football1x2.bet/
153.92.215.164301 Moved Permanently 707 B IP 153.92.215.164:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: football1x2.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 22 Dec 2022 23:26:55 GMT
server: LiteSpeed
location: https://football1x2.bet/
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
vary: User-Agent
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
permissions-policy:
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bbea1550fedd5eb9c265712fab75b137
2c2f981747898a380265f766345f2bb9c8c983fd
c728286e38c31a4d3f7a39702e0a5f69c14bf69e01a88bc4479714953fbda278
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C728286E38C31A4D3F7A39702E0A5F69C14BF69E01A88BC4479714953FBDA278"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5761
Expires: Fri, 23 Dec 2022 01:02:56 GMT
Date: Thu, 22 Dec 2022 23:26:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b8fbcd7ca1a893d05677318a8a198e7a
0851654c21f6e3741887e7deab8098c1dc56f33c
edbade5913ace2fcbb932922e9af69acb2e8759474a2eeaec216307247fea361
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDBADE5913ACE2FCBB932922E9AF69ACB2E8759474A2EEAEC216307247FEA361"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4096
Expires: Fri, 23 Dec 2022 00:35:11 GMT
Date: Thu, 22 Dec 2022 23:26:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 22 Dec 2022 22:34:41 GMT
content-type: application/json
age: 3134
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4617
Expires: Fri, 23 Dec 2022 00:43:52 GMT
Date: Thu, 22 Dec 2022 23:26:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5DMyVVSxOZElF4N75qO76cwDF8mDqAT9l0qKcCVpnd8cQkjxftHh6xi9yh8px5E9ReSuvChJQxo=
x-amz-request-id: RWM7JSYKFKGMHNJW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 22 Dec 2022 22:53:50 GMT
age: 1985
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Dec 2022 23:26:55 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
football1x2.bet/
153.92.215.164301 Moved Permanently 0 B IP 153.92.215.164:0
ASN #47583 Hostinger International Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: football1x2.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-powered-by: PHP/8.0.25
x-litespeed-tag: 2ac_HTTP.301
x-redirect-by: Simple Website Redirect 1.2.8
location: https://fixedmatch.vip/
x-litespeed-cache-control: no-cache
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 22 Dec 2022 23:26:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
vary: User-Agent
content-security-policy: upgrade-insecure-requests
expect-ct: max-age=7776000, enforce
permissions-policy:
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 22 Dec 2022 22:33:24 GMT
age: 3212
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 70a7b165f99b2b8fa0dc98318a7158d7
4d924f7febab9c8fe3fe9199e8879fd6ad892575
c5e0e414c34f2f328b487ae72b21a12a1b50d952aa1a31fb6314b4e700d27e05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2633
Cache-Control: max-age=123827
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:26:56 GMT
Etag: "63a41e2a-1d7"
Expires: Sat, 24 Dec 2022 09:50:43 GMT
Last-Modified: Thu, 22 Dec 2022 09:06:50 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=G-NHZNFVVLC4
142.250.74.40200 OK 80 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-NHZNFVVLC4
IP 142.250.74.40:0
File type ASCII text, with very long lines (26337)
Hash d7e2b0ca1343c37fac3368a458fc4d00
93c5b76328186d48e8caf7edb31f3b16b384ea9a
07781a4396ed9f8b73ce06d283622dc9bbaf245f3f94b049f817ff1562f2fbfd
GET /gtag/js?id=G-NHZNFVVLC4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fixedmatch.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Dec 2022 23:26:56 GMT
expires: Thu, 22 Dec 2022 23:26:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79896
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
216.58.207.227200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 18260, version 1.0\012- data
Hash 6dea752293556883fdae057d588b0bb1
e4d090e03bb920f5ddf7b09937428b2a0a2a9ee0
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
GET /s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fixedmatch.vip
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Dec 2022 16:36:27 GMT
expires: Fri, 22 Dec 2023 16:36:27 GMT
cache-control: public, max-age=31536000
age: 24629
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fixedmatch.vip
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Dec 2022 15:42:33 GMT
expires: Wed, 20 Dec 2023 15:42:33 GMT
cache-control: public, max-age=31536000
age: 200663
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Dec 2022 23:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.223.160.237101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.223.160.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wkRU11Au/Y2gS3WcsjaW4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: m6BLZFTJ20ORKVDbQczIdjxmdrw=
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fixedmatch.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 22 Dec 2022 21:34:02 GMT
expires: Thu, 22 Dec 2022 23:34:02 GMT
cache-control: public, max-age=7200
age: 6774
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-NHZNFVVLC4>m=2oebu0&_p=1310740712&cid=635022330.1671751616&ul=en-us&sr=1280x1024&_s=1&sid=1671751615&sct=1&seg=0&dl=https%3A%2F%2Ffixedmatch.vip%2F&dt=FIXED%20MATCHES%20FOOTBALL%20BETS%20-%20football%20fixed%20matches%20betting%2C%20soccer%20fixed%20matches%20betting%20tips%201x2%2C%20correct%20score%20fixed%20matches%2C%20fixed%20matches%20today%2C%20daily%20fixed%20matches%201x2%3B&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-NHZNFVVLC4>m=2oebu0&_p=1310740712&cid=635022330.1671751616&ul=en-us&sr=1280x1024&_s=1&sid=1671751615&sct=1&seg=0&dl=https%3A%2F%2Ffixedmatch.vip%2F&dt=FIXED%20MATCHES%20FOOTBALL%20BETS%20-%20football%20fixed%20matches%20betting%2C%20soccer%20fixed%20matches%20betting%20tips%201x2%2C%20correct%20score%20fixed%20matches%2C%20fixed%20matches%20today%2C%20daily%20fixed%20matches%201x2%3B&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-NHZNFVVLC4>m=2oebu0&_p=1310740712&cid=635022330.1671751616&ul=en-us&sr=1280x1024&_s=1&sid=1671751615&sct=1&seg=0&dl=https%3A%2F%2Ffixedmatch.vip%2F&dt=FIXED%20MATCHES%20FOOTBALL%20BETS%20-%20football%20fixed%20matches%20betting%2C%20soccer%20fixed%20matches%20betting%20tips%201x2%2C%20correct%20score%20fixed%20matches%2C%20fixed%20matches%20today%2C%20daily%20fixed%20matches%201x2%3B&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fixedmatch.vip
Connection: keep-alive
Referer: https://fixedmatch.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://fixedmatch.vip
date: Thu, 22 Dec 2022 23:26:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6256
Expires: Fri, 23 Dec 2022 01:11:14 GMT
Date: Thu, 22 Dec 2022 23:26:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6256
Expires: Fri, 23 Dec 2022 01:11:14 GMT
Date: Thu, 22 Dec 2022 23:26:58 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.1.1
142.250.74.106200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.1.1
IP 142.250.74.106:0
Hash 3628388ce15811bbe9fc5f6ee94d4205
51e65979b15bab16bc5762c149efd563038a321d
de5b025650d8fe1935cb3959979dc8a1bb1378161b9dcafb125bd216bd547a08
GET /css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fixedmatch.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Dec 2022 23:26:56 GMT
date: Thu, 22 Dec 2022 23:26:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6256
Expires: Fri, 23 Dec 2022 01:11:14 GMT
Date: Thu, 22 Dec 2022 23:26:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6256
Expires: Fri, 23 Dec 2022 01:11:14 GMT
Date: Thu, 22 Dec 2022 23:26:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e289df1-a1b6-4a7a-a3f0-0326ee48b354.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e289df1-a1b6-4a7a-a3f0-0326ee48b354.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ada16d13af9310487aee9dae29df40fd
fcecaab531e403f8d5912cf29d977e549f96765b
66b7f13460489f1cd5f09b44cebadcf2f459b46aa6ff0c984c10fe0a48062942
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e289df1-a1b6-4a7a-a3f0-0326ee48b354.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8628
x-amzn-requestid: bf74fd40-dfac-4565-8e8d-a79bdaf4e1ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVJpaHvTIAMF9ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebca2-29fa0add445d8e0d1691645d;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:09:22 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: v_cc-cskoH2Fd8guDwxt7OhXQozpMVr77b5YvSz5q3NQidTA3R5B2g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 07:31:19 GMT
age: 57339
etag: "fcecaab531e403f8d5912cf29d977e549f96765b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba282dd4-f1e4-4f5c-9a46-b6e71aa327de.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba282dd4-f1e4-4f5c-9a46-b6e71aa327de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e49802d7e560d6e9b5d17111d531af4d
c2c523d207935363931aa17cd9aaabb9a48c28a0
255ac832533c579d57dac6adc330f83d39de222b3496277b2394afc15fe74535
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba282dd4-f1e4-4f5c-9a46-b6e71aa327de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8732
x-amzn-requestid: 25cbd9e6-ad97-4369-a02c-e740030b437c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: defNLECQIAMFiQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a278ba-4e1a2cd801c389584e320ffe;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: msS0IMqy7kSdOGD3i1aqSjALrtrypvo0EFsqYOyZNo_hmCaFKWn6Uw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 04:23:27 GMT
age: 68611
etag: "c2c523d207935363931aa17cd9aaabb9a48c28a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef779b-50c4-426a-bb0e-48c0920e42f4.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef779b-50c4-426a-bb0e-48c0920e42f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcdd5fc33823bcbfee082a3c0f2b083a
ed38fa97bee58621ef44a2ea6fbe4c291a12e12e
0ef1916483458d2c629077614f5ba5ea268c85679e60e8e14c7d4ca4993b674a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef779b-50c4-426a-bb0e-48c0920e42f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5642
x-amzn-requestid: e4e58ace-9158-4419-b3da-ed0e5502fdd7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVJviFUAoAMFifg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebcc9-1c38199e663a289b775de5df;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:10:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mrKTso9Ew9gzmJSilPJfvh1VkrxZyoDiTvakJOn7exvwnhfXHd_Srw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 05:59:56 GMT
age: 62822
etag: "ed38fa97bee58621ef44a2ea6fbe4c291a12e12e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: c3930b44-f511-481e-9243-1e41542c5453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUqqEcwoAMFa6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce44-15ae4def22a8ffbe1df7766d;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qU6hgP1LxDJX8uzofjonSFCL6Th5MAtbFEbUpE0bqCteZFGyRJCr7A==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:38:12 GMT
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
age: 6526
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4d8b8ab-ff79-4e93-97dc-b4b7d18e0b5b.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4d8b8ab-ff79-4e93-97dc-b4b7d18e0b5b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c276f786c96caac3f6a2b1cb20e4993
233988de2b66d8d97e0f21cbd1a182a9b4bd162f
bd5418d62aabf5e38f5c06409d0e1144f101d045072513150d5f16ffc2df169c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4d8b8ab-ff79-4e93-97dc-b4b7d18e0b5b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6645
x-amzn-requestid: 0f18f9e7-c8b3-4250-8156-96d3ea8a9749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVuQE5fIAMFeXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a40327-520100d2431fabd14317afe3;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UYAT01ECmYKrp25iLBix5K0qdahEvfppThLwVjcQOffxq0UI9PEKsg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 07:16:19 GMT
age: 58239
etag: "233988de2b66d8d97e0f21cbd1a182a9b4bd162f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83469489-464a-4345-8fc1-3aab3854de0a.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83469489-464a-4345-8fc1-3aab3854de0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86c588ce8a5cde9b24e6f80343cf7c14
014622b9d2cac3527649ed02a7615897d08e5fe8
2ca9290c5c7ce52bd26e94c37c73a3e85a3cd22f80c39f447ea6fa0eb83f1766
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83469489-464a-4345-8fc1-3aab3854de0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 6786c31f-0a15-4672-891b-b3f5fa95be3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dUnBMGc6IAMF69A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e853a-4df873cb385b2aa700ea6aba;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 03:12:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zMcUnolIzg5W-u3NO-59k78GrfqJWNUYD2Gqx0FSv7lQ-o2IJ_6EOw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 01:57:00 GMT
age: 77398
etag: "014622b9d2cac3527649ed02a7615897d08e5fe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fixedmatch.vip/
153.92.220.178200 OK 0 B IP 153.92.220.178:0
ASN #47583 Hostinger International Limited
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: fixedmatch.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/8.0.24
content-type: text/html; charset=UTF-8
link: <https://fixedmatch.vip/wp-json/>; rel="https://api.w.org/"
etag: "1211-1671734439;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Thu, 22 Dec 2022 23:26:56 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2