modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
104.26.9.140301 Moved Permanently 0 B URL HTTP/1.1 modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
IP 104.26.9.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /download/0Xv64bDBQ4ZV3Yo/a8f1b HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 14:10:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 15:10:38 GMT
Location: https://modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7j7POx0xiMIWVwhaQwPA8heH0%2FyLHeLDBNcW2qj46RaYkVWLFaXIVODAxNH6ZQx17wU5rab55MGJKRBQ3XHjmery2k4UIXXAc%2FuSqgOHYUtH78nz4FTocIangRxqAA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c3b102bd6b512-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18964
Expires: Sun, 05 Feb 2023 19:26:42 GMT
Date: Sun, 05 Feb 2023 14:10:38 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2920
Expires: Sun, 05 Feb 2023 14:59:18 GMT
Date: Sun, 05 Feb 2023 14:10:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 13:36:18 GMT
content-type: application/json
age: 2060
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10610
Expires: Sun, 05 Feb 2023 17:07:28 GMT
Date: Sun, 05 Feb 2023 14:10:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UpLnwdH3piyR75FD/MagMYxjFVfSvj1Rq5YM1gsfqH1IXRf3Zvq1HaQcirD8khiGes9pB7yjtZ0=
x-amz-request-id: KHN5X9CYPV5ZBPEP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 13:24:29 GMT
age: 2769
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:10:38 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
modsfire.com/assets/images/logo-n.png
172.67.73.172200 OK 56 kB URL HTTP/2 modsfire.com/assets/images/logo-n.png
IP 172.67.73.172:0
File type PNG image data, 1918 x 385, 8-bit/color RGBA, non-interlaced\012- data
Hash b45dad22fbbcccb99cb851b86f9b44a2
cdc4efb3ba426e6b78281b4e90ae5befa1006285
9c8021208ee210b1cbf24e973dc5b74f618710470e7a8f9388b175391c6e7377
GET /assets/images/logo-n.png HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
Cookie: XSRF-TOKEN=eyJpdiI6IklTMFozNG5jV3dZY2l2NGZqMktqdXc9PSIsInZhbHVlIjoiXC95NVJqYjUyUDRaT3N5MGd3cFpreGV3TFpNYnFiUEdQOUU4K2hyMThqNnpLekNBcFRUb2JaTVlkeDRnclkwQ1oiLCJtYWMiOiI3NzMyMTQ0NWNkNzk0ZGVhOTg4YTZjNTRhYTJjMGUxZTc1ZGY5ZmFlY2U2ZDRhNTY5YjI3Mjc1YWMyMDM1YWJiIn0%3D; modsfire_session=eyJpdiI6ImdwcXBPQ3NRem5yR1pHZyt3YmU5OUE9PSIsInZhbHVlIjoiNXR0cVkzOWg4TXZcL3ZFRkxxUkZxWnJyckRMTWsyMUJPckZYRVFyQVZhQ2c2anRmMDROM0JGYjBMQ3NvaXpUZTUiLCJtYWMiOiIyNzZlZjAwNDRkYTU0ZmI0Nzg1Y2RiYTM5MmMwZGE3YzZhMTQyMGJhZGMyZmZiZGU4OTE0YWQ2YWUyNmJkZWIwIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: image/png
content-length: 56503
last-modified: Thu, 15 Sep 2022 14:55:11 GMT
etag: "63233ccf-dcb7"
expires: Sun, 12 Feb 2023 14:56:17 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1984374
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FF5B1YMHBhUZUhHpABqCAv2IJ%2BWhxRHl%2BL5l%2BMEl7d4Qk%2FX8QB3tqtg1b6tj9MadfOwjKkV7B2y%2FTMAueLY%2Fv86bRCrGRactQ1h9Bpf1wtqbbPYJvsrVtU7hSVVcmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c3b12a929b50b-OSL
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
151.101.65.229200 OK 23 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
IP 151.101.65.229:0
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash f1883dfe3d1a16da0d5ad68f7228f99a
37e13f8f11c6c21ad2ea36a108e9006132586635
601ab8c5f5909131ea6a53a997f04c7c6e733127858045caeaa53701978f7e7a
GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://modsfire.com
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 14:10:39 GMT
age: 24346202
x-served-by: cache-fra19150-FRA, cache-bma1669-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22977
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap-select@1.14.0-beta3/dist/js/bootstrap-select.js
151.101.65.229200 OK 30 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap-select@1.14.0-beta3/dist/js/bootstrap-select.js
IP 151.101.65.229:0
Hash 42849e62c72c9cfaa7ef5db1bdfbe473
48d203db81a0b3ac0dcf2345f383a98929dae22e
c8b3d61a9926e8a5a05cf56a365fb74727838fa7cc202c46222d1b5bb5a88dcb
GET /npm/bootstrap-select@1.14.0-beta3/dist/js/bootstrap-select.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.14.0-beta3
x-jsd-version-type: version
etag: W/"1f63b-Tb9Vk5j17Yp33JUwTuj0yZeXLjw"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 14:10:39 GMT
age: 2797730
x-served-by: cache-fra-eddf8230069-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29954
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap-select@1.14.0-beta3/dist/css/bootstrap-select.min.css
151.101.65.229200 OK 2.4 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap-select@1.14.0-beta3/dist/css/bootstrap-select.min.css
IP 151.101.65.229:0
File type ASCII text, with very long lines (11584)
Hash 832e237042d91a8a061367ad0dcd6e20
ee0d9677f526026e7e6cf9bdbd72b5bf5023c6bb
06db5ec84b895133bead80cc83e96e50f40b461425dc5ecba1ceae6dff5e63ee
GET /npm/bootstrap-select@1.14.0-beta3/dist/css/bootstrap-select.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.14.0-beta3
x-jsd-version-type: version
etag: W/"2e31-n6rgf2v6FhKuTrVvoK4WnJtCtJQ"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 14:10:39 GMT
age: 2722105
x-served-by: cache-fra-eddf8230122-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2351
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6475
Cache-Control: max-age=115341
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Etag: "63debf21-117"
Expires: Mon, 06 Feb 2023 22:13:00 GMT
Last-Modified: Sat, 04 Feb 2023 20:25:05 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
151.101.65.229200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (65299)
Hash 84e585e508257b149cf52b5ba65dafba
141cd4a3560a4dd2b4fdf9e961079c300f494030
1a00d92371bb1b61d8fdce1473af8c69798eaa34ee7941f58babd75c8283d56d
GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://modsfire.com
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 14:10:39 GMT
age: 8857515
x-served-by: cache-fra-eddf8230092-FRA, cache-bma1669-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22442
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65451)
Hash 77bd61b98f7b67af56639229724f8dd4
f04f07dd8ff53e58c32b738f81b71a014bca441d
8ce54c3b77bf31899b27b29188ff4936b580f2bd2b3222d43dda2851ba272e24
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 27433
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1538f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2570290
expires: Fri, 26 Jan 2024 14:10:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1O6jUG7HDCAxyo1ctCwVVMrOl8eVC%2F5pz6hvquAZSgRjcpMHisO0Y13PkW5XmArc47A%2F%2Bs70LwY725zbNPuD%2F3S%2F%2FcB51per%2BJ00Guh3g4DwvClFLzRTz3jF99xRP1e0CWErWWc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 794c3b136bcbfac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash 53fd47f88ae032f6597e90778fd290e5
e599537113cb1df2d233eb5956dd05e4e9517f0d
f7a42facd4b7b25b47e12a200b7b00840b67418a86d0e0d5d6c74ef4e1a90dc5
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:10:39 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "639362315E0050B30CA21BB239B60A19CB2902A9"
Expires: Mon, 06 Feb 2023 01:00:00 GMT
Last-Modified: Sun, 05 Feb 2023 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 236
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c3b138eacb505-OSL
modsfire.com/alt/assets/css/responsive-style.css
172.67.73.172200 OK 1.4 kB URL HTTP/2 modsfire.com/alt/assets/css/responsive-style.css
IP 172.67.73.172:0
File type ASCII text, with CRLF line terminators
Hash 89f7b083ce49e814d77c9451329b0723
19afdf52cef84a8d07af2b39e78aaad1e63e806a
bd1e5964f3690bed162d269a8073f9eaf9d325365ea3011d47eb755dc6dafef2
GET /alt/assets/css/responsive-style.css HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
Cookie: XSRF-TOKEN=eyJpdiI6IklTMFozNG5jV3dZY2l2NGZqMktqdXc9PSIsInZhbHVlIjoiXC95NVJqYjUyUDRaT3N5MGd3cFpreGV3TFpNYnFiUEdQOUU4K2hyMThqNnpLekNBcFRUb2JaTVlkeDRnclkwQ1oiLCJtYWMiOiI3NzMyMTQ0NWNkNzk0ZGVhOTg4YTZjNTRhYTJjMGUxZTc1ZGY5ZmFlY2U2ZDRhNTY5YjI3Mjc1YWMyMDM1YWJiIn0%3D; modsfire_session=eyJpdiI6ImdwcXBPQ3NRem5yR1pHZyt3YmU5OUE9PSIsInZhbHVlIjoiNXR0cVkzOWg4TXZcL3ZFRkxxUkZxWnJyckRMTWsyMUJPckZYRVFyQVZhQ2c2anRmMDROM0JGYjBMQ3NvaXpUZTUiLCJtYWMiOiIyNzZlZjAwNDRkYTU0ZmI0Nzg1Y2RiYTM5MmMwZGE3YzZhMTQyMGJhZGMyZmZiZGU4OTE0YWQ2YWUyNmJkZWIwIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: text/css
last-modified: Wed, 05 Oct 2022 10:05:41 GMT
etag: W/"633d56f5-dd6"
expires: Sat, 21 Jan 2023 10:19:08 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1835920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kzy7VoodKNKFmEM5k3htPeHn7h5xIW04rnyfslO%2B48kzZ%2FaXkLKZtBZFnyQEk93R%2Fm3CuVd9BbaE8Rp9BETjL1GXgIZUS6iA3ZnSOZgX%2BxSttGHqE7%2BKGow8Jjvq8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c3b12991db50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 28c3f02ba8cac75c2f1945e7be499cae
82390270ea7ee981db3fae587295029f335726da
ce1f772f6bd3cdd88e6f161731958d8bce7e3c019c9e618d0ed37560b79b0a4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5347
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Last-Modified: Sun, 05 Feb 2023 12:41:32 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=G-JXQKZFEW04
142.250.74.168200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-JXQKZFEW04
IP 142.250.74.168:0
File type ASCII text, with very long lines (21849)
Hash 0d720f36993cec5b4724616cf94b12f4
6a0a74e719bd6d7f7a850d5e0bd3af9259c09677
1d0738a9381eb3458a517935c8e314408e33677f9c0a1df99af07f6d8c2b851b
GET /gtag/js?id=G-JXQKZFEW04 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 14:10:39 GMT
expires: Sun, 05 Feb 2023 14:10:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77579
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
modsfire.com/assets/images/arrow.png
172.67.73.172200 OK 15 kB URL HTTP/2 modsfire.com/assets/images/arrow.png
IP 172.67.73.172:0
File type PNG image data, 8 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash df59fde7341d3853dcbadea2e215e267
1c88016750329c83c9a036cd061ab054e277beda
fd1e71a9f6e8471e9c2f47b3fd3384c29869541a8d1d7e634c5143f8b5a8dbbb
GET /assets/images/arrow.png HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/alt/assets/css/dw.css?7
Cookie: XSRF-TOKEN=eyJpdiI6IklTMFozNG5jV3dZY2l2NGZqMktqdXc9PSIsInZhbHVlIjoiXC95NVJqYjUyUDRaT3N5MGd3cFpreGV3TFpNYnFiUEdQOUU4K2hyMThqNnpLekNBcFRUb2JaTVlkeDRnclkwQ1oiLCJtYWMiOiI3NzMyMTQ0NWNkNzk0ZGVhOTg4YTZjNTRhYTJjMGUxZTc1ZGY5ZmFlY2U2ZDRhNTY5YjI3Mjc1YWMyMDM1YWJiIn0%3D; modsfire_session=eyJpdiI6ImdwcXBPQ3NRem5yR1pHZyt3YmU5OUE9PSIsInZhbHVlIjoiNXR0cVkzOWg4TXZcL3ZFRkxxUkZxWnJyckRMTWsyMUJPckZYRVFyQVZhQ2c2anRmMDROM0JGYjBMQ3NvaXpUZTUiLCJtYWMiOiIyNzZlZjAwNDRkYTU0ZmI0Nzg1Y2RiYTM5MmMwZGE3YzZhMTQyMGJhZGMyZmZiZGU4OTE0YWQ2YWUyNmJkZWIwIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: image/png
content-length: 15417
last-modified: Tue, 23 Jul 2019 16:58:03 GMT
etag: "5d373c9b-3c39"
expires: Mon, 20 Feb 2023 02:10:32 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 311224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVFGy1OlWBpFochM%2FpKKKXhqXOpnxRSSyLmEulVO8NqKHmn%2FI7VEfIH93FN2dl0Gr8ODwuL2WAMA6vnG3bNRR%2BPvLtjLDQ%2F%2B7LcSZE6P3Tb1Em%2BPR%2FCE%2BpX3uBrlgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c3b13eac2b50b-OSL
X-Firefox-Spdy: h2
modsfire.com/alt/assets/images/f-bg.png
172.67.73.172200 OK 115 kB URL HTTP/2 modsfire.com/alt/assets/images/f-bg.png
IP 172.67.73.172:0
File type PNG image data, 1050 x 164, 8-bit/color RGBA, non-interlaced\012- data
Size 115 kB (114731 bytes)
Hash e741d4b54a96d1f5c62c62878d9066d8
d64c649046911b3108cafa8a5209cd35a8a5653f
e97879cc5fb557269c477dc7926cbfab6a9ab4682596d10c99319847be874050
GET /alt/assets/images/f-bg.png HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/alt/assets/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IklTMFozNG5jV3dZY2l2NGZqMktqdXc9PSIsInZhbHVlIjoiXC95NVJqYjUyUDRaT3N5MGd3cFpreGV3TFpNYnFiUEdQOUU4K2hyMThqNnpLekNBcFRUb2JaTVlkeDRnclkwQ1oiLCJtYWMiOiI3NzMyMTQ0NWNkNzk0ZGVhOTg4YTZjNTRhYTJjMGUxZTc1ZGY5ZmFlY2U2ZDRhNTY5YjI3Mjc1YWMyMDM1YWJiIn0%3D; modsfire_session=eyJpdiI6ImdwcXBPQ3NRem5yR1pHZyt3YmU5OUE9PSIsInZhbHVlIjoiNXR0cVkzOWg4TXZcL3ZFRkxxUkZxWnJyckRMTWsyMUJPckZYRVFyQVZhQ2c2anRmMDROM0JGYjBMQ3NvaXpUZTUiLCJtYWMiOiIyNzZlZjAwNDRkYTU0ZmI0Nzg1Y2RiYTM5MmMwZGE3YzZhMTQyMGJhZGMyZmZiZGU4OTE0YWQ2YWUyNmJkZWIwIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: image/png
content-length: 114731
last-modified: Mon, 12 Sep 2022 04:02:02 GMT
etag: "631eaf3a-1c02b"
expires: Sat, 21 Jan 2023 10:41:02 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1835505
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyyVAxXEUzGpayWmEpONEbzUpEGGfkqy1wQG7ahVe6OADzPs5X6E97a0Y2bAMOJ9bCedtxt05roA5%2FTfiEzLCxVQpI%2FjzeA%2F8kzivmMXUX13Nc4dhC6BBQrK1J3puQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c3b13fac5b50b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://modsfire.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 10:20:24 GMT
expires: Sun, 04 Feb 2024 10:20:24 GMT
cache-control: public, max-age=31536000
age: 100215
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://modsfire.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 07:08:09 GMT
expires: Sat, 03 Feb 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 198150
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
modsfire.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.73.172200 OK 23 kB URL HTTP/2 modsfire.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.73.172:0
Hash 934a9a3d710e0bbb3eb5222471e27294
37f579cf7a97d1f1945d9f0bb7ebc3cba3d28f55
be9ca3457f8cd69a6dce4ad204767440e124fdb372031233f0ea871052e7b327
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
Cookie: XSRF-TOKEN=eyJpdiI6IklTMFozNG5jV3dZY2l2NGZqMktqdXc9PSIsInZhbHVlIjoiXC95NVJqYjUyUDRaT3N5MGd3cFpreGV3TFpNYnFiUEdQOUU4K2hyMThqNnpLekNBcFRUb2JaTVlkeDRnclkwQ1oiLCJtYWMiOiI3NzMyMTQ0NWNkNzk0ZGVhOTg4YTZjNTRhYTJjMGUxZTc1ZGY5ZmFlY2U2ZDRhNTY5YjI3Mjc1YWMyMDM1YWJiIn0%3D; modsfire_session=eyJpdiI6ImdwcXBPQ3NRem5yR1pHZyt3YmU5OUE9PSIsInZhbHVlIjoiNXR0cVkzOWg4TXZcL3ZFRkxxUkZxWnJyckRMTWsyMUJPckZYRVFyQVZhQ2c2anRmMDROM0JGYjBMQ3NvaXpUZTUiLCJtYWMiOiIyNzZlZjAwNDRkYTU0ZmI0Nzg1Y2RiYTM5MmMwZGE3YzZhMTQyMGJhZGMyZmZiZGU4OTE0YWQ2YWUyNmJkZWIwIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:56:26 GMT
etag: W/"63dd3cba-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ru8TNHcpbc%2B43yR%2F3nQVIC11Tql3uk4PcfO2KDxk%2F5JYkCatkm3bC4t5pWpf0AUqTteYYuZBMtJwX44qN%2BSibPCz%2B2uRC%2BN3QHFSWv5WqTKi05qHjp9V0Enq5H4bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c3b12b93bb50b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 07 Feb 2023 14:10:39 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
172.67.73.172200 OK 0 B URL HTTP/2 modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
IP 172.67.73.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /download/0Xv64bDBQ4ZV3Yo/a8f1b HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
Cookie: XSRF-TOKEN=eyJpdiI6IklTMFozNG5jV3dZY2l2NGZqMktqdXc9PSIsInZhbHVlIjoiXC95NVJqYjUyUDRaT3N5MGd3cFpreGV3TFpNYnFiUEdQOUU4K2hyMThqNnpLekNBcFRUb2JaTVlkeDRnclkwQ1oiLCJtYWMiOiI3NzMyMTQ0NWNkNzk0ZGVhOTg4YTZjNTRhYTJjMGUxZTc1ZGY5ZmFlY2U2ZDRhNTY5YjI3Mjc1YWMyMDM1YWJiIn0%3D; modsfire_session=eyJpdiI6ImdwcXBPQ3NRem5yR1pHZyt3YmU5OUE9PSIsInZhbHVlIjoiNXR0cVkzOWg4TXZcL3ZFRkxxUkZxWnJyckRMTWsyMUJPckZYRVFyQVZhQ2c2anRmMDROM0JGYjBMQ3NvaXpUZTUiLCJtYWMiOiIyNzZlZjAwNDRkYTU0ZmI0Nzg1Y2RiYTM5MmMwZGE3YzZhMTQyMGJhZGMyZmZiZGU4OTE0YWQ2YWUyNmJkZWIwIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImxHbXJneER4UFZETU54RzVvVjBqWXc9PSIsInZhbHVlIjoiNklWZjNjMm05R1FHMmNhOVErU2M3SkZKREdkN0drK01CY3ZqVTh0QWIydERVU2pkb2xhVmt6NHhkSGpCVDZhQiIsIm1hYyI6IjU4YjY3NGNiN2UyMzZlODBjZWVjNzNkZTBiNTE1ZTQ1ZjgxNTkwOTMyYzNjY2I5YzcxY2Q4NjgxZDI2MGM2ZjQifQ%3D%3D; expires=Sun, 05-Feb-2023 16:10:39 GMT; Max-Age=7200; path=/
modsfire_session=eyJpdiI6Ikw2ZkNXdUt0MGF1Sm40MVwvbWozXC9NQT09IiwidmFsdWUiOiJcL1BKK3paR0lTaGdna3NXOHRYXC9EYnBzY25vZ1ZSWHJ4RHd0eU16NDJuQUJZaUVZN1lPUEhUM21SVFAwNVdkbCsiLCJtYWMiOiJkMDk5MmNmYzVkYzgxZWQxNGRkOTJkNGI1NWQ2MDU1ZjU3NmZkNzVjYjhhNGEwOTc2YzAzOTBkYjkwNDgzNzgxIn0%3D; expires=Sun, 05-Feb-2023 16:10:39 GMT; Max-Age=7200; path=/; httponly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKPD3thbUsz831Oab6LOpoZaVUJXAB5IdaShyjc0PWmCgpLiXhEYl0qCM6yjn89Q0FrwUgg9updHI7UiKBO%2Bf4Nt9odAED0TfVjxLscbkswB9KVC0tdJ3qtUdqQTMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794c3b14dbf6b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c2403a5e74624a0af2553ae2b79f4246
e0f3bd63d81ed4f226f0d11128c716b2c3888e22
6bd8f88028390b868124a052f3ba6cc6ff7f94df26b01a00c07ced34ea621f00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BD8F88028390B868124A052F3BA6CC6FF7F94DF26B01A00C07CED34EA621F00"
Last-Modified: Fri, 03 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3470
Expires: Sun, 05 Feb 2023 15:08:29 GMT
Date: Sun, 05 Feb 2023 14:10:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c2403a5e74624a0af2553ae2b79f4246
e0f3bd63d81ed4f226f0d11128c716b2c3888e22
6bd8f88028390b868124a052f3ba6cc6ff7f94df26b01a00c07ced34ea621f00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BD8F88028390B868124A052F3BA6CC6FF7F94DF26B01A00C07CED34EA621F00"
Last-Modified: Fri, 03 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3470
Expires: Sun, 05 Feb 2023 15:08:29 GMT
Date: Sun, 05 Feb 2023 14:10:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 14:07:20 GMT
age: 199
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
waisheph.com/tag.min.js
139.45.197.245200 OK 24 kB IP 139.45.197.245:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1a417e9b10144729d212117089f3a224
6c16ab6489d19d435fd63bc6c8e991190cc886cb
b9f0f73212140bcc34f47ac279ae6c59c239e4135f70694557c8f119e6dece44
GET /tag.min.js HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: text/javascript; charset=utf-8
content-length: 23495
content-encoding: br
x-trace-id: 642ec048a1353275d3e9d0868ece13fe
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 03 Feb 2023 10:47:19 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
modsfire.com/assets/images/favicon.ico
172.67.73.172200 OK 953 B URL HTTP/2 modsfire.com/assets/images/favicon.ico
IP 172.67.73.172:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 85a1d9e9e6970e7b2854f24e28483c19
80c9b59dedf321737921347e7e65ce1b05073913
d5de8666fd4d1a973fe0e2c52089bf584bbf848070b6c7fa21f42eda2d399f83
GET /assets/images/favicon.ico HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
Cookie: XSRF-TOKEN=eyJpdiI6ImxHbXJneER4UFZETU54RzVvVjBqWXc9PSIsInZhbHVlIjoiNklWZjNjMm05R1FHMmNhOVErU2M3SkZKREdkN0drK01CY3ZqVTh0QWIydERVU2pkb2xhVmt6NHhkSGpCVDZhQiIsIm1hYyI6IjU4YjY3NGNiN2UyMzZlODBjZWVjNzNkZTBiNTE1ZTQ1ZjgxNTkwOTMyYzNjY2I5YzcxY2Q4NjgxZDI2MGM2ZjQifQ%3D%3D; modsfire_session=eyJpdiI6Ikw2ZkNXdUt0MGF1Sm40MVwvbWozXC9NQT09IiwidmFsdWUiOiJcL1BKK3paR0lTaGdna3NXOHRYXC9EYnBzY25vZ1ZSWHJ4RHd0eU16NDJuQUJZaUVZN1lPUEhUM21SVFAwNVdkbCsiLCJtYWMiOiJkMDk5MmNmYzVkYzgxZWQxNGRkOTJkNGI1NWQ2MDU1ZjU3NmZkNzVjYjhhNGEwOTc2YzAzOTBkYjkwNDgzNzgxIn0%3D; _ga_JXQKZFEW04=GS1.1.1675606280.1.0.1675606280.0.0.0; _ga=GA1.1.1904446771.1675606280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: image/x-icon
last-modified: Tue, 23 Jul 2019 16:58:03 GMT
etag: W/"5d373c9b-1dc"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4697
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GV7XxZknSjm1IerzPYDQBMRGw5q%2BCe0nHW%2BoT7Kt%2B4meaxCcrl9VHqJbTttkEmiWNZI7PDWGJ49%2BFmOaFnbO9KQR8xc2LWB%2Fo328eCf0rrnk0fDW2cNsHaOkW0td%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c3b164e7bb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 2850adec4b7649ba84fc5290630e272b
79bc5a6501c5f7b5f2484e8efcc3bc25ea374d52
897d93db14c2787cc9d5bf21e3caa95845b39342baed88d4dd48f6be4d2285a9
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:10:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 09 Feb 2023 11:05:59 GMT
ETag: "79bc5a6501c5f7b5f2484e8efcc3bc25ea374d52"
Last-Modified: Sun, 05 Feb 2023 11:06:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 493
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794c3b16c9a7b4f7-OSL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (3642)
Hash 48ed990d94f673c4f39e5fcb9587dd70
a6170e386324fad97df15db4174daa8d087628b8
55ea1c0bd68682867b169bfc32ed6361dd67ebd995be84cc68ef048a653ec5e6
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 05 Feb 2023 14:10:39 GMT
expires: Sun, 05 Feb 2023 14:10:39 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15981739053827856470
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50236
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t44.4;r;s1280*1024*24;uhttps%3A//modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b;0.9657540036955522
88.212.201.198200 OK 140 B URL HTTP/1.1 counter.yadro.ru/hit?t44.4;r;s1280*1024*24;uhttps%3A//modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b;0.9657540036955522
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 89a, 31 x 31\012- data
Hash 4cbfde1aa1b42343b20a20fe98eccfc2
fdfb2c792fabdc6195f9be0d0be3ab9fabdd0bc5
9b9f8a98561871983e8e2b16decfd4c07ad9938ab28e5858a1f446f1ede52158
GET /hit?t44.4;r;s1280*1024*24;uhttps%3A//modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b;0.9657540036955522 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 05 Feb 2023 14:10:39 GMT
Content-Type: image/gif
Content-Length: 140
Connection: keep-alive
Expires: Fri, 04 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bb0e1ff82ab6199f715e00974b7f6957
74edba6943c202d060b471c30a3c626542bfac84
d982aa0ae1b32ffba27f789ad265b594dfef0bc4c55a0d0489d38b0827e6a7e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D982AA0AE1B32FFBA27F789AD265B594DFEF0BC4C55A0D0489D38B0827E6A7E2"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11770
Expires: Sun, 05 Feb 2023 17:26:49 GMT
Date: Sun, 05 Feb 2023 14:10:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f8d699ffe3b1f12a3150dd92f9e17d11
0e76135a7ba2f06714221aeca75731c93342d331
121ac8cb3bf6cac815569a04ac37a4905eb081589664aa39d44be04dd2e31717
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "121AC8CB3BF6CAC815569A04AC37A4905EB081589664AA39D44BE04DD2E31717"
Last-Modified: Sun, 05 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10818
Expires: Sun, 05 Feb 2023 17:10:57 GMT
Date: Sun, 05 Feb 2023 14:10:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b940dcdf670ff95a2b50dcc35984e1df
68023a8dcb6e23478d741d1647f39be52c9a6997
226778ab5dd22a1d6bb7baee98e02211f708daa1be5341ebdef8be75e76cc0ab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "226778AB5DD22A1D6BB7BAEE98E02211F708DAA1BE5341EBDEF8BE75E76CC0AB"
Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=980
Expires: Sun, 05 Feb 2023 14:26:59 GMT
Date: Sun, 05 Feb 2023 14:10:39 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=f93c10717ff2406ca936249aed229bd8
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=f93c10717ff2406ca936249aed229bd8
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 060aa26f97b16d525c801d924966c16b
1af4c52be7222c943f3a4ce62ff0237d2ba17bee
350c5b1711fd6e2d24d31c1e1ff58fae927db344d4b0f0f8019b9ae11c5e568d
GET /gid.js?userId=f93c10717ff2406ca936249aed229bd8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://modsfire.com
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://modsfire.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f93c10717ff2406ca936249aed229bd8; expires=Mon, 05 Feb 2024 14:10:39 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
216.58.207.226200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230201/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sat, 04 Feb 2023 20:22:18 GMT
expires: Sat, 18 Feb 2023 20:22:18 GMT
cache-control: public, max-age=1209600
age: 64101
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c80d5d81e35b6d3982ed956768aec82d
5cf0af32f127c1e69d0f4da7963b7617ecd8f519
4b6d2a736effbdf418317da684bbe130a08233e1f4f9ff736d962df842a95578
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B6D2A736EFFBDF418317DA684BBE130A08233E1F4F9FF736D962DF842A95578"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11543
Expires: Sun, 05 Feb 2023 17:23:03 GMT
Date: Sun, 05 Feb 2023 14:10:40 GMT
Connection: keep-alive
push.services.mozilla.com/
54.149.149.164101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.149.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2m5vF9eNPLG9RKMIGE5XzA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: E4o08X6DiOu+GOlEt8Q0krTADc4=
nanouwho.com/27/843a9f1226eda0484b879504742bc6d9
139.45.197.242200 OK 251 kB URL HTTP/2 nanouwho.com/27/843a9f1226eda0484b879504742bc6d9
IP 139.45.197.242:0
Size 251 kB (251421 bytes)
Hash 5a2c5699bdee2554a8ae1007e2f3bc2c
e421d733da719a4732bed3deecdf86456bce4932
2f8b558ec465b00cdcbc7e15ce2f2c6f6591b77627d70b9b9f0b3b0ad3a471cd
Analyzer Verdict Alert quad9 Sinkholed
GET /27/843a9f1226eda0484b879504742bc6d9 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Cookie: scm=1; OAID=5a9b9e6dc15748f3a942ef0b508d604c; oaidts=1675606239
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:10:40 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Fri, 03 Feb 2023 06:00:36 GMT
expires: Fri, 05 Mar 2083 06:00:36 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/9?z=3858664&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f93c10717ff2406ca936249aed229bd8
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=3858664&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f93c10717ff2406ca936249aed229bd8
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=3858664&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f93c10717ff2406ca936249aed229bd8 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://modsfire.com/
Origin: https://modsfire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 14:10:40 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://modsfire.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-JXQKZFEW04>m=45je3210&_p=576063250&cid=1904446771.1675606280&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675606280&sct=1&seg=0&dl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&dt=Download%20file%20Greenland%20Expanded%20v1.1.scs%20-%20ModsFire.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-JXQKZFEW04>m=45je3210&_p=576063250&cid=1904446771.1675606280&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675606280&sct=1&seg=0&dl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&dt=Download%20file%20Greenland%20Expanded%20v1.1.scs%20-%20ModsFire.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-JXQKZFEW04>m=45je3210&_p=576063250&cid=1904446771.1675606280&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675606280&sct=1&seg=0&dl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&dt=Download%20file%20Greenland%20Expanded%20v1.1.scs%20-%20ModsFire.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://modsfire.com
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://modsfire.com
date: Sun, 05 Feb 2023 14:10:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nanouwho.com/9?z=3858664&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f93c10717ff2406ca936249aed229bd8
139.45.197.242200 OK 7 B URL HTTP/2 nanouwho.com/9?z=3858664&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f93c10717ff2406ca936249aed229bd8
IP 139.45.197.242:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=3858664&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f93c10717ff2406ca936249aed229bd8 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 245
Origin: https://modsfire.com
Connection: keep-alive
Referer: https://modsfire.com/
Cookie: scm=1; OAID=5a9b9e6dc15748f3a942ef0b508d604c; oaidts=1675606239
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:10:40 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://modsfire.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 29b00edd7884ebdd4b31f279b2d06a51
access-control-expose-headers: X-Sc
set-cookie: OAID=f93c10717ff2406ca936249aed229bd8; expires=Mon, 05 Feb 2024 14:10:40 GMT; secure; SameSite=None
oaidts=1675606239; expires=Mon, 05 Feb 2024 14:10:40 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
betotodilea.com/500/5188543?excludes=&oaid=f93c10717ff2406ca936249aed229bd8&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5188543?excludes=&oaid=f93c10717ff2406ca936249aed229bd8&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5188543?excludes=&oaid=f93c10717ff2406ca936249aed229bd8&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://modsfire.com/
Origin: https://modsfire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:10:40 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://modsfire.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=modsfire.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=modsfire.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=modsfire.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 14:10:40 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upgulpinon.com/27/843a9f1226eda0484b879504742bc6d9
139.45.197.242200 OK 130 kB URL HTTP/2 upgulpinon.com/27/843a9f1226eda0484b879504742bc6d9
IP 139.45.197.242:0
File type ASCII text, with very long lines (65523)
Size 130 kB (130193 bytes)
Hash 3fde58b4f97506fbf506b6ed13262c4f
60a0156e6b99eb854932d04a0e58d1e7020e03aa
2739d665422a21ac2628590f672643060147b0cdf994e1a48dd43bb6518f8fd9
GET /27/843a9f1226eda0484b879504742bc6d9 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Cookie: scm=1; OAID=bbe2e1c61f9744039c76a04eec3894d2; oaidts=1675606240
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:10:40 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Fri, 03 Feb 2023 06:00:36 GMT
expires: Fri, 05 Mar 2083 06:00:36 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/500/5188543?excludes=&oaid=f93c10717ff2406ca936249aed229bd8&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237204 No Content 0 B URL HTTP/2 betotodilea.com/500/5188543?excludes=&oaid=f93c10717ff2406ca936249aed229bd8&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5188543?excludes=&oaid=f93c10717ff2406ca936249aed229bd8&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://modsfire.com
Connection: keep-alive
Referer: https://modsfire.com/
Cookie: OAID=8c1eed36dfb14d91a898bb4ae7b307b9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 14:10:40 GMT
x-trace-id: 695292fc2e11eed300aec9c334069424
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://modsfire.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f93c10717ff2406ca936249aed229bd8; expires=Mon, 05 Feb 2024 14:10:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 0042362c056c66d88e82782ad9b26669
84ff2f895a759e9be60cad8ff69c9d59b2e739d9
13f2260996b04204fe0457ca7fd88d701bac7d8194574014b2263ef45e1b41ed
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 14:10:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 03:49:37 GMT
Expires: Sun, 12 Feb 2023 03:49:36 GMT
Etag: "84ff2f895a759e9be60cad8ff69c9d59b2e739d9"
Cache-Control: max-age=566935,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794c3b19ca5fb512-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
upgulpinon.com/9?z=5030913&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f93c10717ff2406ca936249aed229bd8
139.45.197.242204 No Content 0 B URL HTTP/2 upgulpinon.com/9?z=5030913&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f93c10717ff2406ca936249aed229bd8
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5030913&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f93c10717ff2406ca936249aed229bd8 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://modsfire.com/
Origin: https://modsfire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 14:10:40 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://modsfire.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1196
Origin: https://modsfire.com
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 05 Feb 2023 14:10:44 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://modsfire.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=modsfire.com
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=modsfire.com
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=modsfire.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 14:10:40 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5030913&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f93c10717ff2406ca936249aed229bd8
139.45.197.242200 OK 7 B URL HTTP/2 upgulpinon.com/9?z=5030913&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f93c10717ff2406ca936249aed229bd8
IP 139.45.197.242:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
POST /9?z=5030913&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=f93c10717ff2406ca936249aed229bd8 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 245
Origin: https://modsfire.com
Connection: keep-alive
Referer: https://modsfire.com/
Cookie: scm=1; OAID=bbe2e1c61f9744039c76a04eec3894d2; oaidts=1675606240
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:10:40 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://modsfire.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 0e09e84c951c1437bcc994522b7427e7
access-control-expose-headers: X-Sc
set-cookie: OAID=f93c10717ff2406ca936249aed229bd8; expires=Mon, 05 Feb 2024 14:10:40 GMT; secure; SameSite=None
oaidts=1675606240; expires=Mon, 05 Feb 2024 14:10:40 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dfcdbf455580029a0c665fe5215ac927
e5fa1eb26e208c7599a07f327dd46356b7c5e806
b118c64c81b215c1379a81a9e64aa28eb647893870c0aaae293bf6adfa311f7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=modsfire.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=modsfire.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=modsfire.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 14:10:40 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dfcdbf455580029a0c665fe5215ac927
e5fa1eb26e208c7599a07f327dd46356b7c5e806
b118c64c81b215c1379a81a9e64aa28eb647893870c0aaae293bf6adfa311f7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17075
Expires: Sun, 05 Feb 2023 18:55:15 GMT
Date: Sun, 05 Feb 2023 14:10:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17075
Expires: Sun, 05 Feb 2023 18:55:15 GMT
Date: Sun, 05 Feb 2023 14:10:40 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7d70322f4f6af3289d4d7f4c22a4c179
f2abd2a7c1575ab0b362920699143dce3ff60d75
0e5b166c8e8d91421e0122ab3863a9cdd88ca4dffa1d9beb9cdf61aca0ac95f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17075
Expires: Sun, 05 Feb 2023 18:55:15 GMT
Date: Sun, 05 Feb 2023 14:10:40 GMT
Connection: keep-alive
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
216.58.207.194200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 216.58.207.194:0
File type ASCII text, with very long lines (3504)
Hash 40b8ffdc606e81703c5f6a39df96f373
0a39b905fe6b8f947d256b01614abcdd27baef65
93cfc3bdb53008e8640dee5f3e7515b10a9b2959e69d8f2919f3d243cf547f36
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49146
date: Sun, 05 Feb 2023 14:10:40 GMT
expires: Sun, 05 Feb 2023 14:10:40 GMT
cache-control: private, max-age=3000
etag: "1675254965429469"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 12:31:54 GMT
age: 5926
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 14:53:45 GMT
age: 83816
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dbe304b5138a360ff07a9842bcf6a7f
00572f7667e322c9ef34bc35b7998c1c172dd34c
d63c58d6c96e23c61b92272de8c2aab01f4cf85f3420cc434c05447d355b1c77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F085f1306-f595-4e1a-8162-7d3d1f959ac3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9108
x-amzn-requestid: a3bffa19-86ce-4a59-b826-551deddb3e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fostZG2xIAMF0wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c188-18acd7311c6190c9486e86ac;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 01:34:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mWqq5MbsWYvQmSzPw3kTdjzTkz22mNHbOoqyiHfbxv0BhNhgFfnZGw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:52 GMT
age: 59209
etag: "00572f7667e322c9ef34bc35b7998c1c172dd34c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7d70322f4f6af3289d4d7f4c22a4c179
f2abd2a7c1575ab0b362920699143dce3ff60d75
0e5b166c8e8d91421e0122ab3863a9cdd88ca4dffa1d9beb9cdf61aca0ac95f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
216.58.211.1200 OK 9.0 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1672)
Hash 9aa683d616d8b2d10fe0100d761df816
60f84308b40072edcc24b6fd54c68247786001aa
2e8549a4bc0e1f4a4eda2637f239105e780b2ae2879c9a241b1ffe7130386e0a
GET /pagead/js/r20230201/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8993
x-xss-protection: 0
date: Sat, 04 Feb 2023 19:23:41 GMT
expires: Sat, 18 Feb 2023 19:23:41 GMT
cache-control: public, max-age=1209600
age: 67620
etag: 12355142264901698679
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
IP 34.120.237.76:0
File type gzip compressed data, max compression\012- data
Hash df32ea77560393bf1e84dc9a822cc79a
6f0c5121a06350b525e081e2809e3fcbf5a33d6a
859ca7f39e1191db7dba81990cbcaa782b4ce9907fb57fde1bc8b67254a6bf55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7288
x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WrwH-iIAMFyhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:39 GMT
etag: "17444ff60be1afbc40d3653fa936f9eaf9478068"
content-type: image/jpeg
age: 59222
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: c11233d1-ef16-4b03-9174-a493011dc0ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEoFHOKIAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8166-4a290e811547293f437311bb;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:49:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1F0bxib8bn4kZvGBTL63ecNDDEy6XZ8kIb8K5BNqusVL9SvAAARUJw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:11:45 GMT
age: 57536
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1605)
Hash aeaebc4fec11dcafa566897f3b2aa937
7b4507c8793c1ce833dccaeb7dbc956c1fd06668
c23b4a16d9468c0018f502492594408fc809fc0fe003aed2f1145ba3dca87bae
GET /pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7647
x-xss-protection: 0
date: Sat, 04 Feb 2023 19:23:41 GMT
expires: Sat, 18 Feb 2023 19:23:41 GMT
cache-control: public, max-age=1209600
age: 67620
etag: 2161395064574532456
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 14:34:21 GMT
expires: Fri, 02 Feb 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 257780
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 14:10:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/drt/ui
142.250.74.132302 Found 0 B URL HTTP/2 www.google.com/pagead/drt/ui
IP 142.250.74.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 14:10:41 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/drt/ui
142.250.74.132302 Found 0 B URL HTTP/2 www.google.com/pagead/drt/ui
IP 142.250.74.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 14:10:41 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=modsfire.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=modsfire.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=modsfire.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 05 Feb 2023 14:10:41 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b596a8e984911df703e15c72d25d513
a1fa1355f4de6f246d35bed9f128e13fc9dc4e72
aba708124199ec6b0ce86ac14c6c18d233ff405071a7f22522217c2fcb0aa9b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13557
x-amzn-requestid: 981a0f31-e874-4392-a81d-12d667020700
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH8-JGEsoAMFhZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca85a-7398031f2676734c65447e5b;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3dw5Oj2su-_kCvpC1jDJsyAEUPzaexgTzhAC9yAYSyXTFRVge2FR6Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:43 GMT
age: 57604
etag: "a1fa1355f4de6f246d35bed9f128e13fc9dc4e72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP 142.250.74.74:0
GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 14:10:39 GMT
date: Sun, 05 Feb 2023 14:10:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nanouwho.com/1?z=3858664
139.45.197.242200 OK 0 B IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=3858664 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 43c86db4089c9fa1a950e587a4b6a2c4
access-control-expose-headers: X-Sc
x-sc: qVVIe848dhqHCGNcRypTd-njXbNqa34GXvpG-xu5e_CvPjG9KFoidCuJfvR_XeVk8Io-Ygf_447Y70jwWrYfBd-_V-U=
set-cookie: scm=1; expires=Mon, 05 Feb 2024 14:10:39 GMT; secure; SameSite=None
OAID=5a9b9e6dc15748f3a942ef0b508d604c; expires=Mon, 05 Feb 2024 14:10:39 GMT; secure; SameSite=None
oaidts=1675606239; expires=Mon, 05 Feb 2024 14:10:39 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/400/5188543
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/5188543
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5188543 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: application/javascript
x-trace-id: 928293744b7f7699e417994c0b114904
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=8c1eed36dfb14d91a898bb4ae7b307b9; expires=Mon, 05 Feb 2024 14:10:39 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
188.114.99.234200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 188.114.99.234:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 21052993
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 794c3b137bd3fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
modsfire.com/download/0Xv64bDBQ4ZV3Yo/assets/js/jquery-3.3.1.js
172.67.73.172404 Not Found 0 B URL HTTP/2 modsfire.com/download/0Xv64bDBQ4ZV3Yo/assets/js/jquery-3.3.1.js
IP 172.67.73.172:0
GET /download/0Xv64bDBQ4ZV3Yo/assets/js/jquery-3.3.1.js HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
Cookie: XSRF-TOKEN=eyJpdiI6IklTMFozNG5jV3dZY2l2NGZqMktqdXc9PSIsInZhbHVlIjoiXC95NVJqYjUyUDRaT3N5MGd3cFpreGV3TFpNYnFiUEdQOUU4K2hyMThqNnpLekNBcFRUb2JaTVlkeDRnclkwQ1oiLCJtYWMiOiI3NzMyMTQ0NWNkNzk0ZGVhOTg4YTZjNTRhYTJjMGUxZTc1ZGY5ZmFlY2U2ZDRhNTY5YjI3Mjc1YWMyMDM1YWJiIn0%3D; modsfire_session=eyJpdiI6ImdwcXBPQ3NRem5yR1pHZyt3YmU5OUE9PSIsInZhbHVlIjoiNXR0cVkzOWg4TXZcL3ZFRkxxUkZxWnJyckRMTWsyMUJPckZYRVFyQVZhQ2c2anRmMDROM0JGYjBMQ3NvaXpUZTUiLCJtYWMiOiIyNzZlZjAwNDRkYTU0ZmI0Nzg1Y2RiYTM5MmMwZGE3YzZhMTQyMGJhZGMyZmZiZGU4OTE0YWQ2YWUyNmJkZWIwIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNUbxtoiqhuK0pWg0C3hkmqYcQ4iByDiOtZJVyM%2FXV2kkstLx2%2BTR43nXH7A9M4zzyI%2FLkxEJhhFeQA4bBd1mwF3vTRLiYyJFBVm%2FbETMIjVxya7URgyvBApYMlsdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c3b12b93fb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
upgulpinon.com/1?z=5030913
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/1?z=5030913
IP 139.45.197.242:0
GET /1?z=5030913 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:10:40 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 9c6570393b59867ddb16cf46bebd1299
access-control-expose-headers: X-Sc
x-sc: geN3GqkV7eEDrYI0PUP9x0osScfvBPmasOl3lM9OoQeDomyBX-0CaB_WLOi2MjfYZvP5sq-Jh3PBm7K41TgtOHB_DKs=
set-cookie: scm=1; expires=Mon, 05 Feb 2024 14:10:40 GMT; secure; SameSite=None
OAID=bbe2e1c61f9744039c76a04eec3894d2; expires=Mon, 05 Feb 2024 14:10:40 GMT; secure; SameSite=None
oaidts=1675606240; expires=Mon, 05 Feb 2024 14:10:40 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
172.67.73.172200 OK 0 B URL HTTP/2 modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
IP 172.67.73.172:0
GET /download/0Xv64bDBQ4ZV3Yo/a8f1b HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IklTMFozNG5jV3dZY2l2NGZqMktqdXc9PSIsInZhbHVlIjoiXC95NVJqYjUyUDRaT3N5MGd3cFpreGV3TFpNYnFiUEdQOUU4K2hyMThqNnpLekNBcFRUb2JaTVlkeDRnclkwQ1oiLCJtYWMiOiI3NzMyMTQ0NWNkNzk0ZGVhOTg4YTZjNTRhYTJjMGUxZTc1ZGY5ZmFlY2U2ZDRhNTY5YjI3Mjc1YWMyMDM1YWJiIn0%3D; expires=Sun, 05-Feb-2023 16:10:39 GMT; Max-Age=7200; path=/
modsfire_session=eyJpdiI6ImdwcXBPQ3NRem5yR1pHZyt3YmU5OUE9PSIsInZhbHVlIjoiNXR0cVkzOWg4TXZcL3ZFRkxxUkZxWnJyckRMTWsyMUJPckZYRVFyQVZhQ2c2anRmMDROM0JGYjBMQ3NvaXpUZTUiLCJtYWMiOiIyNzZlZjAwNDRkYTU0ZmI0Nzg1Y2RiYTM5MmMwZGE3YzZhMTQyMGJhZGMyZmZiZGU4OTE0YWQ2YWUyNmJkZWIwIn0%3D; expires=Sun, 05-Feb-2023 16:10:39 GMT; Max-Age=7200; path=/; httponly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FN8b0i2KQOd3UUQsvJJY1mCs5VkzhEava6ogop6dn7lCaOmo05rx47847X84q5rPkKLMCHfdd0S%2BssljPPPrnDdkpZXkGAFUkVu8gA8YGVg1YIOkckoW09KG9Spgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794c3b114f7ab50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
modsfire.com/download/0Xv64bDBQ4ZV3Yo/assets/js/jquery-3.3.1.js
172.67.73.172404 Not Found 0 B URL HTTP/2 modsfire.com/download/0Xv64bDBQ4ZV3Yo/assets/js/jquery-3.3.1.js
IP 172.67.73.172:0
GET /download/0Xv64bDBQ4ZV3Yo/assets/js/jquery-3.3.1.js HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
Cookie: XSRF-TOKEN=eyJpdiI6IklTMFozNG5jV3dZY2l2NGZqMktqdXc9PSIsInZhbHVlIjoiXC95NVJqYjUyUDRaT3N5MGd3cFpreGV3TFpNYnFiUEdQOUU4K2hyMThqNnpLekNBcFRUb2JaTVlkeDRnclkwQ1oiLCJtYWMiOiI3NzMyMTQ0NWNkNzk0ZGVhOTg4YTZjNTRhYTJjMGUxZTc1ZGY5ZmFlY2U2ZDRhNTY5YjI3Mjc1YWMyMDM1YWJiIn0%3D; modsfire_session=eyJpdiI6ImdwcXBPQ3NRem5yR1pHZyt3YmU5OUE9PSIsInZhbHVlIjoiNXR0cVkzOWg4TXZcL3ZFRkxxUkZxWnJyckRMTWsyMUJPckZYRVFyQVZhQ2c2anRmMDROM0JGYjBMQ3NvaXpUZTUiLCJtYWMiOiIyNzZlZjAwNDRkYTU0ZmI0Nzg1Y2RiYTM5MmMwZGE3YzZhMTQyMGJhZGMyZmZiZGU4OTE0YWQ2YWUyNmJkZWIwIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08WoILmK3BhVRbc2DWAbHw4cX2x2LAHF8vSi5Pd3DcQSt%2F5tRiNyNYM1HFSw184CtctSfNx9T4jFa90upxVBZqbPtVoc07G0RoC%2BAdw13g8eOC3M7v7rtZ4U6ec7jw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c3b13daacb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
modsfire.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675598400
172.67.73.172200 OK 0 B URL HTTP/2 modsfire.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675598400
IP 172.67.73.172:0
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675598400 HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IklTMFozNG5jV3dZY2l2NGZqMktqdXc9PSIsInZhbHVlIjoiXC95NVJqYjUyUDRaT3N5MGd3cFpreGV3TFpNYnFiUEdQOUU4K2hyMThqNnpLekNBcFRUb2JaTVlkeDRnclkwQ1oiLCJtYWMiOiI3NzMyMTQ0NWNkNzk0ZGVhOTg4YTZjNTRhYTJjMGUxZTc1ZGY5ZmFlY2U2ZDRhNTY5YjI3Mjc1YWMyMDM1YWJiIn0%3D; modsfire_session=eyJpdiI6ImdwcXBPQ3NRem5yR1pHZyt3YmU5OUE9PSIsInZhbHVlIjoiNXR0cVkzOWg4TXZcL3ZFRkxxUkZxWnJyckRMTWsyMUJPckZYRVFyQVZhQ2c2anRmMDROM0JGYjBMQ3NvaXpUZTUiLCJtYWMiOiIyNzZlZjAwNDRkYTU0ZmI0Nzg1Y2RiYTM5MmMwZGE3YzZhMTQyMGJhZGMyZmZiZGU4OTE0YWQ2YWUyNmJkZWIwIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-control-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioen5UJPRqRzKKovaPKdDceO8c0MOyoAPaL5u0Jwstn%2BqP7K%2Bf3a0a33FWpmr91BWDFAg7Ui5QcWSgqPSFTd33lVH7bWytw2h0pvM8aP63EG2RYwLB9taixQk9EkYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794c3b150c37b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
waisheph.com/5/3897313/?oo=1&aab=1
139.45.197.245200 OK 0 B URL HTTP/2 waisheph.com/5/3897313/?oo=1&aab=1
IP 139.45.197.245:0
GET /5/3897313/?oo=1&aab=1 HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://modsfire.com
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: application/json
x-trace-id: 23237ce6738ce4d1f9593316a0557013
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://modsfire.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=f93c10717ff2406ca936249aed229bd8; expires=Mon, 05 Feb 2024 14:10:39 GMT; path=/; secure; SameSite=None
oaidts=1675606239; expires=Mon, 05 Feb 2024 14:10:39 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
waisheph.com/?rb=Hk6S2A6LHGphVi-vLkNBXLcWxVVMxH7LArLRAPNIQegLz_yf4TXEbEnm5VFVZ3zxXurJex-wvTPrCLB1ZoMLuv43oZVuFW5YCnMbOvkcgXQ_BgmWdwotXWS_WKDRbAQwpK3aw0fmH45wxO3JoUVYa-9r8il1z3MduZAwr1iuSMrJHfqu8zbSOkMj7ccjG6yuJCi0abEHAyiXupOgZq6fMaB_ap6tx9wZSOOrFg%3D%3D&request_ab2=0&zoneid=3897313&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=3c2fb805-c4f3-4143-aa76-bee1af6ceadf&userId=f93c10717ff2406ca936249aed229bd8&m=link
139.45.197.245200 OK 0 B URL HTTP/2 waisheph.com/?rb=Hk6S2A6LHGphVi-vLkNBXLcWxVVMxH7LArLRAPNIQegLz_yf4TXEbEnm5VFVZ3zxXurJex-wvTPrCLB1ZoMLuv43oZVuFW5YCnMbOvkcgXQ_BgmWdwotXWS_WKDRbAQwpK3aw0fmH45wxO3JoUVYa-9r8il1z3MduZAwr1iuSMrJHfqu8zbSOkMj7ccjG6yuJCi0abEHAyiXupOgZq6fMaB_ap6tx9wZSOOrFg%3D%3D&request_ab2=0&zoneid=3897313&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=3c2fb805-c4f3-4143-aa76-bee1af6ceadf&userId=f93c10717ff2406ca936249aed229bd8&m=link
IP 139.45.197.245:0
GET /?rb=Hk6S2A6LHGphVi-vLkNBXLcWxVVMxH7LArLRAPNIQegLz_yf4TXEbEnm5VFVZ3zxXurJex-wvTPrCLB1ZoMLuv43oZVuFW5YCnMbOvkcgXQ_BgmWdwotXWS_WKDRbAQwpK3aw0fmH45wxO3JoUVYa-9r8il1z3MduZAwr1iuSMrJHfqu8zbSOkMj7ccjG6yuJCi0abEHAyiXupOgZq6fMaB_ap6tx9wZSOOrFg%3D%3D&request_ab2=0&zoneid=3897313&js_build=iclick-v1.479.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fmodsfire.com%2Fdownload%2F0Xv64bDBQ4ZV3Yo%2Fa8f1b&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.479.0&bs=3c2fb805-c4f3-4143-aa76-bee1af6ceadf&userId=f93c10717ff2406ca936249aed229bd8&m=link HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://modsfire.com/
Origin: https://modsfire.com
Connection: keep-alive
Cookie: OAID=f93c10717ff2406ca936249aed229bd8; oaidts=1675606239
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 14:10:40 GMT
content-type: application/json
x-trace-id: 3b6d927c2c60db3571fcf4baa0c21fd9
access-control-allow-origin: https://modsfire.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f93c10717ff2406ca936249aed229bd8; expires=Mon, 05 Feb 2024 14:10:40 GMT; path=/; secure; SameSite=None
oaidts=1675606240; expires=Mon, 05 Feb 2024 14:10:40 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 12 Feb 2023 14:10:40 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
modsfire.com/alt/assets/css/dw.css?7
172.67.73.172200 OK 0 B URL HTTP/2 modsfire.com/alt/assets/css/dw.css?7
IP 172.67.73.172:0
GET /alt/assets/css/dw.css?7 HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
Cookie: XSRF-TOKEN=eyJpdiI6IklTMFozNG5jV3dZY2l2NGZqMktqdXc9PSIsInZhbHVlIjoiXC95NVJqYjUyUDRaT3N5MGd3cFpreGV3TFpNYnFiUEdQOUU4K2hyMThqNnpLekNBcFRUb2JaTVlkeDRnclkwQ1oiLCJtYWMiOiI3NzMyMTQ0NWNkNzk0ZGVhOTg4YTZjNTRhYTJjMGUxZTc1ZGY5ZmFlY2U2ZDRhNTY5YjI3Mjc1YWMyMDM1YWJiIn0%3D; modsfire_session=eyJpdiI6ImdwcXBPQ3NRem5yR1pHZyt3YmU5OUE9PSIsInZhbHVlIjoiNXR0cVkzOWg4TXZcL3ZFRkxxUkZxWnJyckRMTWsyMUJPckZYRVFyQVZhQ2c2anRmMDROM0JGYjBMQ3NvaXpUZTUiLCJtYWMiOiIyNzZlZjAwNDRkYTU0ZmI0Nzg1Y2RiYTM5MmMwZGE3YzZhMTQyMGJhZGMyZmZiZGU4OTE0YWQ2YWUyNmJkZWIwIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 11:04:46 GMT
etag: W/"634e884e-a46"
expires: Wed, 15 Feb 2023 11:05:49 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1738953
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDbaHft8%2BUreml32Xjebiv0VeWwTOfn%2FnlEY03fSIV22aJjP4uev6HG4Me2A50ZJWfwZYknuBcQ5Le%2BWMz%2FJxwA4aWHqZnbplanEj5VABjwx6WFQPD5TF40n5vekQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c3b12991fb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
modsfire.com/alt/assets/css/style.css
172.67.73.172200 OK 0 B URL HTTP/2 modsfire.com/alt/assets/css/style.css
IP 172.67.73.172:0
GET /alt/assets/css/style.css HTTP/1.1
Host: modsfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/download/0Xv64bDBQ4ZV3Yo/a8f1b
Cookie: XSRF-TOKEN=eyJpdiI6IklTMFozNG5jV3dZY2l2NGZqMktqdXc9PSIsInZhbHVlIjoiXC95NVJqYjUyUDRaT3N5MGd3cFpreGV3TFpNYnFiUEdQOUU4K2hyMThqNnpLekNBcFRUb2JaTVlkeDRnclkwQ1oiLCJtYWMiOiI3NzMyMTQ0NWNkNzk0ZGVhOTg4YTZjNTRhYTJjMGUxZTc1ZGY5ZmFlY2U2ZDRhNTY5YjI3Mjc1YWMyMDM1YWJiIn0%3D; modsfire_session=eyJpdiI6ImdwcXBPQ3NRem5yR1pHZyt3YmU5OUE9PSIsInZhbHVlIjoiNXR0cVkzOWg4TXZcL3ZFRkxxUkZxWnJyckRMTWsyMUJPckZYRVFyQVZhQ2c2anRmMDROM0JGYjBMQ3NvaXpUZTUiLCJtYWMiOiIyNzZlZjAwNDRkYTU0ZmI0Nzg1Y2RiYTM5MmMwZGE3YzZhMTQyMGJhZGMyZmZiZGU4OTE0YWQ2YWUyNmJkZWIwIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:39 GMT
content-type: text/css
last-modified: Wed, 05 Oct 2022 10:09:17 GMT
etag: W/"633d57cd-67c7"
expires: Wed, 01 Feb 2023 14:55:54 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1957003
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0EB1Tb5nPEMYPOUOXBhTndB%2FbRp6notG9fF36ctpVjf5GY9UAAw6pnB%2BRAqXpqdaVeEu2EVQIuN%2B6%2ByNGARk1pqdG01ch2ysnwxrIhmWSPzGJaWf4qwCdvntjJywQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c3b12991ab50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.141.224200 OK 0 B IP 172.67.141.224:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://modsfire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 14:10:40 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:30:52 GMT
etag: W/"63dd36bc-43b7"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5561
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4L6eUBkf2QevbvUwvnm1xZWQnCEmXUhXM0Py1p5yJNNqlnvTSkREryyU5EQDbCilLd5Ch4F%2BB7Q4uhDR%2FzHFtKELalP0U%2BOF7mwKC1v7PqfISmacULj2nlTeF7mF5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794c3b18ac09b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2