r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10715
Expires: Sun, 04 Dec 2022 12:53:25 GMT
Date: Sun, 04 Dec 2022 09:54:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2573
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:54:50 GMT
Last-Modified: Sun, 04 Dec 2022 09:11:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 09:20:05 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2085
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10364
Expires: Sun, 04 Dec 2022 12:47:34 GMT
Date: Sun, 04 Dec 2022 09:54:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1e4L7YqqH46WU/iOXTga9kDqYFbOnWcAPY4/qNQ2eThLdI4x2CCa7WsquyZze9CJ02Xc95eJKbU=
x-amz-request-id: 65MAV623VYWBGGPG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 09:47:30 GMT
age: 440
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
south-afr.com/
102.67.139.38200 OK 9.1 kB IP 102.67.139.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2525)
Hash b557764139be83702fa73c70bd369d3f
107f0fa769cf35f8ad38a42ccc4887f7ff6d9e0b
6dccc1c72e54d27528ee6ee29ee7cd91a2107aa08fd6cde33b49b31a6a1b0818
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 09:54:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
south-afr.com/css/main-page-custom.css
102.67.139.38200 OK 437 B URL HTTP/1.1 south-afr.com/css/main-page-custom.css
IP 102.67.139.38:0
Hash 56a47a62be6a2d9a8923d87b7b4d1b4b
e993cb218805a3841bcdd4793dc6d59148405df3
20266916ed4bb9af9e7a03b8dfe3eeca4559f4b1295d2387cd2d8c1504377cc4
GET /css/main-page-custom.css HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://south-afr.com/
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: text/css
Content-Length: 437
Last-Modified: Tue, 14 Jul 2020 12:16:33 GMT
Connection: keep-alive
ETag: "5f0da221-1b5"
Expires: Mon, 05 Dec 2022 09:54:51 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
south-afr.com/css/main-page.css
102.67.139.38200 OK 12 kB URL HTTP/1.1 south-afr.com/css/main-page.css
IP 102.67.139.38:0
File type CSV text\012- , ASCII text
Hash f51d54a04c8ace092cdee10a5df4a02c
711e299726f4294af33a5cb0b2ce334ccaaca6d5
b34a1f08da6e6934ee4fc77f659332751678431c9426aa3857438d608d8c8388
GET /css/main-page.css HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://south-afr.com/
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: text/css
Content-Length: 12508
Last-Modified: Wed, 26 Oct 2022 18:33:51 GMT
Connection: keep-alive
ETag: "63597d8f-30dc"
Expires: Mon, 05 Dec 2022 09:54:51 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 09:11:19 GMT
cache-control: public,max-age=3600
age: 2612
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
south-afr.com/image/ICO/main-page-ico/t-cloud-logo.svg
102.67.139.38200 OK 4.1 kB URL HTTP/1.1 south-afr.com/image/ICO/main-page-ico/t-cloud-logo.svg
IP 102.67.139.38:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1217)
Hash 350b45814262be67935df28eee61b0bd
4a6d3b036eab15069e4b3ef28a3a559c032baf5e
4f41f64290b6ed21f4604f8677279cc72c0e52d530b1a823e2d4afe157b10d5d
Analyzer Verdict Alert fortinet Phishing
GET /image/ICO/main-page-ico/t-cloud-logo.svg HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://south-afr.com/
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: image/svg+xml
Content-Length: 4116
Last-Modified: Wed, 26 Oct 2022 16:02:53 GMT
Connection: keep-alive
ETag: "63595a2d-1014"
Expires: Mon, 05 Dec 2022 09:54:51 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
south-afr.com/image/ICO/main-page-ico/card5.svg
102.67.139.38200 OK 2.4 kB URL HTTP/1.1 south-afr.com/image/ICO/main-page-ico/card5.svg
IP 102.67.139.38:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2423), with no line terminators
Hash 62ef55c6dc44bd4297fe624c600b7669
2f5bb454036af03053df47bab39db0ab0eb82d74
3b0407c2440dcf2b6d9264401f1e0a86692966341832748efadabc4f8dfad1ca
Analyzer Verdict Alert fortinet Phishing
GET /image/ICO/main-page-ico/card5.svg HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://south-afr.com/
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: image/svg+xml
Content-Length: 2423
Last-Modified: Tue, 14 Jul 2020 12:16:33 GMT
Connection: keep-alive
ETag: "5f0da221-977"
Expires: Mon, 05 Dec 2022 09:54:51 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
south-afr.com/image/ICO/main-page-ico/card3.svg
102.67.139.38200 OK 2.5 kB URL HTTP/1.1 south-afr.com/image/ICO/main-page-ico/card3.svg
IP 102.67.139.38:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2520), with no line terminators
Hash a979d8edf096cc057d934789dc5a3360
50ab09f59ccf314d4a3577901c562a891b4aac2c
f058e20a59d27529393e89a8b3f17103fdf7c2fc903f713bca3a80cf838dade4
Analyzer Verdict Alert fortinet Phishing
GET /image/ICO/main-page-ico/card3.svg HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://south-afr.com/
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: image/svg+xml
Content-Length: 2520
Last-Modified: Tue, 14 Jul 2020 12:16:33 GMT
Connection: keep-alive
ETag: "5f0da221-9d8"
Expires: Mon, 05 Dec 2022 09:54:51 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
south-afr.com/image/ICO/main-page-ico/card1.svg
102.67.139.38200 OK 2.0 kB URL HTTP/1.1 south-afr.com/image/ICO/main-page-ico/card1.svg
IP 102.67.139.38:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2015), with no line terminators
Hash 7e6202a06c12a08e54541efe092914bc
2286e8286de5450ad45b54aa4a278973abd7816c
dd90d6d0e706f4d50e338ea80c90ceab16f09514f04fcd39a4fcdcf2146e3553
Analyzer Verdict Alert fortinet Phishing
GET /image/ICO/main-page-ico/card1.svg HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://south-afr.com/
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: image/svg+xml
Content-Length: 2015
Last-Modified: Tue, 14 Jul 2020 12:16:33 GMT
Connection: keep-alive
ETag: "5f0da221-7df"
Expires: Mon, 05 Dec 2022 09:54:51 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2562
Cache-Control: max-age=86082
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 09:54:51 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:49:33 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
south-afr.com/image/ICO/main-page-ico/bg-top.svg
102.67.139.38200 OK 2.5 kB URL HTTP/1.1 south-afr.com/image/ICO/main-page-ico/bg-top.svg
IP 102.67.139.38:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2501), with no line terminators
Hash 3e5f480261a24321072bed5c4ed8664f
d91ed8e5ff6c99844f1560d78549b13e8c6da516
5fa590915da6fa8fab5e345a1a39f100e10492c184e5701725352d57868f7e85
Analyzer Verdict Alert fortinet Phishing
GET /image/ICO/main-page-ico/bg-top.svg HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://south-afr.com/css/main-page.css
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: image/svg+xml
Content-Length: 2501
Last-Modified: Wed, 26 Oct 2022 15:48:32 GMT
Connection: keep-alive
ETag: "635956d0-9c5"
Expires: Mon, 05 Dec 2022 09:54:51 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
south-afr.com/image/ICO/main-page-ico/bg-bottom.svg
102.67.139.38200 OK 1.3 kB URL HTTP/1.1 south-afr.com/image/ICO/main-page-ico/bg-bottom.svg
IP 102.67.139.38:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1310), with no line terminators
Hash 6f757bd016369053642496df4b4b48a5
64b86caed0c40545c07bdd3b038b0290bc2faa95
9f60d5ee596523573903bf409d48acad416ca797409bcd042c2b1b2800032568
Analyzer Verdict Alert fortinet Phishing
GET /image/ICO/main-page-ico/bg-bottom.svg HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://south-afr.com/css/main-page.css
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: image/svg+xml
Content-Length: 1310
Last-Modified: Wed, 26 Oct 2022 15:53:10 GMT
Connection: keep-alive
ETag: "635957e6-51e"
Expires: Mon, 05 Dec 2022 09:54:51 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
south-afr.com/image/ICO/main-page-ico/card4.svg
102.67.139.38200 OK 2.4 kB URL HTTP/1.1 south-afr.com/image/ICO/main-page-ico/card4.svg
IP 102.67.139.38:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2422), with no line terminators
Hash 3a56b995602d065044df37d4adb9e459
addee2504913f0066bbbc73970f93511fd25630e
74f04ea315a07a88c32c418374d992106398c216f15415f88d15aa961d56591c
Analyzer Verdict Alert fortinet Phishing
GET /image/ICO/main-page-ico/card4.svg HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://south-afr.com/
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: image/svg+xml
Content-Length: 2422
Last-Modified: Tue, 14 Jul 2020 12:16:33 GMT
Connection: keep-alive
ETag: "5f0da221-976"
Expires: Mon, 05 Dec 2022 09:54:51 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
south-afr.com/image/ICO/main-page-ico/card2.svg
102.67.139.38200 OK 3.7 kB URL HTTP/1.1 south-afr.com/image/ICO/main-page-ico/card2.svg
IP 102.67.139.38:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3703), with no line terminators
Hash 6b069127263b4f4717be9030cf4c6363
47815ae498bb13e9b1fed67b47e56ae96e605c52
69192a0ec0b461a1b244311f8e616a240c67bb49bab2f4a5cbc665bdc7892a7b
Analyzer Verdict Alert fortinet Phishing
GET /image/ICO/main-page-ico/card2.svg HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://south-afr.com/
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: image/svg+xml
Content-Length: 3703
Last-Modified: Tue, 14 Jul 2020 12:16:33 GMT
Connection: keep-alive
ETag: "5f0da221-e77"
Expires: Mon, 05 Dec 2022 09:54:51 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
push.services.mozilla.com/
52.39.94.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.94.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XGOq8E9G+ZDrPFuQin64GQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2qHxF9OaPG+uTBkyTeXlX7MOCTI=
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash fd1ce52f86270af09d1889306bbf19cb
2729d337bcd15af0ab7f29a16cf0ff0925034caa
235bbf9511b663b6a78504c3a985f286f459d0fbaf3400bf4bb64404066de8af
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Thu, 08 Dec 2022 08:29:24 GMT
ETag: "2729d337bcd15af0ab7f29a16cf0ff0925034caa"
Last-Modified: Sun, 04 Dec 2022 08:29:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1958
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7743a9c27e881c0e-OSL
south-afr.com/image/ICO/main-page-ico/cloud500.png
102.67.139.38200 OK 108 kB URL HTTP/1.1 south-afr.com/image/ICO/main-page-ico/cloud500.png
IP 102.67.139.38:0
File type PNG image data, 633 x 558, 8-bit/color RGBA, non-interlaced\012- data
Size 108 kB (108382 bytes)
Hash 3c38d2468f65a8e03f0a2dec1916003c
7694c4fb416e5191b98279b23e8f772c70a5c9ab
e166ba36d1ecdc98a199715052b48a27a69e3bed3bd2317d3ba2c776328d85f4
GET /image/ICO/main-page-ico/cloud500.png HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://south-afr.com/
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: image/png
Content-Length: 108382
Last-Modified: Tue, 14 Jul 2020 12:16:33 GMT
Connection: keep-alive
ETag: "5f0da221-1a75e"
Expires: Mon, 05 Dec 2022 09:54:51 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
south-afr.com/favicon.ico?v=1.1
102.67.139.38200 OK 1.2 kB URL HTTP/1.1 south-afr.com/favicon.ico?v=1.1
IP 102.67.139.38:0
File type MS Windows icon resource - 1 icon, 16x17, 32 bits/pixel\012- data
Hash 388357fa38c80edf8e53a09ca05ce7a7
c620819376c66792d25b381ef41235be050c0a62
6288fe20a6b90b61329d85b5deab17262d727ddd2b5cc9e4640a1598c26f997f
Analyzer Verdict Alert fortinet Phishing
GET /favicon.ico?v=1.1 HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://south-afr.com/
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: image/x-icon
Content-Length: 1218
Last-Modified: Tue, 04 Feb 2020 09:59:25 GMT
Connection: keep-alive
ETag: "5e39407d-4c2"
Accept-Ranges: bytes
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://south-afr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73266
date: Sun, 04 Dec 2022 09:54:51 GMT
access-control-allow-origin: *
etag: "6388ac0c-11e32"
expires: Sun, 04 Dec 2022 10:54:51 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
south-afr.com/image/ICO/main-page-ico/main-image.png
102.67.139.38200 OK 356 kB URL HTTP/1.1 south-afr.com/image/ICO/main-page-ico/main-image.png
IP 102.67.139.38:0
File type PNG image data, 667 x 626, 8-bit/color RGBA, non-interlaced\012- data
Size 356 kB (355880 bytes)
Hash e5ffb49c3742165ec229e2b9029a5fd7
2499758aebc4081935cf3e7ba9e5794e38a8095a
ca296bd46f41c0333181031709c48e4fd5a831d6bcf6268e70fd259628372d86
GET /image/ICO/main-page-ico/main-image.png HTTP/1.1
Host: south-afr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://south-afr.com/
HTTP/1.1 200 OK
Server: nginx/1.10.3
Date: Sun, 04 Dec 2022 09:54:51 GMT
Content-Type: image/png
Content-Length: 355880
Last-Modified: Tue, 14 Jul 2020 12:16:33 GMT
Connection: keep-alive
ETag: "5f0da221-56e28"
Expires: Mon, 05 Dec 2022 09:54:51 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://south-afr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 04 Dec 2022 09:54:52 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Sun, 04 Dec 2022 10:54:52 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66355789/1?wmode=7&page-url=http%3A%2F%2Fsouth-afr.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A485529022267%3Ahid%3A208011091%3Az%3A0%3Ai%3A20221204095449%3Aet%3A1670147690%3Ac%3A1%3Arn%3A101003185%3Arqn%3A1%3Au%3A167014769060197304%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C165%2C206%2C0%2C-5%2C0%2C%2C307%2C4%2C%2C%2C%2C675%3Aco%3A0%3Ans%3A1670147688292%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670147690%3At%3At-loud&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
77.88.21.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/66355789/1?wmode=7&page-url=http%3A%2F%2Fsouth-afr.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A485529022267%3Ahid%3A208011091%3Az%3A0%3Ai%3A20221204095449%3Aet%3A1670147690%3Ac%3A1%3Arn%3A101003185%3Arqn%3A1%3Au%3A167014769060197304%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C165%2C206%2C0%2C-5%2C0%2C%2C307%2C4%2C%2C%2C%2C675%3Aco%3A0%3Ans%3A1670147688292%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670147690%3At%3At-loud&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 258ce9886dcdb4b77146bbc03ecd4c2e
f3300c23f28295af4609284772486e9f91107b1b
ef54addde6612a559af6ed419e8b26fc05f6af622610f880c9abc221cb86867b
GET /watch/66355789/1?wmode=7&page-url=http%3A%2F%2Fsouth-afr.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A485529022267%3Ahid%3A208011091%3Az%3A0%3Ai%3A20221204095449%3Aet%3A1670147690%3Ac%3A1%3Arn%3A101003185%3Arqn%3A1%3Au%3A167014769060197304%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C165%2C206%2C0%2C-5%2C0%2C%2C307%2C4%2C%2C%2C%2C675%3Aco%3A0%3Ans%3A1670147688292%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670147690%3At%3At-loud&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://south-afr.com
Referer: http://south-afr.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Sun, 04 Dec 2022 09:54:52 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://south-afr.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 04-Dec-2022 09:54:52 GMT
last-modified: Sun, 04-Dec-2022 09:54:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10927
Expires: Sun, 04 Dec 2022 12:57:00 GMT
Date: Sun, 04 Dec 2022 09:54:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10927
Expires: Sun, 04 Dec 2022 12:57:00 GMT
Date: Sun, 04 Dec 2022 09:54:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 43511
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 43852
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 14373
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85837b29-ffdd-4915-a6ab-8d0721427d1b.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85837b29-ffdd-4915-a6ab-8d0721427d1b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 591104ff3c76193fe3c24fbbbb332f7d
aa134912d4f5ddfb371c45d9975506246af68400
af0cbb5c37c901019c1e684fe9a019bb7a2fb8359909ab831b7ff86cbc3d0fec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85837b29-ffdd-4915-a6ab-8d0721427d1b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9356
x-amzn-requestid: 11f22578-a356-4f74-99bf-6d8462e25fdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ckdKGG8RIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b4240-5c5fa5332d60db084c8d3bb6;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 12:34:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QjicIljz29ZU_XTAeiVG5u_Y6unOHCN1CzOBdtnyDRckYwsPkWToBg==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:29:03 GMT
age: 15950
etag: "aa134912d4f5ddfb371c45d9975506246af68400"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 43492
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e5fc40e9e626a035abde2964ba0959
e800712e4f8d9589670d8ee3a744ac0aedf7b6e3
64a41309871b71682370e2b2f3735ac70039802fff4e1e46013f5aa1f15b4084
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6901
x-amzn-requestid: 5dd4545b-c48a-4fa2-8aa5-c7d0a5efeafe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsByFqCoAMF4CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc071-6b96e54876cde366748564d6;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sOtbi4sBuEPzvS_l6X_w5S5BeHb1DROkFmpNDTlvo57kUVeYN6ra3A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 43934
etag: "e800712e4f8d9589670d8ee3a744ac0aedf7b6e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/watch/66355789?wmode=7&page-url=http%3A%2F%2Fsouth-afr.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A485529022267%3Ahid%3A208011091%3Az%3A0%3Ai%3A20221204095449%3Aet%3A1670147690%3Ac%3A1%3Arn%3A101003185%3Arqn%3A1%3Au%3A167014769060197304%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C165%2C206%2C0%2C-5%2C0%2C%2C307%2C4%2C%2C%2C%2C675%3Aco%3A0%3Ans%3A1670147688292%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670147690%3At%3At-loud&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/66355789?wmode=7&page-url=http%3A%2F%2Fsouth-afr.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A485529022267%3Ahid%3A208011091%3Az%3A0%3Ai%3A20221204095449%3Aet%3A1670147690%3Ac%3A1%3Arn%3A101003185%3Arqn%3A1%3Au%3A167014769060197304%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C165%2C206%2C0%2C-5%2C0%2C%2C307%2C4%2C%2C%2C%2C675%3Aco%3A0%3Ans%3A1670147688292%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670147690%3At%3At-loud&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
GET /watch/66355789?wmode=7&page-url=http%3A%2F%2Fsouth-afr.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A485529022267%3Ahid%3A208011091%3Az%3A0%3Ai%3A20221204095449%3Aet%3A1670147690%3Ac%3A1%3Arn%3A101003185%3Arqn%3A1%3Au%3A167014769060197304%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C165%2C206%2C0%2C-5%2C0%2C%2C307%2C4%2C%2C%2C%2C675%3Aco%3A0%3Ans%3A1670147688292%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670147690%3At%3At-loud&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://south-afr.com
Connection: keep-alive
Referer: http://south-afr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/66355789/1?wmode=7&page-url=http%3A%2F%2Fsouth-afr.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A682%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A485529022267%3Ahid%3A208011091%3Az%3A0%3Ai%3A20221204095449%3Aet%3A1670147690%3Ac%3A1%3Arn%3A101003185%3Arqn%3A1%3Au%3A167014769060197304%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A2%2C165%2C206%2C0%2C-5%2C0%2C%2C307%2C4%2C%2C%2C%2C675%3Aco%3A0%3Ans%3A1670147688292%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670147690%3At%3At-loud&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 04 Dec 2022 09:54:52 GMT
access-control-allow-origin: http://south-afr.com
set-cookie: yabs-sid=2680463501670147692; Path=/; SameSite=None; Secure
i=CYSeswBMICJLZ8rloUU/oRZgAwjiQZGCzvcPjvmvZe648SgaaPzl05DYe31x5oN1aTKUrr+aR4syuu8CZN1Gbr0yBFA=; Expires=Wed, 01-Dec-2032 09:54:49 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4529973701670147692; Expires=Mon, 04-Dec-2023 09:54:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4529973701670147692; Expires=Mon, 04-Dec-2023 09:54:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701683692.yc.1670147692#1701683692.yrts.1670147692#1701683692.yrtsi.1670147692; Expires=Mon, 04-Dec-2023 09:54:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 04-Dec-2022 09:54:52 GMT
last-modified: Sun, 04-Dec-2022 09:54:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2