r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3402
Expires: Fri, 16 Sep 2022 19:36:26 GMT
Date: Fri, 16 Sep 2022 18:39:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 18:10:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HPOtu_EyziaWkdPUjsepfKIYHNynOqqrJmJprB1TCXPq6PjXt0F-XQ==
Age: 1729
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pOGa9CanxIrN-AtX5umdp2Zwu0d3kURE4vjb55yD4uDiG1N4mLmcoA==
age: 50669
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 18:39:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
best-targeted-traffic.com/install.php?unq=16b92223020iynpxpt&version=1.7&pais=unknown
103.224.182.247302 Found 0 B URL HTTP/1.1 best-targeted-traffic.com/install.php?unq=16b92223020iynpxpt&version=1.7&pais=unknown
IP 103.224.182.247:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /install.php?unq=16b92223020iynpxpt&version=1.7&pais=unknown HTTP/1.1
Host: best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 16 Sep 2022 18:39:44 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1663353584.7294533; expires=Mon, 13-Sep-2032 18:39:44 GMT; Max-Age=315360000
Location: http://ww16.best-targeted-traffic.com/install.php?unq=16b92223020iynpxpt&version=1.7&pais=unknown&sub1=20220917-0439-444e-86d4-3b6ca936e8f7
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 16 Sep 2022 18:03:22 GMT
Expires: Fri, 16 Sep 2022 18:24:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IBwxS0B8mDJPql4NUSjvGDolvtI-lOsW25sMR1--xIpljboH-oG5Sw==
Age: 2183
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3db421016cf0e3ad25f324cf0faf0fac
b15909de1105d4d2fb5be5b3920c454daf022445
914b15f28636e0a5e851540ffb0625ecd09d0546b2f1f7af90b267ceebcf1d5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3156
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:39:45 GMT
Last-Modified: Fri, 16 Sep 2022 17:47:09 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.162.110.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.110.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f5jFzYnizjeJINwVBty6iA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3IgF+7GX6OMB/mduC/nBCupy1J4=
ww16.best-targeted-traffic.com/install.php?unq=16b92223020iynpxpt&version=1.7&pais=unknown&sub1=20220917-0439-444e-86d4-3b6ca936e8f7
64.190.63.136200 OK 1.2 kB URL HTTP/1.1 ww16.best-targeted-traffic.com/install.php?unq=16b92223020iynpxpt&version=1.7&pais=unknown&sub1=20220917-0439-444e-86d4-3b6ca936e8f7
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (703)
Hash fba8c896e903ebb8007716a90a2c7b6b
ee28bba9715e00e06d7af79c28306f7f4aa9aa8c
3eabc4b684ca956d5dc7cfe30b5b6afca6a0c053139f2fb9d52b1bd26aec3449
GET /install.php?unq=16b92223020iynpxpt&version=1.7&pais=unknown&sub1=20220917-0439-444e-86d4-3b6ca936e8f7 HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Fri, 16 Sep 2022 18:39:46 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_U19ZY97mgdqXNUmXRT7Ek8/M2D71dDXRBwjwU/Pq3ygSs0dZ4yOBC5dI3OvjCGB2koRgoxklWkOsmNyAzeqqUg==
last-modified: Fri, 16 Sep 2022 18:39:45 GMT
x-cache-miss-from: parking-77d45f54b-rlpzn
server: NginX
content-encoding: gzip
img.sedoparking.com/images/js_preloader.gif
205.234.175.175200 OK 4.3 kB URL HTTP/1.1 img.sedoparking.com/images/js_preloader.gif
IP 205.234.175.175:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 90c93102a88c2ab94bff1575b7a6e86e
56d71bf13de464534643db9d127629a0a3bf677a
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
GET /images/js_preloader.gif HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:39:46 GMT
Content-Type: image/gif
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Fri, 23 Sep 2022 18:39:46 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 790bf6b840ee4e4b528cf22b8cd185e4
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY2MzM1MzU4NjNmZjhlMTQzMGU2NGNhNzQ5NTk0YTNlNmJmMjhiYzcy&crc=997d5e4fdcc74c6bf009a8387996ff665c3a4210&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 ww16.best-targeted-traffic.com/search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY2MzM1MzU4NjNmZjhlMTQzMGU2NGNhNzQ5NTk0YTNlNmJmMjhiYzcy&crc=997d5e4fdcc74c6bf009a8387996ff665c3a4210&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/tsc.php?200=NDA4MDEzNDk4&21=OTEuOTAuNDIuMTU0&681=MTY2MzM1MzU4NjNmZjhlMTQzMGU2NGNhNzQ5NTk0YTNlNmJmMjhiYzcy&crc=997d5e4fdcc74c6bf009a8387996ff665c3a4210&cv=1 HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=16b92223020iynpxpt&version=1.7&pais=unknown&sub1=20220917-0439-444e-86d4-3b6ca936e8f7
HTTP/1.1 200 OK
date: Fri, 16 Sep 2022 18:39:46 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-cache-miss-from: parking-77d45f54b-97vlz
server: NginX
ww16.best-targeted-traffic.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Df7Hx1DB58eM_0&v=NjgxYzc2MmVlMzI2NThlZjdiYzc5NmQ4OTYyNzU1NTIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMGViMS43MzI3OTIzMwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMTE3NC4zMDM1ODk1MwkxNjYzMzUzNTg2CWFkXzYzXzA=&l=OAlkNTc1OThlOTBkMzdiYmI2NzY2M2U0YjY2NWQwNzg5NQkwCTM1CTAJZDRjMjgzZmI1MDc2MWZiZjZlYTk0Y2NlYTU5MjAxNGIJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYzMzUzNTg2CTAuMDAwNDI1CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D
64.190.63.136302 Found 0 B URL HTTP/1.1 ww16.best-targeted-traffic.com/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Df7Hx1DB58eM_0&v=NjgxYzc2MmVlMzI2NThlZjdiYzc5NmQ4OTYyNzU1NTIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMGViMS43MzI3OTIzMwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMTE3NC4zMDM1ODk1MwkxNjYzMzUzNTg2CWFkXzYzXzA=&l=OAlkNTc1OThlOTBkMzdiYmI2NzY2M2U0YjY2NWQwNzg5NQkwCTM1CTAJZDRjMjgzZmI1MDc2MWZiZjZlYTk0Y2NlYTU5MjAxNGIJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYzMzUzNTg2CTAuMDAwNDI1CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Df7Hx1DB58eM_0&v=NjgxYzc2MmVlMzI2NThlZjdiYzc5NmQ4OTYyNzU1NTIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMGViMS43MzI3OTIzMwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMTE3NC4zMDM1ODk1MwkxNjYzMzUzNTg2CWFkXzYzXzA=&l=OAlkNTc1OThlOTBkMzdiYmI2NzY2M2U0YjY2NWQwNzg5NQkwCTM1CTAJZDRjMjgzZmI1MDc2MWZiZjZlYTk0Y2NlYTU5MjAxNGIJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYzMzUzNTg2CTAuMDAwNDI1CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=16b92223020iynpxpt&version=1.7&pais=unknown&sub1=20220917-0439-444e-86d4-3b6ca936e8f7
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Fri, 16 Sep 2022 18:39:46 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Fri, 16 Sep 2022 18:39:46 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Df7Hx1DB58eM_0&v=NjgxYzc2MmVlMzI2NThlZjdiYzc5NmQ4OTYyNzU1NTIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMGViMS43MzI3OTIzMwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMTE3NC4zMDM1ODk1MwkxNjYzMzUzNTg2CWFkXzYzXzA=&l=OAlkNTc1OThlOTBkMzdiYmI2NzY2M2U0YjY2NWQwNzg5NQkwCTM1CTAJZDRjMjgzZmI1MDc2MWZiZjZlYTk0Y2NlYTU5MjAxNGIJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYzMzUzNTg2CTAuMDAwNDI1CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D
x-cache-miss-from: parking-77d45f54b-f2llz
server: NginX
ww16.best-targeted-traffic.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Df7Hx1DB58eM_0&v=NjgxYzc2MmVlMzI2NThlZjdiYzc5NmQ4OTYyNzU1NTIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMGViMS43MzI3OTIzMwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMTE3NC4zMDM1ODk1MwkxNjYzMzUzNTg2CWFkXzYzXzA=&l=OAlkNTc1OThlOTBkMzdiYmI2NzY2M2U0YjY2NWQwNzg5NQkwCTM1CTAJZDRjMjgzZmI1MDc2MWZiZjZlYTk0Y2NlYTU5MjAxNGIJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYzMzUzNTg2CTAuMDAwNDI1CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D
64.190.63.136302 Found 311 B URL HTTP/1.1 ww16.best-targeted-traffic.com/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Df7Hx1DB58eM_0&v=NjgxYzc2MmVlMzI2NThlZjdiYzc5NmQ4OTYyNzU1NTIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMGViMS43MzI3OTIzMwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMTE3NC4zMDM1ODk1MwkxNjYzMzUzNTg2CWFkXzYzXzA=&l=OAlkNTc1OThlOTBkMzdiYmI2NzY2M2U0YjY2NWQwNzg5NQkwCTM1CTAJZDRjMjgzZmI1MDc2MWZiZjZlYTk0Y2NlYTU5MjAxNGIJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYzMzUzNTg2CTAuMDAwNDI1CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4ca559d8bd8d4215a3355613ea4a4e5a
dc252e0cfec1bea85c9f00e176c2f76c1daf83e5
42955de29799071191f3d0c699cc7618b98aadd206683acd630909b4c29922a4
GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Df7Hx1DB58eM_0&v=NjgxYzc2MmVlMzI2NThlZjdiYzc5NmQ4OTYyNzU1NTIJMQl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMGViMS43MzI3OTIzMwl3dzE2LmJlc3QtdGFyZ2V0ZWQtdHJhZmZpYy5jb202MzI0YzJmMTExMTE3NC4zMDM1ODk1MwkxNjYzMzUzNTg2CWFkXzYzXzA=&l=OAlkNTc1OThlOTBkMzdiYmI2NzY2M2U0YjY2NWQwNzg5NQkwCTM1CTAJZDRjMjgzZmI1MDc2MWZiZjZlYTk0Y2NlYTU5MjAxNGIJNDA4MDEzNDk4CWJlc3QtdGFyZ2V0ZWQtdHJhZmZpYwkwCTYzCTYJMgkxNjYzMzUzNTg2CTAuMDAwNDI1CU4JMAkxCTE4MDUJMTIwNQkyNjUxMDY2Mwk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1
Host: ww16.best-targeted-traffic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/install.php?unq=16b92223020iynpxpt&version=1.7&pais=unknown&sub1=20220917-0439-444e-86d4-3b6ca936e8f7
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Fri, 16 Sep 2022 18:39:46 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Fri, 16 Sep 2022 18:39:46 GMT
location: http://xml.sedodna.com/click?i=f7Hx1DB58eM_0
x-cache-miss-from: parking-77d45f54b-cljmc
server: NginX
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6091
Expires: Fri, 16 Sep 2022 20:21:17 GMT
Date: Fri, 16 Sep 2022 18:39:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6091
Expires: Fri, 16 Sep 2022 20:21:17 GMT
Date: Fri, 16 Sep 2022 18:39:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7d4ee58e0f26ec6817dbab72aa7db6d
b6e634ef27eba9da38c6472565e0fdca6898e4f0
07db05a6ee70a699164ad55da47bfca58e6639956e256d902cbe0388cd7995c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8435
x-amzn-requestid: f6efd924-4f54-41a6-8771-087803b5b8ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0-EJaoAMFvtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b52-37c21ee857fe27d104b70337;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hhh1q_MrZVAaRWwmc1IuJbL3KhhwwHQgceaL15okbg4NvKJlWfUjyA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:02:34 GMT
age: 74232
etag: "b6e634ef27eba9da38c6472565e0fdca6898e4f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a4ed510756efe784c4ca84c61c4b5ba
10262867cfb19d3ba8f618e235d1a98531048f34
b5ba0de5ce381579e49e3e3c23244048fc8aac693ce0c977560f28b9a51f6a0b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10163
x-amzn-requestid: 7c849e5d-468e-4f6a-ad44-c7995bfa81bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvuGFU5oAMF_Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202cc0-5376d2432c79a3146b6c29f4;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:09:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: J5lOTqdLhgg3Hzfw3b86ScfLkODllGEA_y9xUSxBxBCS4sI5nAWKZQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 23:35:10 GMT
age: 68676
etag: "10262867cfb19d3ba8f618e235d1a98531048f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da1bd18c37b83b0ef4641036dc208eec
abb5c719ec9341c6d4146297a2a1eca171df9c81
0085a66912a814c619a1257545d36610c7109ba32f1b097176102d3d3db2c8d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12425
x-amzn-requestid: 96b5f0d2-1327-4180-9d48-f915630c3de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDqHyooAMFqyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-7d89d2d7024f6a821a62c948;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dxJEH4Jh8lAZ0T28BZnFLhWczwZ7oOaspCmR-SWudP32cF3BQc6wmw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:56:40 GMT
age: 74586
etag: "abb5c719ec9341c6d4146297a2a1eca171df9c81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 512280055633fcce9abc7d11a9816a24
de5c3e010fca76659455a144875a52c25fa72bdd
435eadb36830928b20d4cf8ead62134b75bd0ed3228489d9fdee66450bcbeaed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13536
x-amzn-requestid: 5533b257-1558-472b-aeb9-8207a78e1110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDzFa4IAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb1-05d0dfde7a488ed97d2a40d5;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aCCBUNe1NErAN4RiVGCdh-sBxSnMm-XfcFzE-h8IcCq6W1Om-UX45g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:46 GMT
age: 75240
etag: "de5c3e010fca76659455a144875a52c25fa72bdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6d17788c7d2a1a91e68eff48df14bd1
8e1090346d90bc69e7a95384e6a7a01154e31567
1e1eefa02e4c55e73be87a309ad5c2335856125cb678cff6ebc42c5ff73a0e2b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9904
x-amzn-requestid: a23cb4b3-db6e-48ae-90b1-3ecf6478bf52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDpH_CIAMFl4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-15869210609a18587467d1e2;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JyXQcHKFIksMgLMROqOfV1ZqdFKSp3QSIlGmXuDR6h88o9J6s-mgkw==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:14:32 GMT
age: 73514
etag: "8e1090346d90bc69e7a95384e6a7a01154e31567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f876cdc19dca10c62d83d19303512c7f
9f812c7bc1b42b0cea3e42694e7d1f6738789770
c647aac44ba9eb501eb7def781ca0168b4eb71a716283cc6f4e6782939a396cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12123
x-amzn-requestid: b04ac3c4-b4d8-4094-8b7d-bd229bb7d577
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yb2GvFnEoAMF-Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63216a2a-4e5927ac3f1d0b215ce5a8dc;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 05:44:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1W0Ito5yNmHNxtYBj5jOJQ3Z2OP_Shvhpj94YUDwLHQKzt-zgqjI8A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 03:12:38 GMT
age: 55628
etag: "9f812c7bc1b42b0cea3e42694e7d1f6738789770"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
xml.sedodna.com/click?i=f7Hx1DB58eM_0
173.239.53.32302 Found 0 B URL HTTP/1.1 xml.sedodna.com/click?i=f7Hx1DB58eM_0
IP 173.239.53.32:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=f7Hx1DB58eM_0 HTTP/1.1
Host: xml.sedodna.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://api.quotes.com/ef68ba66-35ee-11ed-b7bc-e1b3dc64ebff
Pragma: no-cache
api.quotes.com/ef68ba66-35ee-11ed-b7bc-e1b3dc64ebff
5.79.68.236200 OK 171 B URL HTTP/1.1 api.quotes.com/ef68ba66-35ee-11ed-b7bc-e1b3dc64ebff
IP 5.79.68.236:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 2ae9ba638923a373fcb986d3c456f39c
687a047aa80a3936a5c2517434397faa8d51b264
5dc050cea5b455f4267f13ac7dfb7628bbaf0c047a188c04a9b9056ecac2d65b
GET /ef68ba66-35ee-11ed-b7bc-e1b3dc64ebff HTTP/1.1
Host: api.quotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww16.best-targeted-traffic.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 171
content-type: text/html; charset=utf-8
date: Fri, 16 Sep 2022 18:39:46 GMT
server: nginx
api.quotes.com/ef68ba66-35ee-11ed-b7bc-e1b3dc64ebff?hr=1
5.79.68.236302 Found 11 B URL HTTP/1.1 api.quotes.com/ef68ba66-35ee-11ed-b7bc-e1b3dc64ebff?hr=1
IP 5.79.68.236:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /ef68ba66-35ee-11ed-b7bc-e1b3dc64ebff?hr=1 HTTP/1.1
Host: api.quotes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Fri, 16 Sep 2022 18:39:46 GMT
location: http://balor-ghn.com/zcvisitor/ef9ebe44-35ee-11ed-81be-0abceba5e34d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=3333e050-2de2-11ed-8859-0a918cbcbb97
server: nginx
balor-ghn.com/zcvisitor/ef9ebe44-35ee-11ed-81be-0abceba5e34d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=3333e050-2de2-11ed-8859-0a918cbcbb97
52.45.156.125200 996 B URL HTTP/1.1 balor-ghn.com/zcvisitor/ef9ebe44-35ee-11ed-81be-0abceba5e34d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=3333e050-2de2-11ed-8859-0a918cbcbb97
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 49d5f95328f3af7e7a38dc17c2a02582
66e0734cef4a43d1bfbfa90313b3599b7cf0cd6b
7a2b9891aece751701cf061083342140025f2ce4c04224488f36e2c9454f5a90
GET /zcvisitor/ef9ebe44-35ee-11ed-81be-0abceba5e34d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=3333e050-2de2-11ed-8859-0a918cbcbb97 HTTP/1.1
Host: balor-ghn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Fri, 16 Sep 2022 18:39:46 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: FimnOpYn
balor-ghn.com/zcredirect?visitid=ef9ebe44-35ee-11ed-81be-0abceba5e34d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
52.45.156.125200 794 B URL HTTP/1.1 balor-ghn.com/zcredirect?visitid=ef9ebe44-35ee-11ed-81be-0abceba5e34d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (354)
Hash 711699485e54b6771d88e20afc9fbd88
1bb5fce28e1aba506ff1109888c9c2cb34e74765
ca2b5847a322a471611261973eaa223f771b01b6c2ff513ee9baf50d526c5930
GET /zcredirect?visitid=ef9ebe44-35ee-11ed-81be-0abceba5e34d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: balor-ghn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balor-ghn.com/zcvisitor/ef9ebe44-35ee-11ed-81be-0abceba5e34d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=3333e050-2de2-11ed-8859-0a918cbcbb97
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Fri, 16 Sep 2022 18:39:47 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: MLgntVEj
balor-ghn.com/favicon.ico
52.45.156.125404 653 B URL HTTP/1.1 balor-ghn.com/favicon.ico
IP 52.45.156.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: balor-ghn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balor-ghn.com/zcredirect?visitid=ef9ebe44-35ee-11ed-81be-0abceba5e34d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
HTTP/1.1 404
Date: Fri, 16 Sep 2022 18:39:47 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: MLgntVEj
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fflirtyhoookup.com%2F%3Futm_source%3Dn19ck4pSWjZsA%26s1%3D719fbd40-273d-47b8-882f-683d1074b172%26s2%3Dwt5j92nof8o3ea3jift6k4c4&caid=2deaef68-c870-4247-a076-22d7e7f8e3ba&zpid=ef9ebe44-35ee-11ed-81be-0abceba5e34d&cid=wt5j92nof8o3ea3jift6k4c4&rt=R
18.197.36.77302 Found 0 B URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2Fflirtyhoookup.com%2F%3Futm_source%3Dn19ck4pSWjZsA%26s1%3D719fbd40-273d-47b8-882f-683d1074b172%26s2%3Dwt5j92nof8o3ea3jift6k4c4&caid=2deaef68-c870-4247-a076-22d7e7f8e3ba&zpid=ef9ebe44-35ee-11ed-81be-0abceba5e34d&cid=wt5j92nof8o3ea3jift6k4c4&rt=R
IP 18.197.36.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fflirtyhoookup.com%2F%3Futm_source%3Dn19ck4pSWjZsA%26s1%3D719fbd40-273d-47b8-882f-683d1074b172%26s2%3Dwt5j92nof8o3ea3jift6k4c4&caid=2deaef68-c870-4247-a076-22d7e7f8e3ba&zpid=ef9ebe44-35ee-11ed-81be-0abceba5e34d&cid=wt5j92nof8o3ea3jift6k4c4&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balor-ghn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 16 Sep 2022 18:39:47 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://flirtyhoookup.com/?utm_source=n19ck4pSWjZsA&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=wt5j92nof8o3ea3jift6k4c4
pragma: no-cache
set-cookie: cc-v4=QQ48Xn5h4g1p3i78JR0%2BUQg%2B77X36iFVK699u0qgOTz35%2Fgo5D3%2BdbVU1MOPWl1yc5JqSrrKrVQzaAn2EFlFTGo822FFzjC0odvlQGP7XjHagtAz%2FBTI0I2yEixXjrG3HjmlzlYbb0um%2FQOySZBV6Q%3D%3D; Max-Age=31536000; Expires=Sat, 16-Sep-2023 18:39:47 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 1a765a9b4d02c2056bc3245d5b0b4321
13140892105ea0ba938d516a2e2463846b496756
104b3cb6d5a4fcc526e799b920ad4c096bfa9e8a0011d522a328c96d2e659ac2
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 16 Sep 2022 18:39:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 16 Sep 2022 15:34:01 GMT
Expires: Sat, 17 Sep 2022 15:34:01 GMT
ETag: "13140892105ea0ba938d516a2e2463846b496756"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.arkdcz.com/MSJ7L4/HX6G2NF/?sub1=418543&sub2=NZUGsBlbfLdatPTZZBkxvAwgqjKsVBNhrd
34.149.6.227302 Found 169 B URL HTTP/2 www.arkdcz.com/MSJ7L4/HX6G2NF/?sub1=418543&sub2=NZUGsBlbfLdatPTZZBkxvAwgqjKsVBNhrd
IP 34.149.6.227:0
File type HTML document, ASCII text
Hash 672479a1dcf01d41f8ad62656a0c72d2
1e379cdad7eb524280a1dba3ce10d1e924e6eebe
ff87ca21666c40fb26bde66c4871912a9142e5ebe9f70688900f1c6c0cbc0466
Analyzer Verdict Alert quad9 Sinkholed
GET /MSJ7L4/HX6G2NF/?sub1=418543&sub2=NZUGsBlbfLdatPTZZBkxvAwgqjKsVBNhrd HTTP/1.1
Host: www.arkdcz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balor-ghn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 16 Sep 2022 18:39:47 GMT
content-type: text/html; charset=utf-8
content-length: 169
location: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
set-cookie: uniqueClick_HX6G2NF=0041fde4-16b3-4ee7-b1bb-5bed3329b7d7:1663353587; Path=/; Expires=Sat, 17 Sep 2022 18:39:47 GMT; Secure; SameSite=None
transaction_id=369e48577ecb4ac297d09dd5c1857305; Path=/; Expires=Thu, 15 Dec 2022 18:39:47 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 7dbdb3ea-e9c1-405f-b7a1-25fd29c6a7ad
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 1a765a9b4d02c2056bc3245d5b0b4321
13140892105ea0ba938d516a2e2463846b496756
104b3cb6d5a4fcc526e799b920ad4c096bfa9e8a0011d522a328c96d2e659ac2
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 16 Sep 2022 18:39:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 16 Sep 2022 15:34:01 GMT
Expires: Sat, 17 Sep 2022 15:34:01 GMT
ETag: "13140892105ea0ba938d516a2e2463846b496756"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash b1e36cd3cc6c77d4b839d710b053773f
3bda06fedcded9e49334e3e8cb82ae76d1065daf
28617245864f26868c7e6a405f0b1e1a6935c05cde88e705ec931a7cf3d5d641
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 18:39:48 GMT
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PJzd3YKPzsdkls-Eh50SdyS3Dn_WXUJgg84InpicijVbdafa0aTgHg==
go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
54.230.111.59200 OK 31 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
IP 54.230.111.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (53562), with no line terminators
Hash cebeb09c12885d3d7557ede39a6ecfbc
4f531a8020975285ce43d7730c044836a8c09633
7f3fad9f722e20ed052493b6331553fe5486310355f682ab8dd897acc1c9a62e
GET /vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4 HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balor-ghn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
date: Thu, 15 Sep 2022 18:58:38 GMT
last-modified: Thu, 23 Dec 2021 16:52:18 GMT
etag: W/"0d1c30819e500f4f596aa3421773d64f"
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: du3O1Scwj6Ka-DX870xyO_KF-fUwlujX6bimwA9TqruOMS__AzqxUg==
age: 85271
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/girls/hair01_tits01_tattoo01.png
54.230.111.59200 OK 331 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/girls/hair01_tits01_tattoo01.png
IP 54.230.111.59:0
File type PNG image data, 790 x 1600, 8-bit colormap, non-interlaced\012- data
Size 331 kB (330574 bytes)
Hash 8d7069ee14a82c9f9139a5d08882497a
0310dd9990c5888f8d51b4defa3ca78ce820b3e2
933adcdf66e29312523119f0f868488a25e92a5b05e0443c961ca80aaeb42a9f
GET /vrfttcyber/assets/images/girls/hair01_tits01_tattoo01.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 330574
last-modified: Thu, 02 Dec 2021 15:25:53 GMT
server: AmazonS3
date: Fri, 16 Sep 2022 00:55:41 GMT
etag: "8d7069ee14a82c9f9139a5d08882497a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WmGp9H8r6y-kTwajLAZpgqu3qCnXR25QdCQ-KLnCueSpx88zn2b3zA==
age: 63848
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/beyblade.gif
54.230.111.59200 OK 36 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/beyblade.gif
IP 54.230.111.59:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 93a41ee339dd621452c6aa4054e8eca8
a1f75cc251cbe7291cefd06fd91b4c35b6c93612
0ea3f03b9e168629659c281ec66fd5a82d36d7b6fd644381c18ecad41e62a5a3
GET /vrfttcyber/assets/images/beyblade.gif HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 36298
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
server: AmazonS3
date: Fri, 16 Sep 2022 03:26:19 GMT
etag: "93a41ee339dd621452c6aa4054e8eca8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D0p4tC-bLUy8S3ESen7CyjSm2FzqMJG3GHMa8djaAuPPiU41zX7LQA==
age: 54810
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/flags/us.png
54.230.111.59200 OK 2.4 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/flags/us.png
IP 54.230.111.59:0
File type PNG image data, 250 x 132, 8-bit colormap, non-interlaced\012- data
Hash a2080b2d193dbbd3cb34b32ad919da62
f822886642e0388d79c8f5917b41f27efbdec94b
5b38ab13f52bc95184012a4b6afafa3eca7a6ac03c762515b4550b4337548ca7
GET /vrfttcyber/assets/images/flags/us.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2375
last-modified: Thu, 02 Dec 2021 15:25:52 GMT
server: AmazonS3
date: Fri, 16 Sep 2022 05:17:30 GMT
etag: "a2080b2d193dbbd3cb34b32ad919da62"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -4xEtv_7aPomtk8pVdkGVI5jVMR5_NoRqrgELjuhP8uDigr0fUhFgQ==
age: 48139
X-Firefox-Spdy: h2
landers.of-bo.com/bundle.js
172.67.155.108200 OK 18 kB URL HTTP/2 landers.of-bo.com/bundle.js
IP 172.67.155.108:0
File type Unicode text, UTF-8 text, with very long lines (2014)
Hash 3ef943545aaed2008fd34e638b5c2441
79c4126c28f6110ff0228d2c2c7e0587fb63e30c
105f2530768f657f2553e67cff218d9a7452772ac4735243bb74cd75decb141d
GET /bundle.js HTTP/1.1
Host: landers.of-bo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:48 GMT
content-type: application/javascript
x-amz-id-2: E1iZQsAhGg3SjYuTzzcBGkhQtszxLD0aCyYnpV0H/N6wLcUlGLBdyO4Sc6M4P/KQrNMAcRotfEA=
x-amz-request-id: YGXAS2QERW7Z6X0K
last-modified: Tue, 09 Aug 2022 22:05:52 GMT
etag: W/"2f68fb7cd74453a748e232155e853e64"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4128
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xPw9kIQfpPZuMGhS2QOgXhFuAk1RDCk8mFo8Kvskdf%2B6H7wKoosh75ludKJzt%2BhB4XGl8oWRM9WI%2BwzKS%2FbcDKJ%2FhgTyDu%2BG6kHPp5gp4WQwLM8XjdukutcCEys9utrHmUPkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74bbba16dc541bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/themes/cyber/favicon/favicon.png
54.230.111.59200 OK 1.4 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/themes/cyber/favicon/favicon.png
IP 54.230.111.59:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 93a7efbb00d5e8f3bd556d7b9efb658e
fd6578509d9557cebe3e37fee5ae16dc25b09711
3274036fdc55ac82651c2146f211e508703e5ae97875c722e8b3694df636cd9d
GET /vrfttcyber/assets/images/themes/cyber/favicon/favicon.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1421
last-modified: Thu, 02 Dec 2021 15:26:08 GMT
server: AmazonS3
date: Fri, 16 Sep 2022 03:26:34 GMT
etag: "93a7efbb00d5e8f3bd556d7b9efb658e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SKbd4apIiWvlLggubQnQKsRWNWd8EPUIJXM0WNm_Wl54IWINAVQq3g==
age: 54795
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/btn.png
54.230.111.59200 OK 2.0 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/btn.png
IP 54.230.111.59:0
File type PNG image data, 343 x 79, 8-bit/color RGBA, non-interlaced\012- data
Hash 08913323d52eadb319526e6fbe2e677b
eff7964b7f5ed2ef285593fab5ed7b89e358b401
f0a7b6d7c1ed46c5056a52e6ab470959a0671cf03b5ae22e97a37591ba14aa03
GET /vrfttcyber/assets/images/btn.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1968
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
server: AmazonS3
date: Fri, 16 Sep 2022 03:26:20 GMT
etag: "08913323d52eadb319526e6fbe2e677b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: adM0Aw0ScTSQkMmk3IZvHQK7sS7KMyDllPdxc4tYxS5NE1kxmcP8YA==
age: 54809
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/sounds/general/click1.mp3
54.230.111.59206 Partial Content 17 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/sounds/general/click1.mp3
IP 54.230.111.59:0
File type Audio file with ID3 version 2.2.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, JntStereo\012- data
Hash 4838176bcd52d9b69d6d48c1870ca579
5a0892ccae91806a9695c5be1f2752e122608d8e
781bb8d577f6448612e8fa861dfa39d64a2e5961c17a58c79ef4bcdf4131847b
GET /vrfttcyber/assets/sounds/general/click1.mp3 HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: application/octet-stream
content-length: 16635
last-modified: Thu, 02 Dec 2021 15:26:03 GMT
server: AmazonS3
date: Thu, 15 Sep 2022 18:57:25 GMT
etag: "4838176bcd52d9b69d6d48c1870ca579"
vary: Accept-Encoding
content-range: bytes 0-16634/16635
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NdWV7Zz8vvF75Rh2_YUq24u1tkfpsPI5hKZc0cSRX19bEtRAfs-8Og==
age: 85344
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/sounds/general/click2.mp3
54.230.111.59206 Partial Content 16 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/sounds/general/click2.mp3
IP 54.230.111.59:0
File type Audio file with ID3 version 2.2.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, JntStereo\012- data
Hash 2694fd6fc680f77dcf1ae58d9b8ba926
6016e8fb7136ec769fbe6d120c7c97d390922564
4266071bbd14949a438e1d9a958cac2f0b128963b6f6e9fa96b005ed8e718f9e
GET /vrfttcyber/assets/sounds/general/click2.mp3 HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: application/octet-stream
content-length: 15590
last-modified: Thu, 02 Dec 2021 15:26:03 GMT
server: AmazonS3
date: Fri, 16 Sep 2022 03:19:04 GMT
etag: "2694fd6fc680f77dcf1ae58d9b8ba926"
vary: Accept-Encoding
content-range: bytes 0-15589/15590
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ag59Lvmy6Rr-fP1V7Xd6Q-hB7beZjGbjse5I1WhBGBJKCL_A087-xg==
age: 55245
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/box.png
54.230.111.59200 OK 13 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/box.png
IP 54.230.111.59:0
File type PNG image data, 747 x 644, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fcc2772acc897c48dae5c6f52093388
c8a80e850168e1fd7b761327dd460054e7451d8e
e73f3a488ee9e68ff4484df002b38a200aee2170617bb0746e05c7f992135805
GET /vrfttcyber/assets/images/box.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 13243
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
server: AmazonS3
date: Fri, 16 Sep 2022 06:30:05 GMT
etag: "0fcc2772acc897c48dae5c6f52093388"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ptw3heh_WOvVD_3rEMNpfFUROP2jMeYSl1urIgQ-QU8wbP8xG-vGdw==
age: 43784
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/browsers/firefox.png
54.230.111.59200 OK 128 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/browsers/firefox.png
IP 54.230.111.59:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size 128 kB (127454 bytes)
Hash ff5982c71adc3b6a987a2192b6008949
c2819962300bfa4db9dd7ee6f22e35ea910a3808
612ec2b0a5a9d4b3841189d8c4af98509df5ac48eeea5ab1945dfd0e1eab78b3
GET /vrfttcyber/assets/images/browsers/firefox.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 127454
last-modified: Thu, 02 Dec 2021 15:25:36 GMT
server: AmazonS3
date: Fri, 16 Sep 2022 18:39:48 GMT
etag: "ff5982c71adc3b6a987a2192b6008949"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _OGakqZ6_ql5D2-ao08RLkHP764fA_u4oQtt3aRWeAJa5U9BdYlWLg==
age: 38120
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/sounds/general/music.mp3
54.230.111.59206 Partial Content 3.2 MB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/sounds/general/music.mp3
IP 54.230.111.59:0
File type Audio file with ID3 version 2.2.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, JntStereo\012- data
Size 3.2 MB (3165435 bytes)
Hash 8482f7c1977139c5f5bbb2af66e88e01
0a7325177e7b98d2809f05beb496a301fb8a1d3b
6cb796e9dc70bd32aca90e420a8e7b3cc548569f42d876e384e0d073d3b4c7a1
GET /vrfttcyber/assets/sounds/general/music.mp3 HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: application/octet-stream
content-length: 3165435
last-modified: Thu, 02 Dec 2021 15:26:05 GMT
server: AmazonS3
date: Fri, 16 Sep 2022 03:47:31 GMT
etag: "8482f7c1977139c5f5bbb2af66e88e01"
vary: Accept-Encoding
content-range: bytes 0-3165434/3165435
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m7fCyGI6nJSBrA_Op2I9_zoSo97yPliOJ8naPcrEND1IsXfV9A0QbQ==
age: 53538
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/themes/cyber/background/bkg.jpg
54.230.111.59200 OK 14 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/themes/cyber/background/bkg.jpg
IP 54.230.111.59:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1081, components 3\012- data
Hash d5dabdf9d18c947ea72fe90f8c39e31e
33a5e90f4a59072ab4b3d73204fff01d6a08a0f8
d940cab6f0a1fe6a425596757ac2a10b89fb4311acfd34aba2f075c0e2338f09
GET /vrfttcyber/assets/images/themes/cyber/background/bkg.jpg HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 13989
last-modified: Thu, 02 Dec 2021 15:26:08 GMT
server: AmazonS3
date: Fri, 16 Sep 2022 01:51:45 GMT
etag: "d5dabdf9d18c947ea72fe90f8c39e31e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LC4juVAmciZKXXoj__uR8DUcw9TEBQktP9KjAb6JLhXXBDk3LjvBUA==
age: 60484
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/flags/no.png
54.230.111.59200 OK 414 B URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/flags/no.png
IP 54.230.111.59:0
File type PNG image data, 250 x 182, 8-bit colormap, non-interlaced\012- data
Hash 55946900ad615ec4b62748677444f5b7
8a0f25e081a3266ef7f8ab939417d5c7d48a09d7
c82386961fded0d9947ad3320b7ff4c066eea989d082b6409a0815ce0f9a6eb5
GET /vrfttcyber/assets/images/flags/no.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 414
last-modified: Thu, 02 Dec 2021 15:25:47 GMT
server: AmazonS3
date: Fri, 16 Sep 2022 14:36:36 GMT
etag: "55946900ad615ec4b62748677444f5b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: suH17A598XnFMHD7gejoX4MaUH1KPpikD897aA-hrT669nBWJpx7ag==
age: 14593
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash d89aa5f1ad91be0934d86c64a20383f4
3f41d56825e42d09a103dd06c7ddb7f48924e0af
7af30e8952a54f1acbc04b510fd2c0c0906b65a42fc47f6e880e7b4ce7fd10ea
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 18:39:48 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xNWdft986eRvgLFaZklmgFBWdL3lrq3pn7YTagI1uUXimoJT5aeWIQ==
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 7f6c81d19291c2f051edd5565179f492
3591e81fa38d6cdf38c6cadfae511bbdae5f0c1e
21ca50f5004077beaf87fcd4b636c23c486279aaa5ec0b3d060fa99ec6049789
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:39:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 20 Sep 2022 16:38:10 GMT
ETag: "3591e81fa38d6cdf38c6cadfae511bbdae5f0c1e"
Last-Modified: Fri, 16 Sep 2022 16:38:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74bbba1e5ee6b52d-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de6a7404372ceec9ea02e71f8752f893
16ccd8541ebfae88f36391d660178588f3a8960e
8d3727c905955b13abb5088ad5cb15bb56fb026fa0d8db145f40cf2b454ed45b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D3727C905955B13ABB5088AD5CB15BB56FB026FA0D8DB145F40CF2B454ED45B"
Last-Modified: Wed, 14 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7490
Expires: Fri, 16 Sep 2022 20:44:40 GMT
Date: Fri, 16 Sep 2022 18:39:50 GMT
Connection: keep-alive
qcklgn.com/signup/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47274-490389.415.369e48577ecb4ac297d09dd5c1857305
163.171.140.79302 Found 37 kB URL HTTP/2 qcklgn.com/signup/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47274-490389.415.369e48577ecb4ac297d09dd5c1857305
IP 163.171.140.79:0
ASN #54994 QUANTILNETWORKS
File type gzip compressed data, max speed, from Unix\012- data
Hash 06d4ddcff8634dbdc798ab6adeaed08c
10f1ae5c5208d7a66c2678ad6574992222ae532a
eb7ba87ea15cc8b55ec1666b568c274475f333076d6a3d51580561c5280f294c
GET /signup/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47274-490389.415.369e48577ecb4ac297d09dd5c1857305 HTTP/1.1
Host: qcklgn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.cyberslut2069.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 16 Sep 2022 18:39:49 GMT
content-type: text/html; charset=UTF-8
server: PWS/8.3.1.0.8
set-cookie: PHPSESSID=1d2baa9be9a273d7f0ae143b69841a55; path=/; secure; SameSite=None
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47274-490389.415.369e48577ecb4ac297d09dd5c1857305&epcCID=96R9kcTbledfYaS178q0p4R87crek8xfA&rtid=7825917889
via: 1.1 PSmglsjLAX2hu177:8 (W), 1.1 PShlamstdAMS1cc96:17 (W)
x-px: ms PShlamstdAMS1cc96AMS,ms PSmglsjLAX2hu177LAX(origin)
x-ws-request-id: 6324c2f5_PShlamstdAMS1se91_28946-9372
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
152.199.19.160200 OK 9.8 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (32033)
Hash 432ca07a1a844dbb27f9e0ab0d468be5
7fdaf858d702f84536a515c675b4028ce2eb0cfa
12732099d21835fabf83a93eec52f7cf1847cd64a0572d18917b2e13b06d5cf0
GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dngsnl.com
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 4986135
cache-control: public,max-age=31536000
content-type: application/javascript
date: Fri, 16 Sep 2022 18:39:50 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:39:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:39:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:39:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
216.58.207.202200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 216.58.207.202:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dngsnl.com
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 13:42:27 GMT
expires: Sat, 16 Sep 2023 13:42:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 17843
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dngsnl.com/common_tpls/compactML/css/epcjfgacs2.css
207.120.33.5200 OK 8.9 kB URL HTTP/2 dngsnl.com/common_tpls/compactML/css/epcjfgacs2.css
IP 207.120.33.5:0
Hash 8baefa9235356383901af17857ab60c7
6281517070ee798472613658703156ac35c07ae4
3f25245183ea47e8d4b9846dd1a0412b463ae4290f4dc9650723ba9219bd82e3
GET /common_tpls/compactML/css/epcjfgacs2.css HTTP/1.1
Host: dngsnl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47274-490389.415.369e48577ecb4ac297d09dd5c1857305&epcCID=96R9kcTbledfYaS178q0p4R87crek8xfA&rtid=7825917889
Cookie: PHPSESSID=1a970cf04ba13867cabb044260c03def
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:50 GMT
content-type: text/css
content-length: 8861
last-modified: Thu, 15 Jul 2021 14:50:13 GMT
etag: W/"60f04b25-bac6"
content-encoding: gzip
section-io-cache-id: 26ce69bb50e0e097bc4db1c530bc52d1
vary: Accept-Encoding
x-varnish: 4317014 719551
age: 8410
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 198dc2a677672bba1af4e1b634d6d3ba
X-Firefox-Spdy: h2
dngsnl.com/common_tpls/images/icons/email.png
207.120.33.5200 OK 1.3 kB URL HTTP/2 dngsnl.com/common_tpls/images/icons/email.png
IP 207.120.33.5:0
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash a86d99b9176d82a211cfa29b2f0b353f
62947ddfd87e3a21869818885e4bfa4e55ad0c11
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
GET /common_tpls/images/icons/email.png HTTP/1.1
Host: dngsnl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47274-490389.415.369e48577ecb4ac297d09dd5c1857305&epcCID=96R9kcTbledfYaS178q0p4R87crek8xfA&rtid=7825917889
Cookie: PHPSESSID=1a970cf04ba13867cabb044260c03def
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:50 GMT
content-type: image/png
content-length: 1254
last-modified: Tue, 16 Jun 2020 16:45:10 GMT
etag: "5ee8f716-4e6"
section-io-cache-id: 5330257719d4f9f16dbf3e5e1abf1b89
x-varnish: 5091846 5016054
age: 9472
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 439e513c61064a0ddde9566ba271f528
X-Firefox-Spdy: h2
dngsnl.com/common_tpls/images/icons/password.png
207.120.33.5200 OK 1.5 kB URL HTTP/2 dngsnl.com/common_tpls/images/icons/password.png
IP 207.120.33.5:0
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 6f100f1cdbdce928118ffa4c9293ca5b
6b1a3593e792d4c00187d60560dd03fb42df1156
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
GET /common_tpls/images/icons/password.png HTTP/1.1
Host: dngsnl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47274-490389.415.369e48577ecb4ac297d09dd5c1857305&epcCID=96R9kcTbledfYaS178q0p4R87crek8xfA&rtid=7825917889
Cookie: PHPSESSID=1a970cf04ba13867cabb044260c03def
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:50 GMT
content-type: image/png
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:35:03 GMT
etag: "599c5d37-5ac"
section-io-cache-id: bc31f23e674b77a3fd1877ab731a926d
x-varnish: 4317016 5049028
age: 9388
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: dd418e5be3750030f28cc3e9e23469b5
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 18:39:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
104.18.22.52200 OK 54 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
IP 104.18.22.52:0
File type ASCII text, with very long lines (65397)
Hash dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dngsnl.com/
Origin: https://dngsnl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:50 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1297089
accept-ranges: bytes
server: cloudflare
cf-ray: 74bbba2678ba0b55-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
104.18.22.52200 OK 2.6 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP 104.18.22.52:0
File type ASCII text, with very long lines (27832)
Hash eaaabd3f60063923cd5333eb1d7a20a1
0da69706105e28896a1f6eeaa91d5bec1b82f7f1
f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dngsnl.com/
Origin: https://dngsnl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:50 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1297089
accept-ranges: bytes
server: cloudflare
cf-ray: 74bbba2688c00b55-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
104.18.22.52200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP 104.18.22.52:0
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dngsnl.com/
Origin: https://dngsnl.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:50 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1297089
accept-ranges: bytes
server: cloudflare
cf-ray: 74bbba2688bf0b55-OSL
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 084cb4156537cd3f488e70d97e781fdc
77e577ecc8f84ef0db37f42fd3a64ec5a8bcde8a
119361308e554a2715071f9b4ace5a998a761f15e34d24991eadec05fbfb04ee
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:39:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 20 Sep 2022 15:49:31 GMT
ETag: "77e577ecc8f84ef0db37f42fd3a64ec5a8bcde8a"
Last-Modified: Fri, 16 Sep 2022 15:49:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3600
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74bbba269f7eb52d-OSL
dngsnl.com/common_tpls/js/iframeResizer.contentWindow.min.js
207.120.33.5200 OK 23 kB URL HTTP/2 dngsnl.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP 207.120.33.5:0
File type ASCII text, with very long lines (32062)
Hash 4f3cb7aca3c69775c83c47935058ca89
498afc4d9c68e0d6716df486f530068a28567538
eba581c4ff14c5185c5f05d2783fd908c8de4ef27ad0467285ad741b0ed6cc70
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: dngsnl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47274-490389.415.369e48577ecb4ac297d09dd5c1857305&epcCID=96R9kcTbledfYaS178q0p4R87crek8xfA&rtid=7825917889
Cookie: PHPSESSID=1a970cf04ba13867cabb044260c03def
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:05:04 GMT
etag: W/"56b368a0-3445"
section-io-cache-id: 6cbe6449ba9d04b138a21cd41bfcb011
x-varnish: 5091847 4114743
age: 9371
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 03077f59bee89b381d47cf8d5bb34fe9
X-Firefox-Spdy: h2
dngsnl.com/acct/trk/?rtid=7825917889
207.120.33.5200 OK 21 B URL HTTP/2 dngsnl.com/acct/trk/?rtid=7825917889
IP 207.120.33.5:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c27aa721f24af09f6d254d439b25bfff
633765890f16b93bace5917d76adea8423b35d88
b83927321c58177bf2b89a4918bcb4b108dab356bdd718d80a4bfdc43a539372
GET /acct/trk/?rtid=7825917889 HTTP/1.1
Host: dngsnl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6IjYyZjk2NWEzY2U3NDM3MWMiLCJ0ciI6IjQ3ZWNmMWQzYTgzMzQ2NjUxMjc5ODkwMTllZjcxYTZiIiwidGkiOjE2NjMzNTM1NzQ2Nzd9fQ==
traceparent: 00-47ecf1d3a8334665127989019ef71a6b-62f965a3ce74371c-01
tracestate: 3355250@nr=0-1-3355250-1103078842-62f965a3ce74371c----1663353574677
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47274-490389.415.369e48577ecb4ac297d09dd5c1857305&epcCID=96R9kcTbledfYaS178q0p4R87crek8xfA&rtid=7825917889
Cookie: PHPSESSID=1a970cf04ba13867cabb044260c03def
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:51 GMT
content-type: text/json;charset=UTF-8
content-length: 21
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 524129
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: baeba8d47f80a8243baaba8dfbe6f40a
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2801&ck=1&ref=https://dngsnl.com/acct/epc68088/add/&ap=87&be=2258&fe=2675&dc=2671&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663353571986,%22n%22:0,%22f%22:1524,%22dn%22:1526,%22dne%22:1553,%22c%22:1553,%22s%22:1658,%22ce%22:1870,%22rq%22:1870,%22rp%22:2148,%22rpe%22:2148,%22dl%22:2151,%22di%22:2658,%22ds%22:2671,%22de%22:2673,%22dc%22:2673,%22l%22:2673,%22le%22:2677%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2801&ck=1&ref=https://dngsnl.com/acct/epc68088/add/&ap=87&be=2258&fe=2675&dc=2671&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663353571986,%22n%22:0,%22f%22:1524,%22dn%22:1526,%22dne%22:1553,%22c%22:1553,%22s%22:1658,%22ce%22:1870,%22rq%22:1870,%22rp%22:2148,%22rpe%22:2148,%22dl%22:2151,%22di%22:2658,%22ds%22:2671,%22de%22:2673,%22dc%22:2673,%22l%22:2673,%22le%22:2677%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2801&ck=1&ref=https://dngsnl.com/acct/epc68088/add/&ap=87&be=2258&fe=2675&dc=2671&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1663353571986,%22n%22:0,%22f%22:1524,%22dn%22:1526,%22dne%22:1553,%22c%22:1553,%22s%22:1658,%22ce%22:1870,%22rq%22:1870,%22rp%22:2148,%22rpe%22:2148,%22dl%22:2151,%22di%22:2658,%22ds%22:2671,%22de%22:2673,%22dc%22:2673,%22l%22:2673,%22le%22:2677%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:39:51 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74bbba29baa1b52d-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=2056d15296a2934f; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=3104&ck=1&ref=https://dngsnl.com/acct/epc68088/add/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=3104&ck=1&ref=https://dngsnl.com/acct/epc68088/add/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=3104&ck=1&ref=https://dngsnl.com/acct/epc68088/add/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 670
Origin: https://dngsnl.com
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 18:39:51 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 74bbba2aeb86b52d-OSL
Access-Control-Allow-Origin: https://dngsnl.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be0dbac-eae3-494b-bc73-d4df7f6c2f33.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be0dbac-eae3-494b-bc73-d4df7f6c2f33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69c9db5022c0c66909867f1e0946f5a8
9825e0fc606dc983280a6cd05803bb07e3435ef6
f2809509eee24ed69e6003ac9263423ea949bcc9205969c6cdd476e89ede9b01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be0dbac-eae3-494b-bc73-d4df7f6c2f33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8864
x-amzn-requestid: 6e1a82d1-e35e-4d77-be31-6969a13918da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU_6GiXoAMFaLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b98-46ca0525157031324749ee5b;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:39:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: X9B4DU53PxJ-J5Ou1wg_TH_yfN3N1lF1SMMr3iV9-gM7j_sPirhcwA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:51:03 GMT
age: 74930
etag: "9825e0fc606dc983280a6cd05803bb07e3435ef6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kit.fontawesome.com/b314bdf1b3.js
104.18.22.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/b314bdf1b3.js
IP 104.18.22.52:0
GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dngsnl.com
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:50 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxDOkOaSbBI2tu8RsiEC
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 74bbba25b80f0b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap
IP 142.250.74.10:0
GET /css2?family=Poppins:wght@300;400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 18:39:50 GMT
date: Fri, 16 Sep 2022 18:39:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.10:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 18:39:50 GMT
date: Fri, 16 Sep 2022 18:39:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dngsnl.com/common_tpls/js/validate_form_v2.js?jsv=25
207.120.33.5200 OK 0 B URL HTTP/2 dngsnl.com/common_tpls/js/validate_form_v2.js?jsv=25
IP 207.120.33.5:0
GET /common_tpls/js/validate_form_v2.js?jsv=25 HTTP/1.1
Host: dngsnl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47274-490389.415.369e48577ecb4ac297d09dd5c1857305&epcCID=96R9kcTbledfYaS178q0p4R87crek8xfA&rtid=7825917889
Cookie: PHPSESSID=1a970cf04ba13867cabb044260c03def
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 27 Jul 2022 20:38:46 GMT
etag: W/"62e1a256-5a7b"
section-io-cache-id: 5ac5910a03c75c31cf93bc767db34923
x-varnish: 4317015 4336555
age: 9403
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: be622781f40ea25c892fa51508891650
X-Firefox-Spdy: h2
flirtyhoookup.com/?utm_source=n19ck4pSWjZsA&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=wt5j92nof8o3ea3jift6k4c4
104.21.52.165302 Found 0 B URL HTTP/2 flirtyhoookup.com/?utm_source=n19ck4pSWjZsA&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=wt5j92nof8o3ea3jift6k4c4
IP 104.21.52.165:0
GET /?utm_source=n19ck4pSWjZsA&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=wt5j92nof8o3ea3jift6k4c4 HTTP/1.1
Host: flirtyhoookup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balor-ghn.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 16 Sep 2022 18:39:47 GMT
content-type: text/html; charset=utf-8
location: https://www.arkdcz.com/MSJ7L4/HX6G2NF/?sub1=418543&sub2=NZUGsBlbfLdatPTZZBkxvAwgqjKsVBNhrd
cache-control: max-age=0, private, must-revalidate
cross-origin-window-policy: deny
set-cookie: k=SFMyNTY.g3QAAAAEbQAAAARhdW5xdAAAAAFtAAAABTMxNTQ4bQAAAAp3V0VCYWxXR05wbQAAAANoaWRtAAAAIk5aVUdzQmxiZkxkYXRQVFpaQmt4dkF3Z3FqS3NWQk5ocmRtAAAAAmhsZAADbmlsbQAAAAN1bnFtAAAADEdyaG5WamxKcVpDSg.W0dYkDiFSMdByfhwzNS-GGWm8fbuHciJ_C-jseLjFXE; path=/; expires=Sat, 16 Sep 2023 18:39:47 GMT; max-age=31536000
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzDAUwGGPvZ02BDwHqOvqXmiqP5X7lPtzF4A2V9wXLH1ct3a5pWRD277cLpzEnV01ZPfX%2F%2BaqpU%2FsKmQYcY5MElBPqA54iE3SqsiAw8Wbc6mjQls7XChQCRneo%2BdG23MBUm63g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74bbba117d801bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/font/tomorrow.ttf
54.230.111.59200 OK 0 B URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/font/tomorrow.ttf
IP 54.230.111.59:0
GET /vrfttcyber/assets/font/tomorrow.ttf HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=369e48577ecb4ac297d09dd5c1857305&tk=MSJ7L4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-ttf
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 16 Sep 2022 03:47:31 GMT
etag: W/"0a9ac70c15e2fc709830d2eccb2b8cff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tDuCNJ6SF8H1MgJU7Uut3Y0TPFSanAJsGOtd9TCxWTMT6pSSYnc2Yw==
age: 53538
X-Firefox-Spdy: h2
geoip.enlistsecureup.com/?v=1
163.171.128.172200 OK 0 B URL HTTP/2 geoip.enlistsecureup.com/?v=1
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
GET /?v=1 HTTP/1.1
Host: geoip.enlistsecureup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:51 GMT
content-type: application/javascript
server: waf/4.31.19-2.el6
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-via: 1.1 PS-DFW-01gGZ147:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
x-ws-request-id: 6324c2f6_PS-FRA-01lai110_9749-44391
set-cookie: HMF_CI=5ec31d790a983e0c9d2c6f7496f9e02114fa8ca5a247d4c32d841a84b2c15f621596412e6317d29e8adb63440083d924300d16943a78117be193a4c634d111fe50; Expires=Sun, 16-Oct-22 18:39:51 GMT; Path=/
X-Firefox-Spdy: h2
country.gameops.tech/geoip/country?callback=window.gapwn.get_country
104.21.70.147200 OK 0 B URL HTTP/2 country.gameops.tech/geoip/country?callback=window.gapwn.get_country
IP 104.21.70.147:0
GET /geoip/country?callback=window.gapwn.get_country HTTP/1.1
Host: country.gameops.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:48 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
x-content-type-options: nosniff
etag: W/"20d-sKpKw8KGhimKVxiVkhkJPWK187k"
via: 1.1 varnish
age: 1777
x-served-by: cache-bma1623-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663353589.590144,VS0,VE1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSFmiQMnTL2yrLqtgPuiLKm12ju8kVrnlE3AR%2FX86W11HQC4yPBYUldFGoW%2FjQATKO3kuqI6IYu65GgbadosDD%2BnOirfIAHiOKyOEJbXknHeCe7vIBrJYRoesbISLFsR0nMGO%2B9ozA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74bbba18aad20b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dngsnl.com/common_tpls/js/form_support.js?v=1516308712
207.120.33.5200 OK 0 B URL HTTP/2 dngsnl.com/common_tpls/js/form_support.js?v=1516308712
IP 207.120.33.5:0
GET /common_tpls/js/form_support.js?v=1516308712 HTTP/1.1
Host: dngsnl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dngsnl.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47274-490389.415.369e48577ecb4ac297d09dd5c1857305&epcCID=96R9kcTbledfYaS178q0p4R87crek8xfA&rtid=7825917889
Cookie: PHPSESSID=1a970cf04ba13867cabb044260c03def
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 18:39:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jan 2021 00:12:19 GMT
etag: W/"600623e3-3d1"
section-io-cache-id: 06206e5782e914e569ce5822ebbf5862
x-varnish: 4766721 4081648
age: 9403
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 9da7594439772740fae9967794fe82d4
X-Firefox-Spdy: h2