r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8050
Expires: Thu, 01 Dec 2022 19:55:55 GMT
Date: Thu, 01 Dec 2022 17:41:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03d89450d0d5d14298842475a88e44c3
44fa79bb8d481cec5371669a85715eab700837e8
fc18d400b3ef3f88ecf338b388ee74764577df13c4b52b542a75a4d0ca1eef11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC18D400B3EF3F88ECF338B388EE74764577DF13C4B52B542A75A4D0CA1EEF11"
Last-Modified: Tue, 29 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2116
Expires: Thu, 01 Dec 2022 18:17:01 GMT
Date: Thu, 01 Dec 2022 17:41:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2388
Cache-Control: max-age=149355
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 17:41:45 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:11:00 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 17:19:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1319
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4260
Expires: Thu, 01 Dec 2022 18:52:45 GMT
Date: Thu, 01 Dec 2022 17:41:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sWFCHFuLFEA0+H853UpY5/MFf+ldGTIm7v1v2EHPIr6z9zu35Pb29tX8ZENTEQbWYOPdiADqpIA=
x-amz-request-id: C7NGJ02V66HTY6GH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 16:46:20 GMT
age: 3325
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 17:41:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 049baacc1cf95c325025cab178492e27
dc8133bdbb7a0fb0e3c10839c9d4dc44e9ab5d86
bc841f914685305557917e26c7ce1ddd6111c757507d632c596aa7dcd51ccfdc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1951
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 17:41:46 GMT
Last-Modified: Thu, 01 Dec 2022 17:09:15 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 049baacc1cf95c325025cab178492e27
dc8133bdbb7a0fb0e3c10839c9d4dc44e9ab5d86
bc841f914685305557917e26c7ce1ddd6111c757507d632c596aa7dcd51ccfdc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1951
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 17:41:46 GMT
Last-Modified: Thu, 01 Dec 2022 17:09:15 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash dcf7f558f4cc3cc79f98134ef98baeee
3474357db337e445d0dd97085f5f6c62ff4dbf64
b88288ca23884a89d6b2de3bcf7e003be78997a8a3051b65b9ea429449869add
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1219
Cache-Control: max-age=149602
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 17:41:46 GMT
Etag: "638887f9-118"
Expires: Sat, 03 Dec 2022 11:15:08 GMT
Last-Modified: Thu, 01 Dec 2022 10:54:49 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 049baacc1cf95c325025cab178492e27
dc8133bdbb7a0fb0e3c10839c9d4dc44e9ab5d86
bc841f914685305557917e26c7ce1ddd6111c757507d632c596aa7dcd51ccfdc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1875
Cache-Control: max-age=125066
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 17:41:46 GMT
Etag: "63882591-117"
Expires: Sat, 03 Dec 2022 04:26:12 GMT
Last-Modified: Thu, 01 Dec 2022 03:54:57 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
cdn.discordapp.com/attachments/818120722869911602/884000156729630780/11.png
162.159.134.233200 OK 6.5 kB URL HTTP/2 cdn.discordapp.com/attachments/818120722869911602/884000156729630780/11.png
IP 162.159.134.233:0
File type PNG image data, 177 x 97, 8-bit/color RGBA, non-interlaced\012- data
Hash dfc8ae4a47d9c2c611137ab2ba0d72cc
23d7a322bda0fa808d9d0cbfbe1dc0c4ca49b6c0
3978ebf7a0aaecceaf4bd64ac52812d43c6b88aeba593c383c4a3aef10f3b11b
GET /attachments/818120722869911602/884000156729630780/11.png HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: image/png
content-length: 6452
cf-ray: 772d9d92eaf20b59-OSL
accept-ranges: bytes
age: 43646
cache-control: public, max-age=31536000
etag: "dfc8ae4a47d9c2c611137ab2ba0d72cc"
expires: Fri, 01 Dec 2023 17:41:46 GMT
last-modified: Sun, 05 Sep 2021 09:01:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1630832461344425
x-goog-hash: crc32c=LFggdw==, md5=38iuSkfZwsYRE3qyug1yzA==
x-goog-metageneration: 2
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6452
x-guploader-uploadid: ADPycdsGtGr8ONWc3fgo1J40VV-7f_3Fjnz2iieo4qSbyBLJPWnv5RIyV4DtZ010u2gQg1tuvpYKk7ZJGsNwdlJBvvRPCQ
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zb83wO2crYDr3HX08tTlPpLLVE2OzjGgCp5UNZ0gULU96k4%2FtyMe5ynJqqhmW4Kq10y8AYpCdUz7Rxw8Or7TAacWRc7yL4l%2BLWKxX3ALYtbk5vvP%2BJshJZcw9Iw%2BblZpSV24Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/818120722869911602/884000187708747836/33.png
162.159.134.233200 OK 5.0 kB URL HTTP/2 cdn.discordapp.com/attachments/818120722869911602/884000187708747836/33.png
IP 162.159.134.233:0
File type PNG image data, 193 x 113, 8-bit/color RGBA, non-interlaced\012- data
Hash b95b182cbb45def7e9d738a6b1cb7f52
0108ef451205142b295649426db473843bb5857e
7a0e9b77119af13449fe59ded26ab577de8b03d1aaaded707f1b79ed0e26ed6c
GET /attachments/818120722869911602/884000187708747836/33.png HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: image/png
content-length: 5006
cf-ray: 772d9d92eaed0b59-OSL
accept-ranges: bytes
age: 43646
cache-control: public, max-age=31536000
etag: "b95b182cbb45def7e9d738a6b1cb7f52"
expires: Fri, 01 Dec 2023 17:41:46 GMT
last-modified: Sun, 05 Sep 2021 09:01:08 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1630832468728311
x-goog-hash: crc32c=6iXUlg==, md5=uVsYLLtF3vfp1zimsct/Ug==
x-goog-metageneration: 2
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5006
x-guploader-uploadid: ADPycdvnPzzoKKJr4QwaA5ysgV5-XkTcSnKzroGbyxMeLgYms8v5rdSUGg0IrWdBCCwYzGIQCEx_gBCP1_7Di-aEFXg_UA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kA5H5OkQnPNP64vS9tiViMUQ36hrjq9qiX3QHYiZW2NpiI0CeVCvXgV6LaRc3h%2BkN5lIh%2F6LavvoWzjeb3Q%2Beu0jdPfbbo24vzdGT961DOI%2FRMqd39QoEj65zZFU670p%2FBoeaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
gifltdilscorsw.com/4afl/script.js
185.149.120.71200 OK 13 kB URL HTTP/2 gifltdilscorsw.com/4afl/script.js
IP 185.149.120.71:0
File type ASCII text, with very long lines (30411), with no line terminators
Hash 38620e7a5877a18a032f8d6ac48e88d0
ccaa5e76b64734e1d04f451131ee8d1802ba2f0b
9dc07ebc007f4cc3f4617810ebda55d14335fb8889caa4c90796eabef3e2ba48
Analyzer Verdict Alert fortinet Phishing
GET /4afl/script.js HTTP/1.1
Host: gifltdilscorsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/LT
Cookie: __ddg1_=ICdXrwlMUhWKDJXBm0ZR; session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsaW5rSUQiOjcwOTM3LCJvd25lciI6ODIyLCJkb21haW5JRCI6MTMwMDgsImRvbWFpbiI6ImdpZmx0ZGlsc2NvcnN3LmNvbSIsInBhdGgiOiJMVCIsInJlYWxJcCI6IjkxLjkwLjQyLjE1NCIsImlhdCI6MTY2OTkxNjUwNX0.l1nPo0RpANQCf8MSNTl_qdW8PH3BDCTF0VeMUP3Ua_s
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Thu, 01 Dec 2022 17:41:45 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
gifltdilscorsw.com/LT
185.149.120.71200 OK 105 kB IP 185.149.120.71:0
Size 105 kB (104606 bytes)
Hash 4f0660a3177f7e32655646d63d8526cf
d60d62dae6f748d826c1aae637d19bcd5c5808a4
dfa7d7c8a0f33eaf604b3f28cfdce0770c42514072418840f59b435a5ce826bf
Analyzer Verdict Alert openphish Discord
fortinet Phishing
GET /LT HTTP/1.1
Host: gifltdilscorsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
date: Thu, 01 Dec 2022 17:41:45 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
set-cookie: __ddg1_=ICdXrwlMUhWKDJXBm0ZR; Domain=.gifltdilscorsw.com; HttpOnly; Path=/; Expires=Fri, 01-Dec-2023 17:41:45 GMT
session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsaW5rSUQiOjcwOTM3LCJvd25lciI6ODIyLCJkb21haW5JRCI6MTMwMDgsImRvbWFpbiI6ImdpZmx0ZGlsc2NvcnN3LmNvbSIsInBhdGgiOiJMVCIsInJlYWxJcCI6IjkxLjkwLjQyLjE1NCIsImlhdCI6MTY2OTkxNjUwNX0.l1nPo0RpANQCf8MSNTl_qdW8PH3BDCTF0VeMUP3Ua_s; Path=/
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/818120722869911602/884001809654484993/e6d6b255259ac878d00819a9555072ad.png
162.159.134.233200 OK 288 B URL HTTP/2 cdn.discordapp.com/attachments/818120722869911602/884001809654484993/e6d6b255259ac878d00819a9555072ad.png
IP 162.159.134.233:0
File type PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash e6d6b255259ac878d00819a9555072ad
6beb12d36acbad79743495aef581891a1ff4f5f5
21d34772ed80c8be7ab9e7338498bdfe2f66c77b61542cc48e103fd77ecd7f60
GET /attachments/818120722869911602/884001809654484993/e6d6b255259ac878d00819a9555072ad.png HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: image/png
content-length: 288
cf-ray: 772d9d92eaf50b59-OSL
accept-ranges: bytes
age: 43646
cache-control: public, max-age=31536000
etag: "e6d6b255259ac878d00819a9555072ad"
expires: Fri, 01 Dec 2023 17:41:46 GMT
last-modified: Sun, 05 Sep 2021 09:07:35 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1630832855435973
x-goog-hash: crc32c=jKAAYA==, md5=5tayVSWayHjQCBmpVVByrQ==
x-goog-metageneration: 2
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 288
x-guploader-uploadid: ADPycdsuTHjS05j06XjiVqEjj4NQ3InSxyk-Yvlv1Ed5u4hGDrZiiblzTcjG7sJcO9UOJbyhJRugRJZmPxhuTdPrCKw3cz6aO5M_
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUVD8upj873uebfkfk6xFq%2BtrnUqVQq%2BXJNDxfIiVPnohqxGbXE3BCj7h1NOPRkHx9tBSJLtfp%2B0rQN6JHzBnshzpu2bAyxgqWOmsN191swcfCdqzzOG1sPhvK3SUqaect1hqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/818120722869911602/884000199557677076/44.png
162.159.134.233200 OK 5.1 kB URL HTTP/2 cdn.discordapp.com/attachments/818120722869911602/884000199557677076/44.png
IP 162.159.134.233:0
File type PNG image data, 193 x 113, 8-bit/color RGBA, non-interlaced\012- data
Hash 65018bc94629ba373792d102edc9ddd2
e3bcd1933781ba3c407d726b9a879ed648cc7f8d
47c1a7587b8b43d15e190669cb87d689c41c6ada64d4791a4368894902c93aaf
GET /attachments/818120722869911602/884000199557677076/44.png HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: image/png
content-length: 5095
cf-ray: 772d9d92eaef0b59-OSL
accept-ranges: bytes
age: 43646
cache-control: public, max-age=31536000
etag: "65018bc94629ba373792d102edc9ddd2"
expires: Fri, 01 Dec 2023 17:41:46 GMT
last-modified: Sun, 05 Sep 2021 09:01:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1630832471538039
x-goog-hash: crc32c=0puVng==, md5=ZQGLyUYpujc3ktEC7cnd0g==
x-goog-metageneration: 2
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5095
x-guploader-uploadid: ADPycdsyu86-mO9sGllwzYFQqQGPGtiGESriFOBwx3U2AAhahYOBYVGRAf8AAyDLM2do02lNe9-au1oK3mTkK-dpIyBlng
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BT%2BgVerUh%2BRA%2FS9%2FoVGoVxq%2Fy6WKmnS6y3EEELxVV%2BtlFvGooRXN7dbJoILy6yryUud%2ForzWg6MEGiAbZI1IBCg03WBNo87A1zxWoyL6h4Kxf8xyn9QFikgj%2F8KWl2pANNMH6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/818120722869911602/883999740071657542/nitro.png
162.159.134.233200 OK 7.0 kB URL HTTP/2 cdn.discordapp.com/attachments/818120722869911602/883999740071657542/nitro.png
IP 162.159.134.233:0
File type PNG image data, 300 x 122, 8-bit/color RGBA, non-interlaced\012- data
Hash 203a6b5fb33e009a7b1a8ede2b995552
fc7848c80aa4e1e90fe9c6c156f1f550b0114899
8c89c4f3023d02b04197a30ca20f42ca7eb2634e1432ffff7b9d641a1f71a066
GET /attachments/818120722869911602/883999740071657542/nitro.png HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: image/png
content-length: 7036
cf-ray: 772d9d92eaf10b59-OSL
accept-ranges: bytes
age: 82209
cache-control: public, max-age=31536000
etag: "203a6b5fb33e009a7b1a8ede2b995552"
expires: Fri, 01 Dec 2023 17:41:46 GMT
last-modified: Sun, 05 Sep 2021 08:59:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1630832361995283
x-goog-hash: crc32c=/XhSjA==, md5=IDprX7M+AJp7Go7eK5lVUg==
x-goog-metageneration: 2
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7036
x-guploader-uploadid: ADPycdvyWD6aSwRW1d6lTPpQud3yd32QZ7eg_GiJrVQ8gENel_gF4zJx-GCD_yeXvXEf_EKMocnRjW5xyjBU8M_OztEdJQ
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmfK6t2LU7V68qsF4EX0mE3Xdf5KVbUxr0EkaukURDTWQmpGDXwgcm112x48ANJK3kp6VkkZoThsN73rASiI6qCnWapxesfAur7Hwm3d6lxQf20ktwjdWPJ6TFaFDY51RjfVVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/818120722869911602/884000234466869299/66.png
162.159.134.233200 OK 358 kB URL HTTP/2 cdn.discordapp.com/attachments/818120722869911602/884000234466869299/66.png
IP 162.159.134.233:0
File type PNG image data, 708 x 464, 8-bit/color RGBA, non-interlaced\012- data
Size 358 kB (357891 bytes)
Hash 1f3804a68918996481e867f30dc0df05
65ee0c18aa74294884c4fe5edfb9406f3a567187
818637899615c4100981db44740795fc42d9163bc436c8596d384304fd8f2caa
GET /attachments/818120722869911602/884000234466869299/66.png HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: image/png
content-length: 357891
cf-ray: 772d9d92eaf40b59-OSL
accept-ranges: bytes
age: 43646
cache-control: public, max-age=31536000
etag: "1f3804a68918996481e867f30dc0df05"
expires: Fri, 01 Dec 2023 17:41:46 GMT
last-modified: Sun, 05 Sep 2021 09:01:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1630832479872659
x-goog-hash: crc32c=PgvrCA==, md5=HzgEpokYmWSB6GfzDcDfBQ==
x-goog-metageneration: 2
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 357891
x-guploader-uploadid: ADPycdvAAMa9z-acErIB9ULpk-gqGPjw450GpI_BV5fEIM_BholTDZ9Du3z_qqcdgijjX5XKsSbDBKx313PQidsDPEZgaw
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuLWZGbDXRalgK5wnoviHkLTVY9U90R7vLHDe3hWXqtH%2FGdGtToHp0Ddo0Y5ZpXQaXC2esxBSxpNFfPbznqcwjwfYw%2BUFgNHFEOV5AgTPtY0fklhKuyrMdW70BhaX2nyg%2F5AUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/818120722869911602/884000214405496832/55.png
162.159.134.233200 OK 357 kB URL HTTP/2 cdn.discordapp.com/attachments/818120722869911602/884000214405496832/55.png
IP 162.159.134.233:0
File type PNG image data, 708 x 448, 8-bit/color RGBA, non-interlaced\012- data
Size 357 kB (357275 bytes)
Hash 52fad5e8c8138689b6a5fad2e79cc63f
36f43d633257152492f931be7efa37d6007974aa
2ce3da00b8194687cc9ccc2732560e47bb79b2a825f51212bf87a0f7d200aa05
GET /attachments/818120722869911602/884000214405496832/55.png HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: image/png
content-length: 357275
cf-ray: 772d9d92eaf00b59-OSL
accept-ranges: bytes
age: 43646
cache-control: public, max-age=31536000
etag: "52fad5e8c8138689b6a5fad2e79cc63f"
expires: Fri, 01 Dec 2023 17:41:46 GMT
last-modified: Sun, 05 Sep 2021 09:01:15 GMT
vary: Accept-Encoding
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1630832475088091
x-goog-hash: crc32c=S8hpnQ==, md5=UvrV6MgThom2pfrS55zGPw==
x-goog-metageneration: 2
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 357275
x-guploader-uploadid: ADPycdu1OHUGzuEg7epMAz8OTRDwT-fjh6Z80ZRAeMrZapV5bCRiityl__zk703v8EkeK0vqAAm5AgBPfCY3Xy8k6rgsvA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqNLnZRtipSBzjKpYH6EKM6A00h85%2FQwwu0QS2NAK8f0kz3x0ALy0T25mYKj6yzSWwVpmrBAfij5eJlPXqiHHM7kqgpg8TPKaraSQRkRH44%2F7slWpLGD9ZNLRl4cw3WeQYiwKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash dcf7f558f4cc3cc79f98134ef98baeee
3474357db337e445d0dd97085f5f6c62ff4dbf64
b88288ca23884a89d6b2de3bcf7e003be78997a8a3051b65b9ea429449869add
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1219
Cache-Control: max-age=149602
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 17:41:46 GMT
Etag: "638887f9-118"
Expires: Sat, 03 Dec 2022 11:15:08 GMT
Last-Modified: Thu, 01 Dec 2022 10:54:49 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash dcf7f558f4cc3cc79f98134ef98baeee
3474357db337e445d0dd97085f5f6c62ff4dbf64
b88288ca23884a89d6b2de3bcf7e003be78997a8a3051b65b9ea429449869add
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1352
Cache-Control: max-age=149735
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 17:41:46 GMT
Etag: "638887f9-118"
Expires: Sat, 03 Dec 2022 11:17:21 GMT
Last-Modified: Thu, 01 Dec 2022 10:54:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 049baacc1cf95c325025cab178492e27
dc8133bdbb7a0fb0e3c10839c9d4dc44e9ab5d86
bc841f914685305557917e26c7ce1ddd6111c757507d632c596aa7dcd51ccfdc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1951
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 17:41:46 GMT
Last-Modified: Thu, 01 Dec 2022 17:09:15 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash dcf7f558f4cc3cc79f98134ef98baeee
3474357db337e445d0dd97085f5f6c62ff4dbf64
b88288ca23884a89d6b2de3bcf7e003be78997a8a3051b65b9ea429449869add
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1219
Cache-Control: max-age=149602
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 17:41:46 GMT
Etag: "638887f9-118"
Expires: Sat, 03 Dec 2022 11:15:08 GMT
Last-Modified: Thu, 01 Dec 2022 10:54:49 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
discord.com/assets/be0060dafb7a0e31d2a1ca17c0708636.woff
162.159.135.232403 Forbidden 4.9 kB URL HTTP/2 discord.com/assets/be0060dafb7a0e31d2a1ca17c0708636.woff
IP 162.159.135.232:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (531)
Hash 38c7f6d3bebd07e2f6276957ad1c9fcb
12ea62db88db28c842c33653c44fc6b95a07040a
01c2d64472a85c512bfc2162e0cfa5ac3fbb90324d24b9cfc26165d0dcc3da55
GET /assets/be0060dafb7a0e31d2a1ca17c0708636.woff HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gifltdilscorsw.com
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: text/html; charset=UTF-8
content-length: 4918
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHuD%2BnXFEmuemQ7ah4Gffsq3MtHlun6Mj26t5Deh0umC88%2FaIzThOPhUk%2FsXVD9CPl0qZ5Scpuh4HTa71v1ySoUUawKhxKaDUbUdn8uwATMFhgrNIiW8dqrvtR4g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772d9d93cff3b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
discord.com/assets/3bdef1251a424500c1b3a78dea9b7e57.woff
162.159.135.232403 Forbidden 4.9 kB URL HTTP/2 discord.com/assets/3bdef1251a424500c1b3a78dea9b7e57.woff
IP 162.159.135.232:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (531)
Hash 987b9a366506a0290208dcfb244a5e6c
9c79c5b3d6e88b7db2594f80027ed3f83449f680
7812fa3f32cf5d2c06af479e1124a3d55ef06b93438b28986a967fb060bfdb7b
GET /assets/3bdef1251a424500c1b3a78dea9b7e57.woff HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gifltdilscorsw.com
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: text/html; charset=UTF-8
content-length: 4918
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbi58IEv8Ee9K8s%2BrvFQZRp83I40LEJ6r9WiHdQarBFJNerHfCTLhLnyafwA9JpbXY7nL6BfMyQOKmMFdjqP6eHzXo5ZpHhoTHQzJQGbaf83%2Bs1bmiykti0hLtMY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772d9d93cff5b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
discord.com/assets/0.1fafb1729b3e11fa547c.css
162.159.135.232403 Forbidden 6.5 kB URL HTTP/2 discord.com/assets/0.1fafb1729b3e11fa547c.css
IP 162.159.135.232:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (531)
Hash f69421fe7ac547dfb791f66a588ca3dc
08a29a1fbcfec2b882c3c2254a698605aec9d68e
74f213c71bf83a96d460554a11e8935731bf599d546650affe6b6b309efab33e
GET /assets/0.1fafb1729b3e11fa547c.css HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4n1ZLRoyudmAqfUB0X4LYbR%2BvluILaBK%2FO9GqHNvuS%2BnJQXEdT4uw5pSeJd%2FwMELy5mKbeoCIwdOGUZOoq%2BnUFP6p7YAi%2Bgb5kqG8OEzvQR9bWIcV%2B2EjFDOq4Ps"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772d9d937f90b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
discord.com/assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2
162.159.135.232403 Forbidden 4.9 kB URL HTTP/2 discord.com/assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2
IP 162.159.135.232:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (531)
Hash 3dcbaeefaffc99d2018d5cd56eac5ac7
856226033be0423cac4adc3d7e4089f210d11d66
88eb615a4a2fb811240b5dc995fe87daa4ba3107feb38f0cf1b0da08e08f13b8
GET /assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2 HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gifltdilscorsw.com
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: text/html; charset=UTF-8
content-length: 4918
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSTT%2Bf9%2BUV7d6%2BZNky7WX6pz5uwRILChvWNb%2BUsm0Cz8i46G0B%2FFM3Iy1s9iSj5ATB4%2FalnQjPlT31%2F5ECJC94bYJgCbPXvsxYlyANBpchbvTCGyhb9kQ%2FSMUIgR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772d9d93d81fb4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 17:41:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gifltdilscorsw.com/
185.149.120.71200 OK 5.0 kB IP 185.149.120.71:0
Hash 70ff48a997486f30cac145ad085dd16f
8e97724f0ee54e8469118d187d45ec3719640ef2
64558baa5759587f2a20191fcfd7f991c657d07efa689fb4ffebbf78d5a3d731
Analyzer Verdict Alert fortinet Phishing
POST / HTTP/1.1
Host: gifltdilscorsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gifltdilscorsw.com/LT
Content-Type: application/json
Origin: https://gifltdilscorsw.com
Content-Length: 21
Connection: keep-alive
Cookie: __ddg1_=ICdXrwlMUhWKDJXBm0ZR; session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsaW5rSUQiOjcwOTM3LCJvd25lciI6ODIyLCJkb21haW5JRCI6MTMwMDgsImRvbWFpbiI6ImdpZmx0ZGlsc2NvcnN3LmNvbSIsInBhdGgiOiJMVCIsInJlYWxJcCI6IjkxLjkwLjQyLjE1NCIsImlhdCI6MTY2OTkxNjUwNX0.l1nPo0RpANQCf8MSNTl_qdW8PH3BDCTF0VeMUP3Ua_s
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
set-cookie: session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsaW5rSUQiOjcwOTM3LCJvd25lciI6ODIyLCJkb21haW5JRCI6MTMwMDgsImRvbWFpbiI6ImdpZmx0ZGlsc2NvcnN3LmNvbSIsInBhdGgiOiJMVCIsInJlYWxJcCI6IjkxLjkwLjQyLjE1NCIsImlhdCI6MTY2OTkxNjUwNSwiZmFrZV92aXNpdCI6dHJ1ZX0.oGScXodMPxwrxXrVCJHTYEISr3iXw0Pxq_ZEoakFnvU; Path=/
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0ea87db59dce85a59e0cb6456fb593e7
d2d4307d2c444a2c14a280995b185f2d6d96539b
bea3c2ac6b37c6d3ebc7e5c4825d3f6c32dd4ef82c526ff6277cbcc4f8048f91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2133
Cache-Control: max-age=115994
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 17:41:46 GMT
Etag: "6388011f-1d7"
Expires: Sat, 03 Dec 2022 01:55:00 GMT
Last-Modified: Thu, 01 Dec 2022 01:19:27 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css?family=Press%20+%20Start%20+%202p
142.250.74.106400 Bad Request 39 kB URL HTTP/2 fonts.googleapis.com/css?family=Press%20+%20Start%20+%202p
IP 142.250.74.106:0
Hash ef7a4d65ebff3d81389d527652498945
df631382ac28a1ade1713515772fda161374f9d6
ecfc952f812dd61917731b36212b0fccfa133663b8307d3647a9f60d737d14b9
GET /css?family=Press%20+%20Start%20+%202p HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Dec 2022 17:41:46 GMT
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/880449376957390941/889581462108639263/pososi_mudila.webm
162.159.134.233403 Forbidden 298 B URL HTTP/2 cdn.discordapp.com/attachments/880449376957390941/889581462108639263/pososi_mudila.webm
IP 162.159.134.233:0
File type XML 1.0 document text\012- XML document, ASCII text, with no line terminators
Hash 3861a3795095fe81fcb8382d2b9066bd
2cef2af9a35d636c3af48902c20891ec49a8e791
b19463cb9b847bdfc7dbf8133d9702d0a0ecc4175335c4a75db211e0196f84b3
GET /attachments/880449376957390941/889581462108639263/pososi_mudila.webm HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: application/xml; charset=UTF-8
content-length: 298
cf-ray: 772d9d939b8f0b59-OSL
cache-control: private, max-age=0
content-disposition: attachment
expires: Thu, 01 Dec 2022 17:41:46 GMT
vary: Accept-Encoding
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-guploader-uploadid: ADPycdsIDPIhXB7wiRCldgXgzsCdSn0oYe8LE2UaGLVD0MvJJL4Klpgwx8w09nprXUqrGpK4j-BwQrk2cagK1VayJ4tEnA
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJ1zi1hWmqOFDVL3I56dhjuQQdv34U3BblENGDoHsPyUPylCRX%2BfEadkLHyf8U%2B42ER6eYfrZ4tgHRpdACrJsusgppeQuRA7P%2FQJC439fl8%2BOxscjPFhbP88pDjmMLMN0sH5Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 17:08:56 GMT
cache-control: public,max-age=3600
age: 1970
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2433
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 17:41:46 GMT
Last-Modified: Thu, 01 Dec 2022 17:01:13 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.165.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3jzozsNXMbCY/AAzzMVe9A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fcaztyQi0AXpfw/Lo/Xvz/t74xs=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8372
Expires: Thu, 01 Dec 2022 20:01:20 GMT
Date: Thu, 01 Dec 2022 17:41:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8372
Expires: Thu, 01 Dec 2022 20:01:20 GMT
Date: Thu, 01 Dec 2022 17:41:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8372
Expires: Thu, 01 Dec 2022 20:01:20 GMT
Date: Thu, 01 Dec 2022 17:41:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8372
Expires: Thu, 01 Dec 2022 20:01:20 GMT
Date: Thu, 01 Dec 2022 17:41:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8372
Expires: Thu, 01 Dec 2022 20:01:20 GMT
Date: Thu, 01 Dec 2022 17:41:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 12:31:43 GMT
age: 18605
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
discord.com/assets/c8d1fec4ad144f280f54.js
162.159.135.232403 Forbidden 14 kB URL HTTP/2 discord.com/assets/c8d1fec4ad144f280f54.js
IP 162.159.135.232:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (531)
Hash 6fa62b45b955f0a9a96f737383367ae3
296464dc50cbab1433835623ce0072731213992f
446dc39725cf8a927c2757538991bd49837781f6ee0f5f92d32c9cc741825af3
GET /assets/c8d1fec4ad144f280f54.js HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2F8KcCFvMHPWz%2B344rxSCX6fuPWSf5CcK7MW7kgYWM9%2Bby4g6jmBnJFS7jsCCG54BbF%2BNsXwaA7sgZAEQ2EQed%2BaoUCY%2FB32kG%2FnT1SJqqPyuzBM7wUTbFSNhuQE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772d9d937f95b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:44:47 GMT
age: 71821
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 10:48:24 GMT
age: 24804
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 71775
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: b7c0e28a-de0d-443d-8bf4-900a964bf110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uSFcMoAMF2CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc1-7abade3a670201cf1906b79f;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gZSkafSw8cXo9AChLOTVJW7r_hHLW8kaHlA-ED2_zFJwuUk1uS3VRw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:29:36 GMT
age: 15132
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
discord.com/assets/220d6edab61258b8bec9.js
162.159.135.232403 Forbidden 0 B URL HTTP/2 discord.com/assets/220d6edab61258b8bec9.js
IP 162.159.135.232:0
GET /assets/220d6edab61258b8bec9.js HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4xhwIhLexFXIeowCG%2FPPsaJfTySMZ57Qusx4xqqbcIb5B7FwUQ%2FyrnRK%2Bf3cIkSMfHlKN44OW%2FE1XwLkMC2ayaXsUjMCO1ChCqG87ZEinm2%2FJmh6n3j1ivLiup2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772d9d937f96b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
discord.com/assets/00a0131a221e58790dd0.js
162.159.135.232403 Forbidden 0 B URL HTTP/2 discord.com/assets/00a0131a221e58790dd0.js
IP 162.159.135.232:0
GET /assets/00a0131a221e58790dd0.js HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4xDwNRIcmdjFWE92fwvYWkVujiURWGFVN9SlRhTLgg5ZxWhZGAbUAcRazpUrWQmrjf2Oo5F4bZrAWo7koa4Yh0jmk2Mua3DWLVoKFPsoiNLmLDpUp0jMBcO%2FuJX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772d9d937f91b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
discord.com/assets/41b19499e43362e694db.js
162.159.135.232403 Forbidden 0 B URL HTTP/2 discord.com/assets/41b19499e43362e694db.js
IP 162.159.135.232:0
GET /assets/41b19499e43362e694db.js HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7Rnmi7KAj9rWDF9vj9YsjKrJN%2BhQ%2BHIzHgeyknoPpBbyY9Z1WZKwgJUnAg%2F0yUTvIBGaLwyAROaJzbuVp%2BRBxVdzL5SON8p3OIWEkJ08070HXEmK2AcqfuYo1Fu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772d9d937f94b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
discord.com/assets/91a561ed8fe1c491df40.js
162.159.135.232403 Forbidden 0 B URL HTTP/2 discord.com/assets/91a561ed8fe1c491df40.js
IP 162.159.135.232:0
GET /assets/91a561ed8fe1c491df40.js HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqD1ImcWHwYQJZzNs8ndZyMRoICvYWlck4VS4%2FgVXqR1Hyn5DkTdWNbnCO%2BHYwEWG%2BfN4eL%2BlMEc6HHyDgHnZKwWZWEqIX1IgjmXXc1K0%2Bper9cbuuzvlkwygEli"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772d9d939fc1b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
discord.com/assets/5c9406522a805df295db.js
162.159.135.232403 Forbidden 0 B URL HTTP/2 discord.com/assets/5c9406522a805df295db.js
IP 162.159.135.232:0
GET /assets/5c9406522a805df295db.js HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lJgU1IFVFL13XmqtuPslD5MjEFqWnJLcNsC79HWVZNQOAA4SCSWjqgS647uomnbxL7M8cVXKPPvX9QwrAQLCOfzIAJLK%2FR9PgiRwRK1REjmCK9XORPz0DXFVTAU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 772d9d939fc6b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/880449376957390941/880495556596744252/779a770c34fcb823a598a7277301adaf.png
162.159.134.233403 Forbidden 0 B URL HTTP/2 cdn.discordapp.com/attachments/880449376957390941/880495556596744252/779a770c34fcb823a598a7277301adaf.png
IP 162.159.134.233:0
GET /attachments/880449376957390941/880495556596744252/779a770c34fcb823a598a7277301adaf.png HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gifltdilscorsw.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: application/xml; charset=UTF-8
cf-ray: 772d9d92eaea0b59-OSL
cache-control: private, max-age=0
content-disposition: attachment
expires: Thu, 01 Dec 2022 17:41:46 GMT
vary: Accept-Encoding
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-guploader-uploadid: ADPycdsAW-ODwjnwV4UtMQvxCb9SmIoCVT6_Zuj9H23JOdSauNt37bGyV8v2Uhhrb9obhOuLZz0anQ9AlYEoUxiWjE_M8A
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7uERvq4f%2FCzhyhea1sQi1B0n59365tFh7egefYPdprYEgDrRpYnfhnmXmaQz%2F7eAVTMxgZnoNUZ%2Byo5yngQXa1inSaa8PqFeicktxPzrPvy7lHJe%2BomiiGsh9%2Bp9yw8p3UDGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
gifltdilscorsw.com/4afl/login/
185.149.120.71200 OK 0 B URL HTTP/2 gifltdilscorsw.com/4afl/login/
IP 185.149.120.71:0
Analyzer Verdict Alert fortinet Phishing
GET /4afl/login/ HTTP/1.1
Host: gifltdilscorsw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gifltdilscorsw.com/LT
Connection: keep-alive
Cookie: __ddg1_=ICdXrwlMUhWKDJXBm0ZR; session=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsaW5rSUQiOjcwOTM3LCJvd25lciI6ODIyLCJkb21haW5JRCI6MTMwMDgsImRvbWFpbiI6ImdpZmx0ZGlsc2NvcnN3LmNvbSIsInBhdGgiOiJMVCIsInJlYWxJcCI6IjkxLjkwLjQyLjE1NCIsImlhdCI6MTY2OTkxNjUwNX0.l1nPo0RpANQCf8MSNTl_qdW8PH3BDCTF0VeMUP3Ua_s
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
date: Thu, 01 Dec 2022 17:41:46 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
etag: W/"ccd8-UuyFAbJ/SIgoQvxhitsBXSj7/o8"
content-encoding: gzip
X-Firefox-Spdy: h2