firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 18 Oct 2022 20:51:31 GMT
Expires: Tue, 18 Oct 2022 21:09:12 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gS_sK4BhpLYgCRgodtsqIlmfRjQUWZEfXqnOlVqf1hNV-dnd7N9N5w==
Age: 3170
indonesiagonegay.com/t2/
99.192.227.2302 Found 216 B IP 99.192.227.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f2a4f9899fb7474eb7994e2d302a8a8e
12cabb539037af77274f09d15611ff7492bf0a2b
66c8e9268ad67f826d6876c1c554d41c94c17a7dcab4ea6ebb010feefc095d68
GET /t2/ HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 18 Oct 2022 21:44:21 GMT
Server: Apache/2
Location: https://indonesiagonegay.com/t2/
Content-Length: 216
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 10ab470535c002d333b4f27d38b51091
ed3b0850c5d75881de410f7e8ca35e012e38bd38
31d6655d048ec8a62e00125766fea65cde04beae0b11f12ce7f722c9a5f7e232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31D6655D048EC8A62E00125766FEA65CDE04BEAE0B11F12CE7F722C9A5F7E232"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5238
Expires: Tue, 18 Oct 2022 23:11:39 GMT
Date: Tue, 18 Oct 2022 21:44:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 533e1d53f291993ed5886f88a85c6e55
eb4396e8422f71168d32ac6ff3ef49496f625e62
0d1b73b2a228fe76bf14688e603741025a40803971e05570f873b28788334b33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D1B73B2A228FE76BF14688E603741025A40803971E05570F873B28788334B33"
Last-Modified: Mon, 17 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8355
Expires: Wed, 19 Oct 2022 00:03:36 GMT
Date: Tue, 18 Oct 2022 21:44:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fPEw39VpymBzR5DZbJdBrMWVYFe2zj9mSzOVYYAp2/+NpAiiS+OaSmFOIlnvL4S+D3/C74ds1ro=
x-amz-request-id: 032MV92QT2P5AT2J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 18 Oct 2022 21:36:02 GMT
age: 499
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 21:44:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a4089f6892852e7babf56e5dc5cbb2b8
f6ab5acefcb115ddb2cbc3199245ded2b5c07ee3
5f56b8b42bb3e61840b7a12bbae7badc9ecb56b052f99836aa55ad4fcef0104f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F56B8B42BB3E61840B7A12BBAE7BADC9ECB56B052F99836AA55AD4FCEF0104F"
Last-Modified: Mon, 17 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 19 Oct 2022 03:44:22 GMT
Date: Tue, 18 Oct 2022 21:44:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 18 Oct 2022 21:43:40 GMT
Cache-Control: max-age=3600
Expires: Tue, 18 Oct 2022 21:54:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ARzitoa2juHAwv1Zri5rS1uMpAkcFlrIOhLR-_-OqkSy8kYTy-vc0Q==
Age: 42
indonesiagonegay.com/t2/
99.192.227.2200 OK 1.7 kB IP 99.192.227.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3500)
Hash a59a819b7a6c40c0d1ca3c63869cb348
dc8a41e66294ae0cb4cf2297902475ab83b304b8
37482c0c05bcefa4214408826f38d8bd155a8c4ab913ec53c1ed63ad340f97e2
GET /t2/ HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/5.6.40
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1669
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 21:44:22 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c9b278637bdca251f78b46e4a0850473
a48fe5095fc27af1c6b6628149d9e8f655295621
eea38f271e134a85a7b586631a8831888ab81f0edb33120b26bd35cdfa032e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5432
Cache-Control: max-age=129175
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:44:22 GMT
Etag: "634e5e95-1d7"
Expires: Thu, 20 Oct 2022 09:37:17 GMT
Last-Modified: Tue, 18 Oct 2022 08:06:45 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 00793600302d280c0f99bf96cfb0f009
98cea63c09c9c100bfdfc64ce73946d0a916aafb
31634dcf178009925d65ad67462bfa02c239b5b5f2c9a79aecc3b9a011015957
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:44:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-154893577-15
142.250.74.168200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-154893577-15
IP 142.250.74.168:0
File type ASCII text, with very long lines (1850)
Hash c3393267dd8dfd11e7b981c4ac144c4f
2a37b4b2f2e398756e6edd2ba90784f925f3a615
e3dd8315a99c47f3312b3a2390e2b715a0b64e00a1e6f14598e2fab137f89022
GET /gtag/js?id=UA-154893577-15 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 18 Oct 2022 21:44:22 GMT
expires: Tue, 18 Oct 2022 21:44:22 GMT
cache-control: private, max-age=900
last-modified: Tue, 18 Oct 2022 21:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43019
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/css/styles.min.css
99.192.227.2200 OK 2.6 kB URL HTTP/2 indonesiagonegay.com/t2/css/styles.min.css
IP 99.192.227.2:0
File type ASCII text, with very long lines (9427), with no line terminators
Hash acba27d42fd3b058f149ec0f3ec959da
4b997b7efc13d64b3a9fdc8871ec118c542ab87c
8ee08afeb27dbf962f26b5a062d9fd14b0d3e99e81d4203c0369f3cea699ce8d
GET /t2/css/styles.min.css HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:23 GMT
etag: "24d3-5e273fc2f4220-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2642
content-type: text/css
date: Tue, 18 Oct 2022 21:44:22 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 00793600302d280c0f99bf96cfb0f009
98cea63c09c9c100bfdfc64ce73946d0a916aafb
31634dcf178009925d65ad67462bfa02c239b5b5f2c9a79aecc3b9a011015957
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:44:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.210.107.213101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.107.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YCXrYESNk42E/g0/tGOShg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XhWL3ndbZc95qUMmQgdDmxZd5vs=
indonesiagonegay.com/t2/js/fn.obfuscated.js
99.192.227.2200 OK 45 kB URL HTTP/2 indonesiagonegay.com/t2/js/fn.obfuscated.js
IP 99.192.227.2:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 64a65a52225dd9f4e815a35b11a25be9
9a905cc2b5d16b48080a7ff01435446acd34f860
1868518f98233b194f68dc01b3508fa6217efbc47fce55364ae79b7bc49105a1
GET /t2/js/fn.obfuscated.js HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:30 GMT
etag: "31026-5e273fc9a7c04-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 45387
content-type: application/javascript
date: Tue, 18 Oct 2022 21:44:22 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 7b4eb7f22440bb2781a8ff05e4e9d864
9dff29486cd80c3cf73978a0ca8ad54192621280
3ab0786ddbba553aa3585715b70b72b5937bf12133bd26df2464e3112f6ac7da
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=94217
Date: Tue, 18 Oct 2022 21:44:22 GMT
Etag: "634deb3f-1d7"
Expires: Wed, 19 Oct 2022 23:54:39 GMT
Last-Modified: Mon, 17 Oct 2022 23:54:39 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0gZC5DhL3ACcpOcU4DNQ5URVTWRVwKBCFTs4lb3VRUZy8AO-pNH3ew==
indonesiagonegay.com/t2/fonts/MyriadProBoldCond.woff2
99.192.227.2200 OK 35 kB URL HTTP/2 indonesiagonegay.com/t2/fonts/MyriadProBoldCond.woff2
IP 99.192.227.2:0
File type Web Open Font Format (Version 2), TrueType, length 35148, version 1.0\012- data
Hash 47d19f07dc8bb8f8f73f3087c460eb06
a795df7773b937aa2534003bf057757ae6ae00d3
2a9ff3a247a7612a609ebbac53f1d963ac0adad64073758a62720efd62e3fa04
GET /t2/fonts/MyriadProBoldCond.woff2 HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/css/styles.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:24 GMT
etag: "894c-5e273fc3d7ebf"
accept-ranges: bytes
content-length: 35148
vary: Accept-Encoding,User-Agent
date: Tue, 18 Oct 2022 21:44:22 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/fonts/Impact.woff2
99.192.227.2200 OK 59 kB URL HTTP/2 indonesiagonegay.com/t2/fonts/Impact.woff2
IP 99.192.227.2:0
File type Web Open Font Format (Version 2), TrueType, length 58868, version 5.0\012- data
Hash c120c3baa9610364790fd2f3292148d4
01ad0b875780fe5478d394fd35c5cec042a1a434
2043db4bc663d75d0e1aac077e06acadf79a960e36fd038f54c32338e1242a1e
GET /t2/fonts/Impact.woff2 HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/css/styles.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:23 GMT
etag: "e5f4-5e273fc328de5"
accept-ranges: bytes
content-length: 58868
vary: Accept-Encoding,User-Agent
date: Tue, 18 Oct 2022 21:44:22 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-1-mobile.jpg
99.192.227.2200 OK 167 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-1-mobile.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size 167 kB (166905 bytes)
Hash 79795d22971b8e2bad788491a999ffdc
6170818d46f9fc3589bbb91f55ca181d5521b55e
c9481f840af2493ccd0d90faf86790c6f75baf8cfcde0380d2dc72f1cbad005d
GET /t2/images/bg-1-mobile.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:52 GMT
etag: "28bf9-5e273fde53628"
accept-ranges: bytes
content-length: 166905
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:22 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-2-mobile.jpg
99.192.227.2200 OK 161 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-2-mobile.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size 161 kB (160612 bytes)
Hash 74b14bd140b7a91ea2548c42067ebf90
d47e1e3911963e0a12fd7a7528ac3c6970cf741e
58cfcbfcad030ce8d2cdea7494b46d749911611e3311baba18eb1593a9c0e598
GET /t2/images/bg-2-mobile.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:52 GMT
etag: "27364-5e273fde7225b"
accept-ranges: bytes
content-length: 160612
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:22 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-3-mobile.jpg
99.192.227.2200 OK 155 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-3-mobile.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size 155 kB (154839 bytes)
Hash f63362ba3aa404fd18fe58f306acbcd3
777119d6b19d3371b97b7a6c6240c998cd68f662
7ebf0b95c3525bdf38f4cf5c6a5881939fb235068753f4b8e61f6bab2c43fb21
GET /t2/images/bg-3-mobile.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:53 GMT
etag: "25cd7-5e273fdf1e06c"
accept-ranges: bytes
content-length: 154839
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:22 GMT
server: Apache/2
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash cda9be6f228aab3c5e44f9920aa60171
2b86a8c13bacc49bbd04b88e5b4a4f1cb1b62ed1
b89bc54a96b4375ed9fcb6e99f4b7124da67697cb6e38415ba79940b1714823f
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:44:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 22 Oct 2022 20:08:35 GMT
ETag: "2b86a8c13bacc49bbd04b88e5b4a4f1cb1b62ed1"
Last-Modified: Tue, 18 Oct 2022 20:08:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 715
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c4747a795c1c16-OSL
indonesiagonegay.com/t2/audio/1.mp3
99.192.227.2404 Not Found 315 B URL HTTP/2 indonesiagonegay.com/t2/audio/1.mp3
IP 99.192.227.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /t2/audio/1.mp3 HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-6-mobile.jpg
99.192.227.2200 OK 142 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-6-mobile.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size 142 kB (141992 bytes)
Hash 5e37d839ff5bc7afd77d702ba2288359
198bc7d37e89cdb4ab7ba511a441d93b1d8416ba
94631ffe1a3f23e8ac05a07189870d555b0c50968c77b3745c349f3cd8a9bd92
GET /t2/images/bg-6-mobile.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:54 GMT
etag: "22aa8-5e273fe0122c4"
accept-ranges: bytes
content-length: 141992
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-7-mobile.jpg
99.192.227.2200 OK 152 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-7-mobile.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size 152 kB (151747 bytes)
Hash 7742f86c8c27dc1f907e067097642814
574d4838a261a4cd56d56ddd076f5f56c4184eac
1cc979a6d026842b7c3602950e44df4ca9f78565bac591466f16be7a0c622709
GET /t2/images/bg-7-mobile.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:54 GMT
etag: "250c3-5e273fe05511b"
accept-ranges: bytes
content-length: 151747
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-4-mobile.jpg
99.192.227.2200 OK 146 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-4-mobile.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size 146 kB (146214 bytes)
Hash 24b20e40a12d8e54714a78ea5e0cbea4
4b6b65aa859ea8f504bf9e27ea100e3d22bd3fc6
3b91f2649e36c85d119e33b0824f6e5d725a05223a1f240bff72f207ac99549f
GET /t2/images/bg-4-mobile.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:53 GMT
etag: "23b26-5e273fdf510d9"
accept-ranges: bytes
content-length: 146214
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-8-mobile.jpg
99.192.227.2200 OK 156 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-8-mobile.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size 156 kB (155747 bytes)
Hash 223282093388558c67702c6770bcd774
4575d3df5a1dd01f89b4655ce69cf2b54fb5cebe
bcfc48c4a45cc4f1f78bda5c72f6ee91755e549efebcb3ba3641e6047a4f887b
GET /t2/images/bg-8-mobile.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:54 GMT
etag: "26063-5e273fe0df801"
accept-ranges: bytes
content-length: 155747
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-5-mobile.jpg
99.192.227.2200 OK 164 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-5-mobile.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x1100, components 3\012- data
Size 164 kB (163688 bytes)
Hash 77125ea406dec24c9e89216a3214b001
84df8c28d04ae8bdc92e5f51b1dea3b74e36083b
d11a375cd90db3f233c9c4ccc9f63790072846ebfca899134f7bf4043cb2af2d
GET /t2/images/bg-5-mobile.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:53 GMT
etag: "27f68-5e273fdf85c9e"
accept-ranges: bytes
content-length: 163688
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-3.jpg
99.192.227.2200 OK 305 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-3.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 305 kB (304750 bytes)
Hash 05083dda9c6ce4f396dc3c8e49da0738
68ec5d58153b060d82e70bf239bc6b3a68394039
08f3e7cf243662d6bad73a1923fc339428a776942ba9afcba9ae1e7d3bd31883
GET /t2/images/bg-3.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:52 GMT
etag: "4a66e-5e273fdeb48e1"
accept-ranges: bytes
content-length: 304750
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-7.jpg
99.192.227.2200 OK 294 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-7.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 294 kB (293654 bytes)
Hash e73a97ef330706e617f1a84100da0e7f
fb3cbc20b7ff2c9052d494f19e4e086822169f18
741860f309592fe330678bd6c5aacea46549d12d11a853b25d46c9c37285c007
GET /t2/images/bg-7.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:54 GMT
etag: "47b16-5e273fe08ac81"
accept-ranges: bytes
content-length: 293654
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-2.jpg
99.192.227.2200 OK 322 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-2.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 322 kB (321690 bytes)
Hash 0d83b0f69714e8a3c2433ef32c997f48
0661cf8de6de2bc4d8e5126638a370f8e329e785
78d7392c6284d2f7b49873f4b52a0158dbbcc71664f17545d77510cf709b117a
GET /t2/images/bg-2.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:52 GMT
etag: "4e89a-5e273fde8d3f5"
accept-ranges: bytes
content-length: 321690
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-6.jpg
99.192.227.2200 OK 264 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-6.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 264 kB (263665 bytes)
Hash eb9232b2768f98d555c4fb6d9843cb91
0fd351784cd2b9a6490668e37a60516a57db2c11
07606d95ab5639c97f843fd8b814eb26ec8683a72b6aa810561bbd1301a48ab0
GET /t2/images/bg-6.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:54 GMT
etag: "405f1-5e273fe014205"
accept-ranges: bytes
content-length: 263665
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-8.jpg
99.192.227.2200 OK 319 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-8.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 319 kB (318982 bytes)
Hash a5eafa9e95d00fb1d70eca9fc0b68dc6
51725dfac7adfe66c6ae9c7fa521c8727897f3d6
0f9e1d5e28a28745d3d45e15752fd635283eeca006065bd40dcbebba65ef2152
GET /t2/images/bg-8.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:54 GMT
etag: "4de06-5e273fe0c427e"
accept-ranges: bytes
content-length: 318982
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-5.jpg
99.192.227.2200 OK 330 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-5.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 330 kB (329802 bytes)
Hash 22901e59cd7a32ab22e28a5279308e2a
4bab173ff89685436b4fd5e143295b468be6eccc
f4b95b24afca0b9319759da78a72f90eaa8919edc25e6e70f0c72c45d36c883a
GET /t2/images/bg-5.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:53 GMT
etag: "5084a-5e273fdfaa692"
accept-ranges: bytes
content-length: 329802
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
indonesiagonegay.com/t2/images/bg-4.jpg
99.192.227.2200 OK 329 kB URL HTTP/2 indonesiagonegay.com/t2/images/bg-4.jpg
IP 99.192.227.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 329 kB (329306 bytes)
Hash b3c938b733d51df1e6f19de811638b12
21d7ef37cdcaead62f9c54401182e9ca5e429c92
b9943050f5d083ffdd6f29ae7c6bcbb6b71f8bb2012e7f0dfed58cbd9a8f7bc2
GET /t2/images/bg-4.jpg HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 27 Jun 2022 20:44:53 GMT
etag: "5065a-5e273fdf89f07"
accept-ranges: bytes
content-length: 329306
content-type: image/jpeg
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 18 Oct 2022 20:41:09 GMT
expires: Tue, 18 Oct 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 3794
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
indonesiagonegay.com/favicon.ico
99.192.227.2404 Not Found 315 B URL HTTP/2 indonesiagonegay.com/favicon.ico
IP 99.192.227.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /favicon.ico HTTP/1.1
Host: indonesiagonegay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/t2/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Tue, 18 Oct 2022 21:44:23 GMT
server: Apache/2
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0fcfa6b657f8e34f9eeaf49d51ccbc73
e508c6dbaaa34541005d8307a48f17a724471048
af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5205
Expires: Tue, 18 Oct 2022 23:11:09 GMT
Date: Tue, 18 Oct 2022 21:44:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0fcfa6b657f8e34f9eeaf49d51ccbc73
e508c6dbaaa34541005d8307a48f17a724471048
af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5205
Expires: Tue, 18 Oct 2022 23:11:09 GMT
Date: Tue, 18 Oct 2022 21:44:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0fcfa6b657f8e34f9eeaf49d51ccbc73
e508c6dbaaa34541005d8307a48f17a724471048
af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5205
Expires: Tue, 18 Oct 2022 23:11:09 GMT
Date: Tue, 18 Oct 2022 21:44:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0fcfa6b657f8e34f9eeaf49d51ccbc73
e508c6dbaaa34541005d8307a48f17a724471048
af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5205
Expires: Tue, 18 Oct 2022 23:11:09 GMT
Date: Tue, 18 Oct 2022 21:44:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e7fd6e50e59e93dd5329060ecbe7fef
1d89b8268579f42b0265df7b14f77930033b23fe
7c03b8ca2822417615d12bc133b199bb64ccdba10aa0656d1dc6843c6471b39d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6836
x-amzn-requestid: ad5ca7f1-a21c-44d3-b419-dfa7cf868e12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKzQZHPFIAMFuig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcc02-38b229432e2fbaa8779daa52;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:41:22 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dUm6WGDUVTB3WOdPSILAuSAQFCxj5sNwu2pmzi_ax7mhbrj-_tdWQg==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:55:26 GMT
etag: "1d89b8268579f42b0265df7b14f77930033b23fe"
content-type: image/jpeg
age: 85738
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27002a4f-5711-48f2-881a-f0e20e1915ec.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27002a4f-5711-48f2-881a-f0e20e1915ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a982179efd8986cbd25d330699da961
61b7ec9bac922d79593a325af174f598f5c5d484
385a31eca11d64df6b7cc405036f421bffa83eb7686a41e5ed4b14046a889586
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27002a4f-5711-48f2-881a-f0e20e1915ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9125
x-amzn-requestid: 889f0762-3653-42f2-bde8-0d5ee0ae3588
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aK0atFSCoAMFjtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcddd-28f2443b4ed9c64847e91922;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:49:17 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sMQFs5n4-c1Hd542xEDJQSRvpSg0YCih73OPrcOFQybE0m00NiKCFQ==
via: 1.1 87136170926d082ce5ff23d5ad5be32c.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 22:08:14 GMT
age: 84970
etag: "61b7ec9bac922d79593a325af174f598f5c5d484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac5c50f8ffe0da11f1adb9f67d811cf
2b586d1c26208d6fe7df3a4cec286e28f21807ca
12414dcf4afa766503c9328fe626c2d1317a0d6838887e0dd30e9b56e85ea3d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8120
x-amzn-requestid: 72dc9c52-0bd3-46db-ac5e-b5e02bfd3a3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aHu52HR_oAMFXeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634c91d8-0ad83a4e6e88d0570d559f3b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 23:20:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YMNrHVua3QwQe_vRZLZPqof9lCUX4D-MVqcjXLKOwX391UX6AaZfAg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 04:43:01 GMT
age: 61283
etag: "2b586d1c26208d6fe7df3a4cec286e28f21807ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F12c82a90-f45d-4e0f-b73c-10a7abfd551e.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F12c82a90-f45d-4e0f-b73c-10a7abfd551e.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e74f4de677631204256431e010756dd9
698ac04247bc52f9b200138ccfb8bf6184f3582f
a578e99e57e22f5ad3f8aaf102d80e4a6a79aab92ae1be6efdcf0c67968d31e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F12c82a90-f45d-4e0f-b73c-10a7abfd551e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12891
x-amzn-requestid: 57575612-3eaa-4979-b7e6-4eca29498e9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKyqfEkdIAMFvYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcb0f-0cd3874a59496e6e2f685eab;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:37:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QxJbPi0RezvItuQg75q2OkJ7tj4YHN6SQJmA9kn5XJoZKlVLLAPcxA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:55:19 GMT
age: 85745
etag: "698ac04247bc52f9b200138ccfb8bf6184f3582f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3213a7c7-0ccd-4354-bd64-432d8cd565cd.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3213a7c7-0ccd-4354-bd64-432d8cd565cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d5f3e230617c19df2161f174976caa0c
4bca04916f92c53d5f56d7553ac3677a9a14c085
b59139f61666eea62bca4ff5bb8bf36a0093f484d865f7e7c54ef94f3d31139c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3213a7c7-0ccd-4354-bd64-432d8cd565cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7205
x-amzn-requestid: 4534c655-60a2-41bd-ac80-d60614921988
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKyQxHD6oAMFbig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dca6b-1e32b5bf437ab9586a2175c5;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 737UWQdimbxdQFU9ENL9K0RrqduTRQEkw0aiST-Reztl0DD5-oH87w==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 22:08:27 GMT
age: 84957
etag: "4bca04916f92c53d5f56d7553ac3677a9a14c085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e0224bc-3141-475c-88f3-48e2d36f204f.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e0224bc-3141-475c-88f3-48e2d36f204f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ddd17c7d44a2e136710171f237ded665
577a22b126e54bfe0e4e4ce26b0fb866bc7fe007
b1327c4f33db5488ae49b1c2f7d5b49804d4245fd0bd92c41005b9045281f2a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e0224bc-3141-475c-88f3-48e2d36f204f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6352
x-amzn-requestid: c0479303-34b2-45d8-b794-4b83003312ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aHjNXE81IAMFWaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634c7f22-702cee0d437cbdc349efa2e8;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 22:01:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BAmcO20Ujqli3EGGQaTGlMbQ7VxPPQDgxv-qi3gsygBrZ0Z3tcZZuA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 22:34:39 GMT
age: 83385
etag: "577a22b126e54bfe0e4e4ce26b0fb866bc7fe007"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 654ff54a7b646a69e9827632f14649a5
21e3e26f1db908a251bcbb843a9f207af82a4ec8
b59ff13308f5425bcf62867b47001b1095067e2fec055a8ad7dda483f79b9cbb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B59FF13308F5425BCF62867B47001B1095067E2FEC055A8AD7DDA483F79B9CBB"
Last-Modified: Tue, 18 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5385
Expires: Tue, 18 Oct 2022 23:14:09 GMT
Date: Tue, 18 Oct 2022 21:44:24 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b70c0f2c4863206360c6699358341f5d
9ae4e2917fda385a9647d121d3cf973702db5908
fcc233edb7e1414a802317b9cb7d982857d7ea5dd1d88e6bf4d6d08625778522
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5081
Cache-Control: max-age=123801
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:44:24 GMT
Etag: "634e4af8-1d7"
Expires: Thu, 20 Oct 2022 08:07:45 GMT
Last-Modified: Tue, 18 Oct 2022 06:43:04 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 80f58eb695988bf482ace850ddfc24bd
6a432d1e9a2b461b2d96456baa813b959ba7da29
f0631022cbeeb1204a8fbfe188d8c4d3f687e06bb76bfed3cee4019db294cfcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:44:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wfbabfn.com/acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745
207.120.33.44200 OK 41 kB URL HTTP/2 wfbabfn.com/acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745
IP 207.120.33.44:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31139)
Hash 28101f9fd16761aa4e4b224e04f16788
0850cca3d5bb09fdcc48e708dee7bbd3878b813f
ab76cc85f940c5d1467d2da6a6620de952ff8f55f644531364a41e92cbbd41cc
Analyzer Verdict Alert quad9 Sinkholed
GET /acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745 HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://indonesiagonegay.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=74b60ce2000f77281fe3d8e809ab34e9; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 13396752
age: 0
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: 4cc11724d47f095db007608492d679d4
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
152.199.19.160200 OK 9.8 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (32033)
Hash 432ca07a1a844dbb27f9e0ab0d468be5
7fdaf858d702f84536a515c675b4028ce2eb0cfa
12732099d21835fabf83a93eec52f7cf1847cd64a0572d18917b2e13b06d5cf0
GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wfbabfn.com
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 7762009
cache-control: public,max-age=31536000
content-type: application/javascript
date: Tue, 18 Oct 2022 21:44:24 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6016dea5f80664eb009e16dd4989630a
b0aa29f72bd449aa2f33c7f9f531067fa741a6da
5dd595913b3fa11b3a64d2636abd887fa2d7dd85e16a2095d83431adf23408d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:44:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.170200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wfbabfn.com
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 23:13:29 GMT
expires: Thu, 12 Oct 2023 23:13:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 513055
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/compactML/css/clickpagay1.css
207.120.33.44200 OK 7.9 kB URL HTTP/2 wfbabfn.com/common_tpls/compactML/css/clickpagay1.css
IP 207.120.33.44:0
File type ASCII text, with very long lines (43186), with no line terminators
Hash 3bbc5834f70886cea605a03bc2bd4415
a9e82387d8fb608f39ba34239c6683ff68e949a5
6f718c5b01e4bb518e1b9df3a7cb569f1854250869d654e5f5b8d2b4ad8459a5
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/compactML/css/clickpagay1.css HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745
Cookie: PHPSESSID=74b60ce2000f77281fe3d8e809ab34e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: text/css
content-length: 7929
last-modified: Tue, 08 Mar 2022 19:21:33 GMT
etag: "6227acbd-a8b2"
content-encoding: gzip
vary: Accept-Encoding
section-io-cache-id: 462eaabea96fba716d51c86d8baa7fd3
x-varnish: 13396757 13359443
age: 2995
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 49319757a7dd5aee347d4f0db4cdc985
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/images/ajax-loader.gif
207.120.33.44200 OK 3.2 kB URL HTTP/2 wfbabfn.com/common_tpls/images/ajax-loader.gif
IP 207.120.33.44:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash be1cede97289c13920048f238fd37b85
313b867d11fc0dd6bc6ca47c334bbcf18956ca76
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/ajax-loader.gif HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745
Cookie: PHPSESSID=74b60ce2000f77281fe3d8e809ab34e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: image/gif
content-length: 3208
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
etag: "52533a73-c88"
section-io-cache-id: bfcf25ca46a99b5b9b09e3187dc0effc
x-varnish: 12907532 13703594
age: 3030
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 8c64a35975dff269b1bab73d6de8f1a0
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/images/icons/password.png
207.120.33.44200 OK 1.5 kB URL HTTP/2 wfbabfn.com/common_tpls/images/icons/password.png
IP 207.120.33.44:0
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 6f100f1cdbdce928118ffa4c9293ca5b
6b1a3593e792d4c00187d60560dd03fb42df1156
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/password.png HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745
Cookie: PHPSESSID=74b60ce2000f77281fe3d8e809ab34e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: image/png
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:34:59 GMT
etag: "599c5d33-5ac"
section-io-cache-id: 7028d0276cf50651c3f2d2fbd690e6f0
x-varnish: 12907533 12120858
age: 3308
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 412d7d5f6a425b39dbb8aabf57b37e89
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/images/icons/fname.png
207.120.33.44200 OK 1.6 kB URL HTTP/2 wfbabfn.com/common_tpls/images/icons/fname.png
IP 207.120.33.44:0
File type PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c846870756544f39604e671d4111b9d
304938c74246e228fa82d8ca40201c3db6098074
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/fname.png HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745
Cookie: PHPSESSID=74b60ce2000f77281fe3d8e809ab34e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: image/png
content-length: 1649
last-modified: Tue, 28 Nov 2017 20:52:02 GMT
etag: "5a1dcc72-671"
section-io-cache-id: a0ea9a5e6a7266f5d09e68c63f18db2a
x-varnish: 13227538 13585376
age: 3307
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 3c683be96311b1e1660e758f0ddb1833
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/images/icons/email.png
207.120.33.44200 OK 1.3 kB URL HTTP/2 wfbabfn.com/common_tpls/images/icons/email.png
IP 207.120.33.44:0
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash a86d99b9176d82a211cfa29b2f0b353f
62947ddfd87e3a21869818885e4bfa4e55ad0c11
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/email.png HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745
Cookie: PHPSESSID=74b60ce2000f77281fe3d8e809ab34e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
section-io-cache-id: d76f31ae4ea37d73fea7df0bd985d296
x-varnish: 13396760 14260966
age: 3298
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 260f725a25fec507369958b40638605a
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 80f58eb695988bf482ace850ddfc24bd
6a432d1e9a2b461b2d96456baa813b959ba7da29
f0631022cbeeb1204a8fbfe188d8c4d3f687e06bb76bfed3cee4019db294cfcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:44:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6016dea5f80664eb009e16dd4989630a
b0aa29f72bd449aa2f33c7f9f531067fa741a6da
5dd595913b3fa11b3a64d2636abd887fa2d7dd85e16a2095d83431adf23408d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:44:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
104.18.22.52200 OK 2.6 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP 104.18.22.52:0
File type ASCII text, with very long lines (27832)
Hash eaaabd3f60063923cd5333eb1d7a20a1
0da69706105e28896a1f6eeaa91d5bec1b82f7f1
f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wfbabfn.com/
Origin: https://wfbabfn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1309252
accept-ranges: bytes
server: cloudflare
cf-ray: 75c474832b630b31-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
104.18.22.52200 OK 54 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
IP 104.18.22.52:0
File type ASCII text, with very long lines (65397)
Hash dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wfbabfn.com/
Origin: https://wfbabfn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1309252
accept-ranges: bytes
server: cloudflare
cf-ray: 75c474832b600b31-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
104.18.22.52200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP 104.18.22.52:0
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wfbabfn.com/
Origin: https://wfbabfn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1309252
accept-ranges: bytes
server: cloudflare
cf-ray: 75c474832b620b31-OSL
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/images/icons/address.png
207.120.33.44200 OK 1.2 kB URL HTTP/2 wfbabfn.com/common_tpls/images/icons/address.png
IP 207.120.33.44:0
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash b579e9868402d708e54e1a980166c444
1c58e2890b934c0b1ab057f3ac28bedd2a082d19
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/images/icons/address.png HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745
Cookie: PHPSESSID=74b60ce2000f77281fe3d8e809ab34e9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: image/png
content-length: 1167
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-48f"
section-io-cache-id: 1f22b084827c4f4fd7c0443cf0bbe0a5
x-varnish: 12907534 14289308
age: 3310
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: bb0a0cae694a9c756feaba721110c205
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 25a2cca801ae19004ddce53c5b256556
5cb84e2bd69839caf25927047c8019938489221c
41c1e3a8e3afcc99b39ec164b384da3eb6ba95925fe03cfbd3ae2a767786c3b9
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:44:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 22 Oct 2022 19:37:52 GMT
ETag: "5cb84e2bd69839caf25927047c8019938489221c"
Last-Modified: Tue, 18 Oct 2022 19:37:53 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 715
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75c47483bad01c16-OSL
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 18 Oct 2022 21:44:25 GMT
via: 1.1 varnish
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 2632
x-timer: S1666129465.221160,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash daa7ca24dd05abe01a356237fa02730c
a368ec060b0e5302c1a558bccaf36da10c77701f
6618440858a316b367543404637635fceacac23e996bb62a16964c1cbbc08356
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4715
Cache-Control: max-age=90310
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 21:44:25 GMT
Etag: "634dc994-1d7"
Expires: Wed, 19 Oct 2022 22:49:35 GMT
Last-Modified: Mon, 17 Oct 2022 21:31:00 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
wfbabfn.com/acct/trk/?rtid=9961782745
207.120.33.44200 OK 21 B URL HTTP/2 wfbabfn.com/acct/trk/?rtid=9961782745
IP 207.120.33.44:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 11c7b21b83e6f692d826dcc7788960ee
36a16ca8b601706bb71f0f81cdfd91545b470d37
685bd95a4faef1479999ffee9c063d999d8fb99db53bf216079e44fff7323b91
Analyzer Verdict Alert quad9 Sinkholed
GET /acct/trk/?rtid=9961782745 HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6IjJjNDI4ODMwODk3ZDcxYTUiLCJ0ciI6IjliYWU1OTM1ZWQ0NmQ0ZTMzYzQ2ZTE4OTg3ZjY4YmVmIiwidGkiOjE2NjYxMjk0NzI4MTJ9fQ==
traceparent: 00-9bae5935ed46d4e33c46e18987f68bef-2c428830897d71a5-01
tracestate: 3355250@nr=0-1-3355250-1103078842-2c428830897d71a5----1666129472812
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745
Cookie: PHPSESSID=74b60ce2000f77281fe3d8e809ab34e9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:25 GMT
content-type: text/json;charset=UTF-8
content-length: 21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 12907542
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 5a38337f5522a7e4f9b7787c7c974118
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2878&ck=1&ref=https://wfbabfn.com/acct/epc69231/add/&ap=87&be=2302&fe=2809&dc=2803&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1666129469989,%22n%22:0,%22f%22:1572,%22dn%22:1573,%22dne%22:1606,%22c%22:1606,%22s%22:1717,%22ce%22:1837,%22rq%22:1837,%22rp%22:2188,%22rpe%22:2188,%22dl%22:2192,%22di%22:2792,%22ds%22:2803,%22de%22:2808,%22dc%22:2808,%22l%22:2808,%22le%22:2810%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2878&ck=1&ref=https://wfbabfn.com/acct/epc69231/add/&ap=87&be=2302&fe=2809&dc=2803&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1666129469989,%22n%22:0,%22f%22:1572,%22dn%22:1573,%22dne%22:1606,%22c%22:1606,%22s%22:1717,%22ce%22:1837,%22rq%22:1837,%22rp%22:2188,%22rpe%22:2188,%22dl%22:2192,%22di%22:2792,%22ds%22:2803,%22de%22:2808,%22dc%22:2808,%22l%22:2808,%22le%22:2810%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2878&ck=1&ref=https://wfbabfn.com/acct/epc69231/add/&ap=87&be=2302&fe=2809&dc=2803&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1666129469989,%22n%22:0,%22f%22:1572,%22dn%22:1573,%22dne%22:1606,%22c%22:1606,%22s%22:1717,%22ce%22:1837,%22rq%22:1837,%22rp%22:2188,%22rpe%22:2188,%22dl%22:2192,%22di%22:2792,%22ds%22:2803,%22de%22:2808,%22dc%22:2808,%22l%22:2808,%22le%22:2810%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:44:25 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75c474869c30b4f7-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=4825724dbcba7290; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=3175&ck=1&ref=https://wfbabfn.com/acct/epc69231/add/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=3175&ck=1&ref=https://wfbabfn.com/acct/epc69231/add/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=3175&ck=1&ref=https://wfbabfn.com/acct/epc69231/add/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 674
Origin: https://wfbabfn.com
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 18 Oct 2022 21:44:25 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 75c47487bd48b4f7-OSL
Access-Control-Allow-Origin: https://wfbabfn.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183e5182-d899-4aa5-9644-f2b1544cb135.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183e5182-d899-4aa5-9644-f2b1544cb135.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f6bf4f5731a4aa97b78bae1ffd519cb
5ac8a79bf62ff1dda432036aacacbb69c853eabd
f4a1ec168c097a6f2d95e6c3c790e8cb20890cb6e376faa79c8aeeee08b1f370
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183e5182-d899-4aa5-9644-f2b1544cb135.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10748
x-amzn-requestid: 0d5c19df-5776-4c7b-9f62-904adcbe6e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKyosGUJoAMFt_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcb04-44bb56725b31b5f240865d99;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:37:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IiF3b1hUN3X38JLzoLhvqggtupKgzCTBgdanlj4-OnHpHHWhXjRvvw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:46:13 GMT
age: 86297
etag: "5ac8a79bf62ff1dda432036aacacbb69c853eabd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
secentr.com/signup/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff
163.171.128.172302 Found 0 B URL HTTP/2 secentr.com/signup/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
GET /signup/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff HTTP/1.1
Host: secentr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://indonesiagonegay.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 18 Oct 2022 21:44:23 GMT
content-type: text/html; charset=UTF-8
server: PWS/8.3.1.0.8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://wfbabfn.com/acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745
via: 1.1 PSmglsjLAX2hu177:8 (W), 1.1 PSdgflkfFRA1vg90:11 (W)
x-px: ms PSdgflkfFRA1vg90FRA,ms PSmglsjLAX2hu177LAX(origin)
x-ws-request-id: 634f1e37_PSdgflkfFRA1vg90_31663-12993
set-cookie: PHPSESSID=261c21920fe43ad7416f26fbdce71349; path=/; secure; SameSite=None
HMF_CI=b227b3d942f0d087aa6bebcc2a1fb0a2574e6b254d830e8b9d4ec88d1efbf36382ba2fd66e00d350ba8d40bd315fff714f2f597cadb36fd40756918f5636d481c6; Expires=Thu, 17-Nov-22 21:44:23 GMT; Path=/
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/js/validate_form_v2.js?jsv=27
207.120.33.44200 OK 0 B URL HTTP/2 wfbabfn.com/common_tpls/js/validate_form_v2.js?jsv=27
IP 207.120.33.44:0
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/js/validate_form_v2.js?jsv=27 HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745
Cookie: PHPSESSID=74b60ce2000f77281fe3d8e809ab34e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Oct 2022 17:52:44 GMT
etag: W/"634ee7ec-5fc4"
section-io-cache-id: 1c30bf78c2168d423f51b6d164ef0fb3
x-varnish: 13396758 13155000
age: 13891
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 9badb7fdaa39eeb4c3fe2f9b41e50048
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/js/iframeResizer.contentWindow.min.js
207.120.33.44200 OK 0 B URL HTTP/2 wfbabfn.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP 207.120.33.44:0
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745
Cookie: PHPSESSID=74b60ce2000f77281fe3d8e809ab34e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 98e51d985e660a6faceddc4b4cd80c32
x-varnish: 13396761 14164851
age: 3315
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: ee2dc91643dfee48581276e0a9fc133b
X-Firefox-Spdy: h2
kit.fontawesome.com/b314bdf1b3.js
104.18.22.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/b314bdf1b3.js
IP 104.18.22.52:0
GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wfbabfn.com
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxqhKa90IuBdyA4HK1dh
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 75c474827adb0b31-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
wfbabfn.com/common_tpls/js/form_support.js?v=1003202201
207.120.33.44200 OK 0 B URL HTTP/2 wfbabfn.com/common_tpls/js/form_support.js?v=1003202201
IP 207.120.33.44:0
Analyzer Verdict Alert quad9 Sinkholed
GET /common_tpls/js/form_support.js?v=1003202201 HTTP/1.1
Host: wfbabfn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/acct/epc69231/add/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff&epcCID=o7V7541bx5A9QfCbU7X5icM8rdjfZcY7N&rtid=9961782745
Cookie: PHPSESSID=74b60ce2000f77281fe3d8e809ab34e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 Oct 2022 17:52:44 GMT
etag: W/"634ee7ec-816"
section-io-cache-id: 903b276aacdfce76d1af3e5e95513ef9
x-varnish: 12907531 14352743
age: 3328
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: dcc0f6090e7fe6bb24eada5b5f553ac3
X-Firefox-Spdy: h2
geoip.enlistsecureup.com/?v=1
163.171.128.172200 OK 0 B URL HTTP/2 geoip.enlistsecureup.com/?v=1
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
GET /?v=1 HTTP/1.1
Host: geoip.enlistsecureup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 21:44:25 GMT
content-type: application/javascript
server: waf/4.31.19-2.el6
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-via: 1.1 PS-SJC-011UH181:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
x-ws-request-id: 634f1e38_PSdgflkfFRA1vg90_29655-40194
set-cookie: HMF_CI=47b771ce3925d16cc789426dae5e01dd278bb4b9456a86a6e9b667871e9c7d349f5f99d0802c2047fb33679fc44cb5212dda969be76d0330f120c2bf3377bc1477; Expires=Thu, 17-Nov-22 21:44:25 GMT; Path=/
X-Firefox-Spdy: h2
fastlnd.com/ep.php/JK-stgngy:75881/69231:DEFAULT
54.200.116.57302 Found 0 B URL HTTP/2 fastlnd.com/ep.php/JK-stgngy:75881/69231:DEFAULT
IP 54.200.116.57:0
GET /ep.php/JK-stgngy:75881/69231:DEFAULT HTTP/1.1
Host: fastlnd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indonesiagonegay.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 18 Oct 2022 21:44:23 GMT
content-type: text/html; charset=UTF-8
location: https://secentr.com/signup/?epcVIP=63.1234.g121&b1_color=0076ce&email=&password=&firstname=&lastname=&zip=&siteg=g&act=epc69231.47308-685077.DEFAULT&theme=gasian&f_color=ffffff
set-cookie: AWSALB=IC2c5yyO04ZUnr5FtxUycyDOaCjar7cMBLAKQOq+o7BwH/8sVl2q7GB92lS6urjR3rPmMsNz0QtoIuQ2iWPBFFMO1KntuKerCdCUGJS4P5JyVojPwNU8b3qW7FuO; Expires=Tue, 25 Oct 2022 21:44:23 GMT; Path=/
AWSALBCORS=IC2c5yyO04ZUnr5FtxUycyDOaCjar7cMBLAKQOq+o7BwH/8sVl2q7GB92lS6urjR3rPmMsNz0QtoIuQ2iWPBFFMO1KntuKerCdCUGJS4P5JyVojPwNU8b3qW7FuO; Expires=Tue, 25 Oct 2022 21:44:23 GMT; Path=/; SameSite=None; Secure
vip_id=69231.47308-685077; expires=Fri, 21-Oct-2022 21:44:23 GMT; Max-Age=259200; path=/
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.10:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wfbabfn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 18 Oct 2022 21:44:24 GMT
date: Tue, 18 Oct 2022 21:44:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2