5c9452c324b18696743eb81a38acdb3ec11a8e24a0058e9312d934d99e5633
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 12:12:02 GMT
Expires: Fri, 09 Sep 2022 12:12:01 GMT
Etag: "2e89f41286133bc8743a72a7c74d0955c9f1c909"
Cache-Control: max-age=315819,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7461a74ffb92b4fa-OSL
v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy
205.185.216.42200 OK 697 B URL HTTP/1.1 v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy
IP 205.185.216.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 351247d837a1c9488906d69cd1f3b744
ebfaa0a939aca96265c36356d2ff3320e588f29f
ee4a10cda11647ef0ce6c245b7d46755b6a59248b49f2ca0b7dbd33d19cb09b3
GET /?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy HTTP/1.1
Host: v.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.calameo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Cache-Control: max-age=3600
Content-Encoding: gzip
Content-Length: 697
Content-Type: text/html; charset=UTF-8
X-HW: 1662409100.dop014.sk1.t,1662409100.cds228.sk1.shn,1662409101.dop014.sk1.t,1662409101.cds245.sk1.p
push.services.mozilla.com/
44.242.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0XmSbqWMQJp+deYR10UxNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3hCrG34RYVMsVEj+becKzBwuYQc=
ads.themoneytizer.com/lib_fs_close.js
185.76.9.14200 OK 97 kB URL HTTP/2 ads.themoneytizer.com/lib_fs_close.js
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type ASCII text, with CRLF line terminators
Hash cfabb2b97f885f3d044cbf8fcbb5fc22
639672d8ac898e01dcb0a3226ecb5d9f4a4ab618
ad9d88f1f29670b1f03a3a60c692a8f1fec9cd808c26bf39c177f0624ba711b6
GET /lib_fs_close.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: application/javascript
last-modified: Tue, 14 Jun 2022 12:21:22 GMT
etag: W/"62a87d42-297"
pragma: public
x-accel-expires: @1663387399
server: CDN77-Turbo
x-77-nzt: AblMCQ27uKz/heQAAA
x-77-nzt-ray: efTczqiGXMU
x-cache: HIT
x-age: 58501
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy
205.185.216.42200 OK 697 B URL HTTP/1.1 v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy
IP 205.185.216.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 351247d837a1c9488906d69cd1f3b744
ebfaa0a939aca96265c36356d2ff3320e588f29f
ee4a10cda11647ef0ce6c245b7d46755b6a59248b49f2ca0b7dbd33d19cb09b3
GET /?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy HTTP/1.1
Host: v.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.calameo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Connection: Keep-Alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Content-Length: 697
Content-Type: text/html; charset=UTF-8
Accept-Ranges: bytes
X-HW: 1662409101.dop219.sk1.t,1662409101.cds024.sk1.shn,1662409101.dop219.sk1.t,1662409101.cds245.sk1.c
s.calameoassets.com/pinwheel/8337-b04dd1/platform/img/favicon/favicon-16x16.png
205.185.216.42200 OK 250 B URL HTTP/1.1 s.calameoassets.com/pinwheel/8337-b04dd1/platform/img/favicon/favicon-16x16.png
IP 205.185.216.42:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 16122aa57da82ffdbffb50dfb91b43d2
ee52be043aa2b70447aa6de7b725c7a1c2dbe6aa
271c5a91d33fc85d6f5295a5140a81edc841236fcf2e705ad5a9efbb47a511f6
GET /pinwheel/8337-b04dd1/platform/img/favicon/favicon-16x16.png HTTP/1.1
Host: s.calameoassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.calameo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Connection: Keep-Alive
ETag: "1655372877"
Cache-Control: max-age=25817301
Content-Length: 250
Content-Type: image/png
Last-Modified: Thu, 16 Jun 2022 09:47:57 GMT
Accept-Ranges: bytes
X-HW: 1662409101.dop215.sk1.t,1662409101.cds247.sk1.shn,1662409101.cds247.sk1.c
s.calameoassets.com/pinwheel/8337-b04dd1/platform/img/favicon/android-chrome-192x192.png
205.185.216.42200 OK 800 B URL HTTP/1.1 s.calameoassets.com/pinwheel/8337-b04dd1/platform/img/favicon/android-chrome-192x192.png
IP 205.185.216.42:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash caac63c7d5424fc65a3eeecf0b2fd2ac
e260be9bfeb8fbc22bff27fbfad4ab43364bc5ae
f486938db8ff05f08b92509b53633501915ad225472f931e7b8569ec983b1199
GET /pinwheel/8337-b04dd1/platform/img/favicon/android-chrome-192x192.png HTTP/1.1
Host: s.calameoassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.calameo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Connection: Keep-Alive
ETag: "1634119817"
Cache-Control: max-age=3246783
Content-Length: 800
Content-Type: image/png
Last-Modified: Wed, 13 Oct 2021 10:10:17 GMT
Accept-Ranges: bytes
X-HW: 1662409101.dop022.sk1.t,1662409101.cds207.sk1.shn,1662409101.dop022.sk1.t,1662409101.cds071.sk1.c
v.calameo.com/8337-000136/pinwheel/viewer/css/main.css
205.185.216.42200 OK 49 kB URL HTTP/1.1 v.calameo.com/8337-000136/pinwheel/viewer/css/main.css
IP 205.185.216.42:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash dc6da7725cb9c5de3f124953ad84a450
a9227a0fb965fb7325b92e14a136de90b08f3ae0
c8b0822389d65f61e63dd836e32603b248286c1382c32263eb44eca31572f6f3
GET /8337-000136/pinwheel/viewer/css/main.css HTTP/1.1
Host: v.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Connection: Keep-Alive
ETag: "1653389093"
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Length: 48563
Content-Type: text/css
Last-Modified: Tue, 24 May 2022 10:44:53 GMT
Accept-Ranges: bytes
X-HW: 1662409101.dop219.sk1.t,1662409101.cds024.sk1.shn,1662409101.dop219.sk1.t,1662409101.cds222.sk1.c
d.calameo.com/3.0.0/book.php?callback=_jsonBook&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy
85.233.202.179200 OK 2.0 kB URL HTTP/1.1 d.calameo.com/3.0.0/book.php?callback=_jsonBook&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy
IP 85.233.202.179:0
ASN #15830 Telecitygroup International Limited
File type HTML document, ASCII text, with very long lines (6771), with no line terminators
Hash 09fa83c7188e35cda8f643fb19fbb5bc
c59190c81669dbff5e03b84457133063485746fb
6d6ba2c1c368a3562de0ac5a338bc53fc91d7d333af48f4b6ae71096688fff56
GET /3.0.0/book.php?callback=_jsonBook&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy HTTP/1.1
Host: d.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.calameo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 20:18:21 GMT
Content-Type: application/javascript
Content-Length: 2009
Connection: keep-alive
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 0
X-Server: CALAMVN02
Cache-Control: no-store, no-cache, must-revalidate
Accept-Ranges: bytes
v.calameo.com/8337-000136/pinwheel/viewer/locales/viewer/fr-FR.js
205.185.216.42200 OK 2.3 kB URL HTTP/1.1 v.calameo.com/8337-000136/pinwheel/viewer/locales/viewer/fr-FR.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (5943)
Hash d6fd2dca45650dd7127819f1485ac527
3219cc6beeb0f7a25185ec056a526848eca177ee
5d96a576b2e2f4bba7dd307152607984bb2d2d9236e1b5158f908ad37183a95e
GET /8337-000136/pinwheel/viewer/locales/viewer/fr-FR.js HTTP/1.1
Host: v.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Connection: Keep-Alive
ETag: "1653389093"
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Length: 2272
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 24 May 2022 10:44:53 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1662409101.dop219.sk1.t,1662409101.cds024.sk1.shn,1662409101.dop219.sk1.t,1662409101.cds201.sk1.c
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12054
Expires: Mon, 05 Sep 2022 23:39:16 GMT
Date: Mon, 05 Sep 2022 20:18:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12054
Expires: Mon, 05 Sep 2022 23:39:16 GMT
Date: Mon, 05 Sep 2022 20:18:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12054
Expires: Mon, 05 Sep 2022 23:39:16 GMT
Date: Mon, 05 Sep 2022 20:18:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12054
Expires: Mon, 05 Sep 2022 23:39:16 GMT
Date: Mon, 05 Sep 2022 20:18:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12054
Expires: Mon, 05 Sep 2022 23:39:16 GMT
Date: Mon, 05 Sep 2022 20:18:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10318189f33f071dda64249ab9c8c5bb
e5b5b649a243e5c004d9923d19d4421d1ea96d23
3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwHErUIAMFmNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nJTKTh88iyFXAiPJ-tCCEbqBo3A1cuTj2gCbfHkaVZ1WcgMOTyFfVg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 23:06:26 GMT
age: 76316
etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4b2d6a516e93799b54fe2bbd6630f86
b5a7380f294876dd308c7fde294f36a425c1be01
7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:06:16 GMT
age: 7926
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fe061740ad833cfe7ff0fe078d6810d
15d0fc3fdced758b5797361bae0fd53341e0581d
5409b6775bca5afd03901975c61c27f267efe2c8a8e739f05ebc52a938c5a368
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5459
x-amzn-requestid: a75bf8a5-dc96-4a88-9de5-b79d1d62ff21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxB_bFMFoAMFkEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631049fc-2685c90962d8af5f4a7b5908;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 05:58:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YqgTII0TYwznz5DfHLFpfzTPh08akwJSWc3wIf-YpBgUrs84AYM2Yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:15:00 GMT
age: 79402
etag: "15d0fc3fdced758b5797361bae0fd53341e0581d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fpKQlxOtyRwaZk2FUf11J62jlqcAvXgOQT-ipFQm6qW-dMHyXaEnNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:49:31 GMT
age: 80931
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nqxzicnkQPrjStpPaMIZAukyjtUBQaXfuxWzIs77YGDyJmnirlMsxw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:54:51 GMT
age: 80611
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca50f9c56ff869b0b63ca71b1a9f8170
13b16ca74113dfd52ccf23e6bb39307fc713f984
76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14855
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjuGtpoAMFvvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M9Y8U9vqVs1ATiPP9jLPybTJ-xwC--5oiRUpj9-imTWfh6_rmtL5Kw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 14:38:13 GMT
age: 20409
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=15056&formatId=28 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1662438653
server: CDN77-Turbo
x-77-nzt: AblMCQ3Pb5D/D94AAA
x-77-nzt-ray: wdbCIExn95c
x-cache: HIT
x-age: 56847
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
urlz.fr/guQu
104.21.234.215200 OK 0 B IP 104.21.234.215:0
Analyzer Verdict Alert fortinet Malware
GET /guQu HTTP/1.1
Host: urlz.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 05 Sep 2022 20:19:20 GMT
cache-control: max-age=60
x-fastcgi-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReRjZT5WFnIzmTWheJeefKGldkHzWZ2s%2Be02oLXVMrAAuzk00X0KIM%2BkrwjXx3HYWAKXC77H1uvI3hqsLFm1qWBYJNtGMAxBbXtKiKGQRU0BdxnlW4IQazx3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7461a74bd8277705-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=28
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=28
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /s/gen.js?type=28 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
x-accel-expires: @1662437000
server: CDN77-Turbo
x-77-nzt: AblMCQ2VCof/hOQAAA
x-77-nzt-ray: DsNbcY36roA
x-cache: HIT
x-age: 58500
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
adaccess.fr/a/init/index.php?site=23152
104.21.76.67200 OK 0 B URL HTTP/2 adaccess.fr/a/init/index.php?site=23152
IP 104.21.76.67:0
GET /a/init/index.php?site=23152 HTTP/1.1
Host: adaccess.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urlz.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 847
last-modified: Mon, 05 Sep 2022 20:04:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BhRieOAaP1ceSQx9vd0cVsp1g0gnpvXZEffprXsczBTn6hMui9i%2B73ztq2ksitekO7%2FwbgjRebCNFqZNYrqh%2Fz3h74ZRcDB1TCsjQBBZVannvjNmSi82BV51ihw1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7461a74ec9d1b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=6
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=6
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /s/gen.js?type=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1662437000
server: CDN77-Turbo
x-77-nzt: AblMCQ0XhTn/hOQAAA
x-77-nzt-ray: 4o5XQt3Ovf4
x-cache: HIT
x-age: 58500
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=15056&formatId=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1662438653
server: CDN77-Turbo
x-77-nzt: AblMCQ378RD/D94AAA
x-77-nzt-ray: C/V+iAHZwdM
x-cache: HIT
x-age: 56847
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
172.67.13.182200 OK 0 B URL HTTP/2 spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
IP 172.67.13.182:0
GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://urlz.fr
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://urlz.fr
set-cookie: zc=d02a6bb6-415d-4c74-6654-c9100132b748; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=%23%02%11%C2%22%5B%19a%9D%EB%EF%D5m%8B%CD%E0%04%DD%132%AD%9Bu%7D%C2l%D6%07%7FL%86%8D%2C2%88%EB%C0%00%CA%11%9F%8F%7F0%11%EC%5D%07%AD%60%99%19%FD.%DEMl%FC%CF%12%DC%0B%B9%C8F%A2T%5C%D2%28%0EGC%C2%90%FE%9B%FC%CA%86%0B%22%92MSI%CE%3C%C8%CB%08%262%A9%B6w%17%2C%A9%BA; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7461a7502d580b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybid7_10/build/dist/prebid.js
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/moneybid7_10/build/dist/prebid.js
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /moneybid7_10/build/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 15:28:00 GMT
etag: W/"630cdb00-9eed6"
pragma: public
x-accel-expires: @1663387399
server: CDN77-Turbo
x-77-nzt: AblMCQ1xvST/heQAAA
x-77-nzt-ray: QgyY6ypXPbY
x-cache: HIT
x-age: 58501
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
143.204.55.76200 OK 0 B URL HTTP/2 quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
IP 143.204.55.76:0
GET /choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Mon, 05 Sep 2022 20:17:36 GMT
cache-control: max-age=900
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wUxFJZr-uG3b0tTffHtqsk9h37OHE62i-CK0NaKs8FVoJ7t3hJ7gyw==
age: 45
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybile.js
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/moneybile.js
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: application/javascript
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Tue, 06 Sep 2022 04:03:19 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1662436999
server: CDN77-Turbo
x-77-nzt: AblMCQ3A+Tz/heQAAA
x-77-nzt-ray: TK+UkChEt2A
x-cache: HIT
x-age: 58501
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2
172.67.42.35200 OK 0 B URL HTTP/2 ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2
IP 172.67.42.35:0
GET /static/js/components/advstlib/advstlib.min.js?c001847fa2 HTTP/1.1
Host: ad.adxcore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Cookie: DYNAMIC=D11
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: application/javascript
last-modified: Wed, 13 Jul 2022 13:01:13 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=2592000
expires: Wed, 05 Oct 2022 20:00:44 GMT
cf-cache-status: HIT
age: 1056
server: cloudflare
cf-ray: 7461a74f7841b4f7-OSL
X-Firefox-Spdy: h2