caseid1007859469834578546.web.app/
199.36.158.100301 Moved Permanently 0 B URL HTTP/1.1 caseid1007859469834578546.web.app/
IP 199.36.158.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: caseid1007859469834578546.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://caseid1007859469834578546.web.app/
Accept-Ranges: bytes
Date: Thu, 10 Nov 2022 02:38:03 GMT
X-Served-By: cache-bma1652-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1668047883.032241,VS0,VE0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7320
Expires: Thu, 10 Nov 2022 04:40:03 GMT
Date: Thu, 10 Nov 2022 02:38:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6356
Cache-Control: max-age=121137
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:38:03 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 12:17:00 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6356
Cache-Control: max-age=121137
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:38:03 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 12:17:00 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10489
Expires: Thu, 10 Nov 2022 05:32:52 GMT
Date: Thu, 10 Nov 2022 02:38:03 GMT
Connection: keep-alive
caseid1007859469834578546.web.app/
199.36.158.100200 OK 136 B URL HTTP/2 caseid1007859469834578546.web.app/
IP 199.36.158.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5c6446453455c1f16d519e9eee07ea98
6cd02d69f20251a6565a7ae8e076bd293bd1a7d6
3ba5fc8dea326d319905698bd45e5923d9e592b553854a81adf97bf1f93e4044
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: caseid1007859469834578546.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "856fb8f5269a61e583d0fd606b383973dce7729c1efd356dc850971cb32ea150-br"
last-modified: Tue, 08 Nov 2022 18:38:08 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Thu, 10 Nov 2022 02:38:03 GMT
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668047883.304228,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 136
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4int/8EklPeV1cd0
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4int/8EklPeV1cd0
IP 142.250.74.35:0
Hash 0ec8c56471df57ac688cf48cf18a9d20
fd323113f9a8098b65df8086287f66c93ba773ee
58dce4487dfa201cd8004668bf396d39d989070303f5a0cc9610fe3029d42820
POST /s/gts1d4int/8EklPeV1cd0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:38:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 02:38:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 91575062dc567c9a2fcdca0e56d87fea
23a41161a9572b54390cc6f971a11616a2b6b02c
e5e368d9457316a4e696ee2ff57b350a36cc8c0874ea59439f2a3a8c2e17fc38
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E5E368D9457316A4E696EE2FF57B350A36CC8C0874EA59439F2A3A8C2E17FC38"
Last-Modified: Mon, 07 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3563
Expires: Thu, 10 Nov 2022 03:37:26 GMT
Date: Thu, 10 Nov 2022 02:38:03 GMT
Connection: keep-alive
metacaseid.100347856345073495.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=767b68e8d85bb500
104.21.67.163200 OK 42 B URL HTTP/2 metacaseid.100347856345073495.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=767b68e8d85bb500
IP 104.21.67.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=767b68e8d85bb500 HTTP/1.1
Host: metacaseid.100347856345073495.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metacaseid.100347856345073495.com/?fbclid=1008976410909510926469
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 02:38:03 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 08 Nov 2022 13:16:22 GMT
etag: "636a56a6-2a"
server: cloudflare
cf-ray: 767b68eae92bb500-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 10 Nov 2022 04:38:03 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gUHntDGfQX0dSCUAeKZDABrk1lYDZAEXnSglg3RbEApJvsflj0eUm08VM7AXh/+Bgh3Nn/F5GrA=
x-amz-request-id: N904ARQ3TBXZMQVD
date: Thu, 10 Nov 2022 02:38:04 GMT
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-disposition: attachment
accept-ranges: bytes
content-type: binary/octet-stream
server: AmazonS3
content-length: 5348
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
metacaseid.100347856345073495.com/favicon.ico
104.21.67.163404 Not Found 958 B URL HTTP/2 metacaseid.100347856345073495.com/favicon.ico
IP 104.21.67.163:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 7e6a992d43f1724edefebca24099fe13
97d35f65e4e0f882b433e3863942e849961b3dbc
138a826d563575d6f0426a3dd9ab3ace4a857125ef18f2da829efaf46ded59e4
GET /favicon.ico HTTP/1.1
Host: metacaseid.100347856345073495.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metacaseid.100347856345073495.com/?fbclid=1008976410909510926469
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 10 Nov 2022 02:38:04 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4pKLG9uw0ozJ6uYQNGXxScn%2F36JomqV2krzx2DQREjWgH%2FmQ%2BVc6aF0jbEMgjidlwOBsgpH9vKvoozHk3XsrUPtDbDSy79zx%2BeW8cv9IpJkDqJCXYtpiy4VOgwG%2B99axNEVPCp6DNHOj5wbmrcMqhtY0Jo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767b68ea890db500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4504
Cache-Control: max-age=114229
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:38:04 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 10:21:53 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.231.36101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.231.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: q2GfR7T98byvdar3QdxGUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9bL81/BCSepSga5B6LnMWkyUZX0=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65299)
Hash 84e585e508257b149cf52b5ba65dafba
141cd4a3560a4dd2b4fdf9e961079c300f494030
1a00d92371bb1b61d8fdce1473af8c69798eaa34ee7941f58babd75c8283d56d
GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metacaseid.100347856345073495.com
Connection: keep-alive
Referer: https://metacaseid.100347856345073495.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 10 Nov 2022 02:38:05 GMT
age: 20194240
x-served-by: cache-fra19122-FRA, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22442
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/css/bootstrap.min.css
151.101.85.229200 OK 30 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/css/bootstrap.min.css
IP 151.101.85.229:0
Hash 7c7982f27f78f46791d9b43f1493d5bd
014f6e1ec505a66c3b0204fda94dbe94e914f491
1303be4ffd3a1eab438181cf89cf0fd11668636c6825191a10283fb370d58971
GET /npm/bootstrap@4.4.1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metacaseid.100347856345073495.com
Connection: keep-alive
Referer: https://metacaseid.100347856345073495.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.4.1
x-jsd-version-type: version
etag: W/"26f1b-0wURD7eRE6lhOUtDPYUaNBA0K4w"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 10 Nov 2022 02:38:05 GMT
age: 14003171
x-served-by: cache-fra19134-FRA, cache-bma1659-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23674
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
172.217.21.170200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 172.217.21.170:0
File type ASCII text, with very long lines (65447)
Hash 7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metacaseid.100347856345073495.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 09:16:48 GMT
expires: Fri, 03 Nov 2023 09:16:48 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
age: 580877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 37cf5432ed58690a5273f180bc636f84
1840243d4023ab1d6a2f45ece9d7f65a33826f6a
80a4fb54ae38e6d632c0ed4b617f571dcf8d8ea3d80a1b31beaa83479ae0d29e
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 02:38:05 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "61458CB9F9F7AA9342B4CF44B7D75F8235992C38"
Expires: Thu, 10 Nov 2022 13:00:00 GMT
Last-Modified: Thu, 10 Nov 2022 01:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1286
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 767b68f3fef51bfa-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 46e20c003b171a17f1c163fed2438bb7
1c9b630dc3445376fe584bc6a57a2e4a9ff77cdf
bb73f9cced0c7362166673a64ce138cbcff72ab6d36b8b4199c1874ae7abe9f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6090
Cache-Control: max-age=133844
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:38:05 GMT
Etag: "636bb417-118"
Expires: Fri, 11 Nov 2022 15:48:49 GMT
Last-Modified: Wed, 09 Nov 2022 14:07:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1e9e32929adc50e61654547e455f520b
87b22c16973367407d12586f07bcc2487a044a33
49452181c015967d274b2e632f7fda709c1f2a9883351f139262252a2ef954ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5693
Cache-Control: max-age=120441
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:38:05 GMT
Etag: "636b8149-116"
Expires: Fri, 11 Nov 2022 12:05:26 GMT
Last-Modified: Wed, 09 Nov 2022 10:30:33 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 14 kB IP 93.184.220.29:0
Hash 0981db398d3128bb40119f2f55d32a75
98586b5cef2fa6a2985a96f7234f57f7861097a9
9267d74fe6c0f4497339ea41b11b17eae6d2a497ea07142abc265ebaa76af651
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6090
Cache-Control: max-age=133844
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 02:38:05 GMT
Etag: "636bb417-118"
Expires: Fri, 11 Nov 2022 15:48:49 GMT
Last-Modified: Wed, 09 Nov 2022 14:07:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16793
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 02:38:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16793
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 02:38:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16793
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 02:38:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16793
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 02:38:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16793
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 02:38:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y5MD-207EEHTD7hC8z0SzYCHA0JdOpYRrUhYDwo0cQ9ITGRbtQ-McA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:28 GMT
age: 17497
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61e5641a-68af-473c-af88-cf2c9e3c69d5.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61e5641a-68af-473c-af88-cf2c9e3c69d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d398b5d30ea461015a3abba3b028ef97
9036a9a8a0904abf68a8f6046505a806c840e056
2cf47136f257e9484ea11928b181976c4961a58b95020d1abb8e68d280099931
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61e5641a-68af-473c-af88-cf2c9e3c69d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: 8c503d98-3659-40e7-9337-9f02502e9536
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniH4YoAMFfBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-6feb60720a37636e21e1be8f;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BCrex9BLIjqBvqO2vWb93rNfP73MDM4zF-zB4ng9fJwmWbDaPgFu_Q==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:42:11 GMT
age: 17754
etag: "9036a9a8a0904abf68a8f6046505a806c840e056"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c2db9097ad95b726c65a3130483daf7
2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79
1da5e63e7a3e837c758bb365e5e99e6dfb6c54e9b2fe038c3eb1334a86dc4d74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7723
x-amzn-requestid: 1e07419e-8cd6-43d6-b0bb-61183502ee40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpGHFKIAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca0-751c8b152ea5c28f5a78bf46;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BXdwO74rhbF9575IFRz-DNbcEFNiX7JiCtsvghmUE8zOju0eyuFjow==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:45:34 GMT
age: 17551
etag: "2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F209aa2c7-5455-4bcc-a570-020a64d657cc.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F209aa2c7-5455-4bcc-a570-020a64d657cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 899d03c61f3b79a2176e6cdbaa7441f0
afc8ee4a5b899e95c4b229d48494ae058bfa4c33
62b52d966cd4216513a0c0cc12f9faa9c2fbb0d4707a458c247047c455b2b6e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F209aa2c7-5455-4bcc-a570-020a64d657cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10006
x-amzn-requestid: 322dbafd-30b5-43b5-a077-aa729ffbc91f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWl_1EKfoAMFS6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d31-242c7c5c5f670e7332c2fa36;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6moD3qGG4N5Cd7Q75CUld7Fhowwsr4v4AsPumhI6BCdL9KlP83tuRg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:49:15 GMT
age: 17330
etag: "afc8ee4a5b899e95c4b229d48494ae058bfa4c33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45d42fc-185c-4bf0-906b-55b0275ee2d4.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45d42fc-185c-4bf0-906b-55b0275ee2d4.jpeg
IP 34.120.237.76:0
Hash ca56846102db58b5a013977d5192addd
7ab49d2c386ff8d951e2ea56d37ff2425e50b390
074935d6b0a8cb551f117857a27307b437e9fdbaf9034ccee542c5ebaba54c4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45d42fc-185c-4bf0-906b-55b0275ee2d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3319
x-amzn-requestid: 4720d817-e198-4cae-b14c-b78972e7dd05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkGdMIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-6c3edabf3f07e37951156122;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: WTHCOj9RuWRZz5CyXFFKfjGFuZyQY69EvrTlTHqs9WAImuFCLp4ZzQ==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:28 GMT
etag: "25c8230dc14cfc31d8660b8ea8a72f3ac881ea7e"
content-type: image/jpeg
age: 17497
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash feb275cc5fa7b13e70522cb76f001bbc
80ca9cf6cbbc73a884c3a839ace9a7aa191a8504
a5680637b55669355967b87fd4be4881a3e4dea746b7c420acf4dcb46b8a28de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f570a6d-7e0c-4dc3-9a3f-7af7ccbae623.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8242
x-amzn-requestid: 1ab9c180-7e6b-4eae-a6cf-6a45c96fdc4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlrkE_2oAMFk2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1cb0-0089846803d11bb649874507;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kZPJ95WwFXhxoBwZIeTN2iRl3-XFPmooKSeFtLu3wIm4b8nabFY2mA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:46:29 GMT
etag: "80ca9cf6cbbc73a884c3a839ace9a7aa191a8504"
content-type: image/jpeg
age: 17496
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 15d32d72bdfe4bbff24e4fa38ae96722
b4cd2db52e46d12d3cd8754639f3ebca8a10c124
5e2060018a88b4e9c6ef08ba51c05e888b0679de00dcf4049c71c85a98891614
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 02:38:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 09 Nov 2022 21:46:12 GMT
Expires: Wed, 16 Nov 2022 21:46:11 GMT
Etag: "b4cd2db52e46d12d3cd8754639f3ebca8a10c124"
Cache-Control: max-age=586684,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767b68f81b8a1c02-OSL
kit.fontawesome.com/83fd8385f7.js
104.18.22.52200 OK 27 kB URL HTTP/2 kit.fontawesome.com/83fd8385f7.js
IP 104.18.22.52:0
Hash c859ab9e5744d057e1d6f155226fca43
020487d4a5f3e3017a85f95cffaf2b867dca4997
71765c84576e257cafc177ae282286cfaca52da9856e906707d79922bc8e014a
GET /83fd8385f7.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metacaseid.100347856345073495.com
Connection: keep-alive
Referer: https://metacaseid.100347856345073495.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 02:38:05 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FyXVauL1WjHvxQ0aG4uC
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 767b68f39e161c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.0/webfonts/free-fa-solid-900.woff2
172.64.203.28200 OK 150 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.0/webfonts/free-fa-solid-900.woff2
IP 172.64.203.28:0
File type Web Open Font Format (Version 2), TrueType, length 150456, version 770.256\012- data
Size 150 kB (150456 bytes)
Hash 822fa3f2f51f169c970f713b88158737
74b5ddde927a0f84883fed55a65ffbb6ada11761
ad28ece0bf48b1488c82aaf700201d7f6b56a62e11b5b6a0a12481780c8a3417
GET /releases/v6.2.0/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://metacaseid.100347856345073495.com
Connection: keep-alive
Referer: https://metacaseid.100347856345073495.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 02:38:07 GMT
content-type: font/woff2
content-length: 150456
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:15:00 GMT
etag: "822fa3f2f51f169c970f713b88158737"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 15f8211e7c4eeeaf8ff1b28a64d08eae.cloudfront.net (CloudFront)
x-amz-cf-pop: MEL50-C1
x-amz-cf-id: HiLOMI9bsBdtX7cOZcbuOMJEc2RbhS5eA6UiTxMaBbPxhcF_gjiKTw==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1nIgDZGx2fkYiU3ug1lx3yxThUSi2hDbg93tCsRg3sCy%2FEfkd7SSzy50fcwwFk37Q3RtJ6iKpHGg%2Bl8AHKb7uP4GSj%2FwEysNKKxggECeB9h4vx7VhTGUbKHX9Ae8kB7dGKkHtchTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767b68f67d68743b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
metacaseid.100347856345073495.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=767b68e8d85bb500
104.21.67.163200 OK 0 B URL HTTP/2 metacaseid.100347856345073495.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=767b68e8d85bb500
IP 104.21.67.163:0
Analyzer Verdict Alert fortinet Malware
GET /cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=767b68e8d85bb500 HTTP/1.1
Host: metacaseid.100347856345073495.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metacaseid.100347856345073495.com/?fbclid=1008976410909510926469&__cf_chl_rt_tk=mizOdyGu6P4oQecuFijCaZ9cwWEQHaazO0VdPGjpdsg-1668047883-0-gaNycGzNCFE
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 02:38:03 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjjHik4kI2YIC96EnoFJUJ7VZMSNIlyITeMoFaIWRULuktd8KUlAd5GuA96oVcJvdqP3tgqbiOWFOkvQPrGxe3uNyLvc2XQ8bT5LAdiBRpLaAbhynu5dNArz20wOf%2BQMiqL5Km6xXrgI%2BRIkqmVJHe%2FGJIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767b68eae933b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.0/css/free-v4-font-face.min.css?token=83fd8385f7
172.64.203.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.0/css/free-v4-font-face.min.css?token=83fd8385f7
IP 172.64.203.28:0
GET /releases/v6.2.0/css/free-v4-font-face.min.css?token=83fd8385f7 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metacaseid.100347856345073495.com/
Origin: https://metacaseid.100347856345073495.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 02:38:05 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
etag: W/"a0adfe3c7bd1fa905b7f3b5ecea27889"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 243f946d13ce9ee34360e382dd8afab2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P6
x-amz-cf-id: bWKaMfbCAdsRi68lfISNDgkmtITNwMHcXRP61FkInT394xWsCuPrrQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUrjsHtlWdpIVFHR%2BzoO3b4BU16pCMMxA88E981mE0V8vx1j2SIBDEpv5rjfOdUUIekqcml9sI2alFv%2B5mWnYghfFtY%2BCYnN%2Bbbth4GEsxqe3%2F2hODmolzEWy2vWGC21ae%2FZedC92Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767b68f5bd07743b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.0/css/free-v5-font-face.min.css?token=83fd8385f7
172.64.203.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.0/css/free-v5-font-face.min.css?token=83fd8385f7
IP 172.64.203.28:0
GET /releases/v6.2.0/css/free-v5-font-face.min.css?token=83fd8385f7 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metacaseid.100347856345073495.com/
Origin: https://metacaseid.100347856345073495.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 02:38:05 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
etag: W/"e2e288c32f411dc30c0c399302a30654"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 0bb3ec0dc743918c319e5c84c1222992.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P6
x-amz-cf-id: AlPNO-Gr8Q4Cm4LTFC5mBqD-ymbdQNEoNc5zkpcLHECSQi_5I7arsA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uE%2BVAvWES3NnS%2F%2FnI%2F7fm3GG38NeUOpS2J5ABt6m4xSHMdCwQdxiA49fduD9uAYhbEzHaeSmSqz710%2Bc%2BHqrOtas6UohoM89zNXRoQer5ldMFL3cEIgK40BqImbvMUBWYs0wRfY2tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767b68f5bd05743b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.0/css/free-v4-shims.min.css?token=83fd8385f7
172.64.203.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.0/css/free-v4-shims.min.css?token=83fd8385f7
IP 172.64.203.28:0
GET /releases/v6.2.0/css/free-v4-shims.min.css?token=83fd8385f7 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metacaseid.100347856345073495.com/
Origin: https://metacaseid.100347856345073495.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 02:38:05 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
etag: W/"58dea8f45bf2685132179a837507637a"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cf07d4d50f4302bc7f6965193ffe9924.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P6
x-amz-cf-id: lVkvi-ivKYXHv9awxbgCfntusdWy90MGtbUG5PQ_Bqb0HxSxMTAw2w==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=091SL7fkjg6KnNLDkhvqnMfdm3RTz4JeZy7ar14mmvy8nKp1GscWto%2Fjx223xBMAy%2BxofOKjgd7lIr9oZ9Jrc47hIZ4ohs3bXv2a%2BUd%2BzRsi5swWDqeNoZIf4ACuDBwciQcuPf2M4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 767b68f5bd06743b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
metacaseid.100347856345073495.com/?fbclid=1008976410909510926469
104.21.67.163503 Service Unavailable 0 B URL HTTP/2 metacaseid.100347856345073495.com/?fbclid=1008976410909510926469
IP 104.21.67.163:0
Analyzer Verdict Alert fortinet Malware
GET /?fbclid=1008976410909510926469 HTTP/1.1
Host: metacaseid.100347856345073495.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
date: Thu, 10 Nov 2022 02:38:03 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hk0adyEfqUDthn9JROMZzzmo1k4cbqmjvsuh65NtUcUe1AltyL33ZTsntNpfXz1oZ5poZ9tRKDAM7WF4ptha%2FuN3%2F%2BCH6%2Bcnx4oMyzbfc1N2gnU9CjJUsDGLFgkqxs6t4h0nM%2BAqGsDpnatvmjT4vKnxDXI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 767b68e8d85bb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
metacaseid.100347856345073495.com/cdn-cgi/styles/challenges.css
104.21.67.163200 OK 0 B URL HTTP/2 metacaseid.100347856345073495.com/cdn-cgi/styles/challenges.css
IP 104.21.67.163:0
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: metacaseid.100347856345073495.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metacaseid.100347856345073495.com/?fbclid=1008976410909510926469
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 10 Nov 2022 02:38:03 GMT
content-type: text/css
last-modified: Tue, 08 Nov 2022 13:16:22 GMT
etag: W/"636a56a6-1896"
server: cloudflare
cf-ray: 767b68ea890cb500-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 10 Nov 2022 04:38:03 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2