POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3055
Expires: Wed, 25 Jan 2023 07:37:47 GMT
Date: Wed, 25 Jan 2023 06:46:52 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5371
Expires: Wed, 25 Jan 2023 08:16:23 GMT
Date: Wed, 25 Jan 2023 06:46:52 GMT
Connection: keep-alive
|
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
 35.241.9.150
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 06:42:47 GMT
age: 245
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18252
Expires: Wed, 25 Jan 2023 11:51:04 GMT
Date: Wed, 25 Jan 2023 06:46:52 GMT
Connection: keep-alive
|
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
x-amz-id-2: SKQ03Ikgbu3tFnNeNuo3xCuaE/G04B0VvK02hS3fT0E8uL+Kw958gDWZ95PfKjAg8ftC0PzpqNA=
x-amz-request-id: BEKNNYSC04VNBPYA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 05:48:27 GMT
age: 3505
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Wed, 25 Jan 2023 06:46:52 GMT
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
35.241.9.150
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 05:48:59 GMT
age: 3473
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4780
Expires: Wed, 25 Jan 2023 08:06:33 GMT
Date: Wed, 25 Jan 2023 06:46:53 GMT
Connection: keep-alive
|
GET /feed/?link=true&tid=21&subid=21.67.2_nojs.us.&ref=t5.lowtid.com&s1=63d0d04ac77c7d0d642afac3 HTTP/1.1
Host: 21.us.tealwinds.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
23.235.251.114
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache
Location: https://redir.blowingwind.xyz/click/invalid/?tid=21&subid=21.67.2_nojs.us.
Date: Wed, 25 Jan 2023 06:46:53 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked
|
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m9hNIADMxarNxBxKDyAcIA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
search
35.161.26.194
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XZOIR6NHJ+U3IHWUPGasIyh/KiQ=
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "5D3876B7982197E54B7E007498257B3349D345D6DD9C3212553F643B030C91DB"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 25 Jan 2023 12:46:53 GMT
Date: Wed, 25 Jan 2023 06:46:53 GMT
Connection: keep-alive
|
GET /click/invalid/?tid=21&subid=21.67.2_nojs.us. HTTP/1.1
Host: redir.blowingwind.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
|
search
198.211.113.186
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Location: https://t10.lowtid.com/k.php?p=c:9qopki6xwqp78c2dg&d=603611c5b7eaf46891533240&s=21.21.67.2_nojs.us.&s2=21
Vary: Accept
Content-Length: 278
Date: Wed, 25 Jan 2023 06:46:54 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "51586C40C2A27D8B4B9F6A2579A670ED5240629E89A6041039E8F525A3F951C1"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20138
Expires: Wed, 25 Jan 2023 12:22:32 GMT
Date: Wed, 25 Jan 2023 06:46:54 GMT
Connection: keep-alive
|
GET /k.php?p=c:9qopki6xwqp78c2dg&d=603611c5b7eaf46891533240&s=21.21.67.2_nojs.us.&s2=21 HTTP/1.1
Host: t10.lowtid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
|
search
 51.83.143.92
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
Server: nginx
Date: Wed, 25 Jan 2023 06:46:54 GMT
Content-Length: 0
Connection: keep-alive
Round: 119cdtswvl
Raund: 12uf2w0vxv-2v5
Location: https://popcash.net/world/go/134600/317194
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12075
Expires: Wed, 25 Jan 2023 10:08:09 GMT
Date: Wed, 25 Jan 2023 06:46:54 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12075
Expires: Wed, 25 Jan 2023 10:08:09 GMT
Date: Wed, 25 Jan 2023 06:46:54 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12075
Expires: Wed, 25 Jan 2023 10:08:09 GMT
Date: Wed, 25 Jan 2023 06:46:54 GMT
Connection: keep-alive
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f7aba17-803f-412c-8ef7-0959b52f87cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9650
x-amzn-requestid: 3b968ee5-c941-4305-9f06-01e646deef15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88wEUmoAMFerw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-061f65177f36420a4685f372;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xfiiS5M5j8iYKMyopaVqwYV6KKB1VIWT_yQbEKZ9G1wuq2QUEyDBpA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:10:29 GMT
age: 12985
etag: "958b50e9e7e5e02882d55612a5d6d2402e225390"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2972ed07-7fe0-4c0a-99f8-993c3f6e55c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 4831
x-amzn-requestid: 4ceba3ec-44dc-41ba-98b4-524c2903ac04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-m4tGcroAMFg_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8eb6a-5e4a27fa6526eaf45b38b965;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 07:04:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2R-NhoznKwfi_KmBrxzSpGAgskeqO5bItI96XoeE2cnL1qNEsSApNw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 09:40:40 GMT
age: 75974
etag: "1a1ebddb1ee9cf3c2445d29a85127134a0a5db01"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c2ede8d-ac50-4d79-98d8-53ba683ea9fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9864
x-amzn-requestid: dd368937-de20-4e2a-82e3-e82bc20a806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4AtgGu3oAMFaoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c647ef-7efe789a5411c14a74ec327a;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:02:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8MAwoNj7febyP2pH8bDcDTVBP3RLzRKpSqkG_A4L0G9i_-s64YVuJw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 14:55:46 GMT
age: 57068
etag: "2528a659d067ce39b31d5d8a0a9943e313a4caa6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K73B093GBbsf85ny_o8fc9oE417nJBFlH0eEdhiifeQk3KG5Q-HHdg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 07:54:32 GMT
age: 82342
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd57136f3-3a32-4cb9-be6a-29e47e59a6f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 5732
x-amzn-requestid: d59f1165-e5c8-4a43-a7be-32f0d9ef2ff1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFK9EFNjIAMF5hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb8b86-1f8d46827f84aa3119e4195c;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 06:51:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x0-Cy2E3bQp52z6h4jB6wQ4xAEM5vuuVBPc4A6ZNfv_zbgBsbWDbtA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 15:21:30 GMT
age: 55524
etag: "3a5ac9f9831aa4c735d335e7d24e9ccc5e1ee0d4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07f8fda5-486e-4c4b-82f2-d763219f4562.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 6715
x-amzn-requestid: c808c9d9-bbbb-43ff-ab15-33074a760093
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4BO5En_oAMFTzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c648c5-67151eb46f5a10b0732fbd09;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:05:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0pvebF903zoRPgzBK2gxMlcYQTurylOzzCfOO07hYCG5aD7wX_fl9g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 09:51:11 GMT
age: 75343
etag: "298cafecdcac99de25fe5c2c4c993487f73ced6b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /world/go/134600/317194 HTTP/1.1
Host: popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
|
search
 104.21.52.38
HTTP/2 301 Moved Permanently
content-type: text/html
date: Wed, 25 Jan 2023 06:46:54 GMT
content-length: 162
location: http://ps.popcash.net/go/134600/317194
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtlI1ODf7igFzQe8qIrOSlXK%2BoS0LP6wgcdHgFv9%2F%2FoE0WNVBCDPEm0Njbt2zu%2B7kOilzsM1xes3%2BlqWCFNOi2TowU5fANxje9xOxL1Wa59FSXkiQ6oEXWfCaNH6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ef0dee08dcb509-OSL
X-Firefox-Spdy: h2
|
GET /go/134600/317194 HTTP/1.1
Host: ps.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
52.20.154.189
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Date: Wed, 25 Jan 2023 06:46:55 GMT
Server: nginx
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive
|
GET /ad/ad?p=134600&w=317194&t=ce8d59e21a53f699&r=&vw=1280&vh=0 HTTP/1.1
Host: ps.popcash.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ps.popcash.net/go/134600/317194
Upgrade-Insecure-Requests: 1
|
search
52.20.154.189
HTTP/1.1 303 See Other
Date: Wed, 25 Jan 2023 06:46:56 GMT
Location: https://adeumssp.com/smart?p=CsxnKsUCG9yw6Ygyhidzm6oiJ2jrV4PSrgPJitGQya&s=adeum.click
Server: nginx
Content-Length: 0
Connection: keep-alive
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 06:46:57 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 14:30:50 GMT
Expires: Sun, 29 Jan 2023 14:30:49 GMT
Etag: "c6eec773efa15b35e1195adc8d5707d2238f615f"
Cache-Control: max-age=372831,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78ef0dfdade8b4f4-OSL
|
GET /smart?p=CsxnKsUCG9yw6Ygyhidzm6oiJ2jrV4PSrgPJitGQya&s=adeum.click HTTP/1.1
Host: adeumssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
 168.119.13.238
HTTP/2 302 Found
content-type: text/html; charset=utf-8
date: Wed, 25 Jan 2023 06:46:57 GMT
content-length: 506
location: https://fancycrab.net/click?a=Csxn&e=gAAAAABj0NBhFJu6AJXvZbIiR9gHIoJJIpnsaKVsiWzUiE9g0ciDjyi39fqZ397oYzd7gtHwvVjyp4OJiCXp4NP5n5wrwqGs57Y-A5Syl9wqmbMw1V4-dWNjrU0uNxDPQs5wIse6Eih50G-5b4lV010_-pYp4NzNEE-S-KR8qGqoXaJJj2-khUl3UWzi3yZo6K4WwwJorIx4zVSUdzz7DVb645avKbpJA-kmCX2v1fUDQk5eNGZJEq8dagf6-nLYShjAg1t_8kxI4DVMj40wWry0rOqcpJe_vV3vsiTnCZQBD9wp9I107X7sNl_f638tuIbhTWCIHZNVK6F2IyliJhMS5j0KTRNaO1awYY8x3ByIMbWnQFDONnzq-2zeIdBvSnui3umncZrmwER_xVWBygjxCMaDBtyv01Y6NubsgeZ9Yyu16WSbUGk%3D
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 06:46:57 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 17:21:53 GMT
Expires: Mon, 30 Jan 2023 17:21:52 GMT
Etag: "a7ddfc2b76ca11b3e2ae6650c3a57f893b4027fd"
Cache-Control: max-age=469494,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78ef0e02ec64b4f4-OSL
|
GET /sc?a=Csxn&c=nKKMmfUGqNJJya8qsKq7LV&e=gAAAAABj0NBhCIl8N2sicxjqEsvwo7bTBRH9gevQilGdAykHZ1aHlmaEDSvDsBrQkkHbzRkeDIclNeyROHUokQYQKq1htHcVSN5B4yM-asS1Vb_KMTOBrNZJgSOu84AJ1utdjA9AoB7WLsv4eRq-PEG_QwUc-kBbzKcoDMrSpZmhCTvmu72aK3uSGZ_Bqb4WzyTmFATQ-Hwy6vg4Eqy1AAQGT5dW66c_H_EpRXJIeY9nhMleg67KwmrN-qstwLydubau7RQqWY7r6fg_Lp78aZUPc1s9qsgsVWJLDhvyxChrjfhpnMPKnlpT9w6wGscT3_Okzd5xHlGeTHI6PXA_ZKDm1By8RvAIjvYzVNrWKbtYtWNkNSWMuOpTXtP_1Jr1hHK7qvfBYmZDx8X5CNYljjOgPJgdtxaKAX907alUt2NwuTgTTkt1OnU=&f=0 HTTP/1.1
Host: fancycrab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fancycrab.net/click?a=Csxn&e=gAAAAABj0NBhFJu6AJXvZbIiR9gHIoJJIpnsaKVsiWzUiE9g0ciDjyi39fqZ397oYzd7gtHwvVjyp4OJiCXp4NP5n5wrwqGs57Y-A5Syl9wqmbMw1V4-dWNjrU0uNxDPQs5wIse6Eih50G-5b4lV010_-pYp4NzNEE-S-KR8qGqoXaJJj2-khUl3UWzi3yZo6K4WwwJorIx4zVSUdzz7DVb645avKbpJA-kmCX2v1fUDQk5eNGZJEq8dagf6-nLYShjAg1t_8kxI4DVMj40wWry0rOqcpJe_vV3vsiTnCZQBD9wp9I107X7sNl_f638tuIbhTWCIHZNVK6F2IyliJhMS5j0KTRNaO1awYY8x3ByIMbWnQFDONnzq-2zeIdBvSnui3umncZrmwER_xVWBygjxCMaDBtyv01Y6NubsgeZ9Yyu16WSbUGk%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
|
search
168.119.67.101
HTTP/2 302 Found
content-type: text/html; charset=utf-8
server: nginx/1.19.1
date: Wed, 25 Jan 2023 06:46:57 GMT
content-length: 114
location: https://asap.makesmestronger.com/clkn?n=13&l=&data=7d516a090ce120ae39396862f375b843
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "381FB619DE6BB951793CA11D05906507716158903F2CA4BB6FEB43429FFAA277"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17649
Expires: Wed, 25 Jan 2023 11:41:07 GMT
Date: Wed, 25 Jan 2023 06:46:58 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "9D43E1BFADD159AA940B25A6E89EF24B2CA1F60DF72FBEE323D45FE3FD631298"
Last-Modified: Mon, 23 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21572
Expires: Wed, 25 Jan 2023 12:46:30 GMT
Date: Wed, 25 Jan 2023 06:46:58 GMT
Connection: keep-alive
|
GET /clkn?n=13&l=&data=7d516a090ce120ae39396862f375b843 HTTP/1.1
Host: asap.makesmestronger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fancycrab.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
138.201.62.234
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Wed, 25 Jan 2023 06:46:58 GMT
access-control-allow-origin: http://admin.local
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
|
GET /click?a=Csxn&e=gAAAAABj0NBhFJu6AJXvZbIiR9gHIoJJIpnsaKVsiWzUiE9g0ciDjyi39fqZ397oYzd7gtHwvVjyp4OJiCXp4NP5n5wrwqGs57Y-A5Syl9wqmbMw1V4-dWNjrU0uNxDPQs5wIse6Eih50G-5b4lV010_-pYp4NzNEE-S-KR8qGqoXaJJj2-khUl3UWzi3yZo6K4WwwJorIx4zVSUdzz7DVb645avKbpJA-kmCX2v1fUDQk5eNGZJEq8dagf6-nLYShjAg1t_8kxI4DVMj40wWry0rOqcpJe_vV3vsiTnCZQBD9wp9I107X7sNl_f638tuIbhTWCIHZNVK6F2IyliJhMS5j0KTRNaO1awYY8x3ByIMbWnQFDONnzq-2zeIdBvSnui3umncZrmwER_xVWBygjxCMaDBtyv01Y6NubsgeZ9Yyu16WSbUGk%3D HTTP/1.1
Host: fancycrab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
168.119.67.101
HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: nginx/1.19.1
date: Wed, 25 Jan 2023 06:46:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
54.230.80.227
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 06:46:59 GMT
Last-Modified: Wed, 25 Jan 2023 06:07:09 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -Zj-7KTa2UcIFAmdgAry349pRfsxdqr0xJnkefWoU0tfdYeb8DERRQ==
Age: 2390
|
GET /zcvisitor/0fd57ac0-9c7c-11ed-8274-0a2e3f5d5cc3/a94747d0-8051-11ec-a6af-0aa74c67d847?campaignid=3c0663e0-af7c-11ec-bfe9-0a918cbcbb97 HTTP/1.1
Host: thor-pom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://game-addicted.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
54.237.193.255
HTTP/2 302 Found
date: Wed, 25 Jan 2023 06:46:59 GMT
content-length: 0
location: https://backend.finalono.com/v1/rtb?domain=finalono.com&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=9632984324&visitorIPAddress=46.15.231.130&forceShopping=100480081&smart=true&sourcePlatform=tonic&cpc=0.006410&source=foxtrot-rah-k7q28pm4w8&campaignName=TNC-RON-NO-DESKTOP-Normalize-tiles-klk-96969426&geo=NO&auctionId=zr0fd57ac09c7c11ed82740a2e3f5d5cc3c0ac821661844675afa441bc1d107274070710cfb5fa0ef23d&match=maxi+climber&device=desktop&browser=firefox&os=windows&long_campaign_id=3c0663e0-af7c-11ec-bfe9-0a918cbcbb97&isRON=true
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: cVLeyUCm
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 6150
Cache-Control: max-age=120738
Date: Wed, 25 Jan 2023 06:47:01 GMT
Etag: "63cfed01-1d7"
Expires: Thu, 26 Jan 2023 16:19:19 GMT
Last-Modified: Tue, 24 Jan 2023 14:36:49 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
|
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://backend.finalono.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
 31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: zACXaMGK51gr2P9SXrsfZLLZqjPkKc3duD356davJgVzuXe7F8oinHOWWB1aAN37RmEaQmWMk2qao2LCoKGVcA==
content-length: 27859
x-fb-trip-id: 1904183273
date: Wed, 25 Jan 2023 06:47:01 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 6150
Cache-Control: max-age=120738
Date: Wed, 25 Jan 2023 06:47:01 GMT
Etag: "63cfed01-1d7"
Expires: Thu, 26 Jan 2023 16:19:19 GMT
Last-Modified: Tue, 24 Jan 2023 14:36:49 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
|
GET /favicon.ico HTTP/1.1
Host: backend.finalono.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://backend.finalono.com/v1/hybrid-web?q=twjmlwsxyaleahuvvzbdexbc4e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
search
104.26.12.138
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
date: Wed, 25 Jan 2023 06:47:01 GMT
cache-control: public, max-age=14400
cf-cache-status: HIT
age: 103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BG%2FNnIMjPepxFgqM%2BRhUjMnoyrFskqMoEPv6L4FxB3RrYJu3IwSEkUx0EFcEFhlKznsqFe51SzVQxlXn1VZSR6J6S7Qn6WRjlceDg%2F2uyjikc403hzFn0Uy7W3adcF2kwkYPz0PC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ef0e187e9ab500-OSL
content-encoding: br
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /run?data=nbwn9EVWwhYik5Lgvxmp0IUh%2Fnjrdbf9joh%2FPQZic4nE2DpGR6xKVSvgzfYmZfSXgbQNp9rbgoZ%2BtmqcETL0aDQFn2Qfepl68wEpNUejhmge8YwPdvH%2F1I6qzvexf3vY0ImVnldnRrVIz6jJi2S%2Bv7OH116et%2Fgc9%2Fu38luk5%2B3x7%2BqF%2BMv9k1KbO5U34ydYXioKtsaunCFyUNqHmQngok9ekeALLxeDfaZzMlu93LcSJb5VHnK0JJMLXO%2FXykOHiN0WJfio6W3W6vRNyEyR6dHG8lbiMGNu54ZSwuMzl4JoYO6ZXQ4wgt3yeRBzkbbwgoIj2zBehpsAHIUIh9BV4A%3D%3D HTTP/1.1
Host: asap.makesmestronger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://asap.makesmestronger.com/clkn?n=13&l=&data=7d516a090ce120ae39396862f375b843
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
|
search
138.201.62.234
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
server: nginx
date: Wed, 25 Jan 2023 06:46:58 GMT
location: https://matrixperfect.com/?data=wj09u8SuzYlG5v4THGqDKmFV2Vss59ewRnJ0sWZ8jCKGg1ZO5EjB92LFwSVXKLYRgqB%2FPpUggkVJb5ygOohvz5OOdzZxfSluM4v8ZOs0IlTiG%2BOWKSd0xIKoQXKAH%2F1YHIBVR8Y%2BdvvoR3ye28WLMw%3D%3D
access-control-allow-origin: http://admin.local
access-control-allow-credentials: true
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /v1/rtb?domain=finalono.com&visitorUserAgent=Mozilla&numItems=50&apiKey=89641194-7897-4d80-b90a-b1fc82fc38c6&trackingId=9632984324&visitorIPAddress=46.15.231.130&forceShopping=100480081&smart=true&sourcePlatform=tonic&cpc=0.006410&source=foxtrot-rah-k7q28pm4w8&campaignName=TNC-RON-NO-DESKTOP-Normalize-tiles-klk-96969426&geo=NO&auctionId=zr0fd57ac09c7c11ed82740a2e3f5d5cc3c0ac821661844675afa441bc1d107274070710cfb5fa0ef23d&match=maxi+climber&device=desktop&browser=firefox&os=windows&long_campaign_id=3c0663e0-af7c-11ec-bfe9-0a918cbcbb97&isRON=true HTTP/1.1
Host: backend.finalono.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://game-addicted.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
104.26.12.138
HTTP/2 302 Found
content-type: text/html; charset=utf-8
date: Wed, 25 Jan 2023 06:46:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
location: /v1/hybrid-web?q=twjmlwsxyaleahuvvzbdexbc4e
x-api-version: 4.2.58
x-request-id: svqp89t570l8l6juns98p09fjqqdch5c
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ut7DQringU2QcZM6kgyLHi75ZvsiCv1%2FoQFYjthfwTrqRja%2Bsh53k0%2FFYsLyqB1o6GuKv5qRCy9AxVn5vQNVaKm2iZTsjrK0qfR%2Flz84a1Iff76EiDosFRaw9rUuxQHjrELtZRsW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ef0e0d4cceb500-OSL
X-Firefox-Spdy: h2
--- Additional Info ---
|
37.48.65.152