r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3304
Expires: Thu, 01 Dec 2022 12:51:36 GMT
Date: Thu, 01 Dec 2022 11:56:32 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1489
Cache-Control: max-age=169169
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:56:32 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 10:56:01 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 11:19:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2206
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6281
Expires: Thu, 01 Dec 2022 13:41:13 GMT
Date: Thu, 01 Dec 2022 11:56:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: m6FKR3Nv27V9w/ssHMYIysXP5tQMHa/TB68rpzBE5jvNOshw6ywWH/9vvtMAPgsAWhLI6dKJFsI=
x-amz-request-id: PKK2NDMKTBN8HYQK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 11:46:15 GMT
age: 617
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
soldfly.com/zw
68.178.247.221301 Moved Permanently 230 B IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 615ceb2926eba39269f15b2723d7ca45
efc9bdd04a38e71c63740c02eeed115ab1450806
3497a32fd6d4d5ec27f13682bb88e32f1e7f4d63bd1a812bbb3ee26278de5b22
Analyzer Verdict Alert fortinet Phishing
GET /zw HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 11:56:32 GMT
Server: Apache
Location: http://soldfly.com/zw/
Content-Length: 230
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 11:56:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
soldfly.com/zw/
68.178.247.221200 OK 4.6 kB IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash c2a6dbe996d162fed5b7509a3bf46986
0a8dde57417906799083de4cf59bf87e75d8dfc6
8bd800efb5e47102d3cf3390ccc7431303277f5c5c2cac471c3556ad2160e122
Analyzer Verdict Alert urlquery Promotion scam / Brand infringement
fortinet Phishing
GET /zw/ HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:32 GMT
Server: Apache
Last-Modified: Wed, 14 Sep 2022 10:08:58 GMT
ETag: "35a2169-469c-5e8a0512f0280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4580
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html
widgets.amung.us/small.js
104.22.75.171200 OK 3.5 kB URL HTTP/1.1 widgets.amung.us/small.js
IP 104.22.75.171:0
File type ASCII text, with very long lines (8560), with no line terminators
Hash 08283f674ed2a3a87b0ca0b64950ef28
1d6018c4a9104d337726cfe9f67b43ff37acc0cb
442e1c2e9e1692d86c6c4df3c68167fbddb4ec4ec7fa90258fd683f5a5f3578d
GET /small.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:32 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Tue, 29 Nov 2022 16:55:25 GMT
etag: W/"6386397d-2170"
expires: Fri, 02 Dec 2022 11:21:29 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 2103
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772ba3df28279914-ARN
randomuser.me/api/portraits/women/16.jpg
188.114.96.1200 OK 6.9 kB URL HTTP/2 randomuser.me/api/portraits/women/16.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 2d6d19aa420764f4d4343aa57a81ab0c
ba0e62d8ef8830bcadb1f6258e134d0225bf955d
cc6b757fbf1174ae601b39aa711d6dfcda1b236001a2f3a67c4293d73c9fd714
GET /api/portraits/women/16.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:56:32 GMT
content-type: image/jpeg
content-length: 6888
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-1ae8"
expires: Sun, 04 Dec 2022 11:41:23 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1045106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXu2kAUTc%2B%2Bzq56%2BFkseweBO4ZBsFZe3lVRGPa9EK0HOXv737guBeHMnht8Oym5M63u8K3J9Gpo6iEw1e3l%2Fz458nGd8bYvDaDRAX0Uki1L7bqGw4lGb65cH9Gj0PZIU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ba3df58520b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
randomuser.me/api/portraits/men/59.jpg
188.114.96.1200 OK 2.8 kB URL HTTP/2 randomuser.me/api/portraits/men/59.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash ab82a70c4d7efc7199176a584c660a7d
96a17acb548c276ee062bf85e582556fe9035378
57c0787e260e4785a6d858d26ff60a82fd5ae48cbae32fe6e866cb3daf7fe1a4
GET /api/portraits/men/59.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:56:32 GMT
content-type: image/jpeg
content-length: 2799
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-aef"
expires: Sun, 04 Dec 2022 12:13:14 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1204111
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FDGOnjj7fyvp9n25gnBCs2fv3tkpCaxVeS%2FmdkLgzRFLuJWfPWy5Yd6g3wCzDfqqVGoD6esaBfnkJ1mLcbD1e3NRHnv1Qt9sNqQIaKzXnrJrkQvtXPXpbvsYtlc8mTP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ba3df58550b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
randomuser.me/api/portraits/men/7.jpg
188.114.96.1200 OK 5.0 kB URL HTTP/2 randomuser.me/api/portraits/men/7.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 605af7fa51e2abb4df27027909bf7c4a
d08645e62b586a65649504745645178b41525999
f25b1b7a6a351c0f748d81bf4fcaf8c5a2f8ed036563c2693d4c1ca3718d9d5d
GET /api/portraits/men/7.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:56:32 GMT
content-type: image/jpeg
content-length: 4988
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-137c"
expires: Sun, 04 Dec 2022 11:39:22 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 4417
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhK4q8sQl6NL0DX9BMrQpCLvAxtlN9CyZT8JBFam%2FJOYMb%2Buqmr%2FO35Oyz7aauOa8zBR5FnuP1Sc611wBf%2Fi%2BEQw8MzpMFgzFw9dWMS%2FJ4rPRtvLbb8wEn8p6bEyK%2BTI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ba3df585b0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
randomuser.me/api/portraits/men/54.jpg
188.114.96.1200 OK 5.3 kB URL HTTP/2 randomuser.me/api/portraits/men/54.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash d19b518787fe6e8bd83ce2de827fa34b
9cd09c69251e882df33ebe7f7cbd3176f704bcfc
d1a3e08d4e37d6ee2b7de1db8df87c1dc7acd8ffb004caaf980917de518a60c9
GET /api/portraits/men/54.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:56:32 GMT
content-type: image/jpeg
content-length: 5276
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-149c"
expires: Tue, 13 Dec 2022 22:33:10 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 353907
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRIsXWmz%2Fapi6BgTeF5IK5A%2BYfTCNEwOo6SDL3aUfCLSsKyK594uybfcpV1i4wmGJ%2BZKkmXs0FhZ0D257%2Fe2bVNoK59O0tBHuxJ5ULVHD3YvQMckR2RpsVn5EDTAGCiq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ba3df58570b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
randomuser.me/api/portraits/women/30.jpg
188.114.96.1200 OK 4.4 kB URL HTTP/2 randomuser.me/api/portraits/women/30.jpg
IP 188.114.96.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 1969da0d3fda3aa29c5f883db4ce670c
733eb61b43d010cac0d4f0165d53314f3c767d6f
8d0417f0910586650f889adf5f72fb8ad336f07247cbfd9da9dd6db02546dd00
GET /api/portraits/women/30.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:56:32 GMT
content-type: image/jpeg
content-length: 4440
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-1158"
expires: Wed, 23 Nov 2022 17:52:35 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1761038
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=US8fGkfbj8erUR6gExKsWwO%2FClE4bcIKSoMh93Ow6YVnYoAQDSROp9Oa6AlQ26lNwe%2BwjKbm2VbkCmUer8yY9fV0DO6H1T%2FnNFbrnfqIQOq14Ex5JaWOk05RYNoz5xou"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772ba3df58590b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
soldfly.com/zw/en-us/assets/css/common76cb.css
68.178.247.221200 OK 823 B URL HTTP/1.1 soldfly.com/zw/en-us/assets/css/common76cb.css
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1727)
Hash 7e91d166ba72336c2c25ea7eb2b1dcc6
e9ee71c8165617b4d76056bcc7711903b5db412c
c2e037b12b20cdc0c1d5e4a86043fd66d8214c857c3f89964e5cbd7d076722ce
GET /zw/en-us/assets/css/common76cb.css HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/zw/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:32 GMT
Server: Apache
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "35a24a0-72b-5e8a035686a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 823
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:56:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
soldfly.com/zw/en-us/assets/js/w8swl.js
68.178.247.221200 OK 1.6 kB URL HTTP/1.1 soldfly.com/zw/en-us/assets/js/w8swl.js
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3648)
Hash 024dd399eecbc969d64efd96a5fb2713
21ea1cb61ff4e370edee51e86b7e93079b6f60ca
643e84876d12cb34ee1f7faba81318e268c42aba3c19bb5c544b5b7f83e95748
Analyzer Verdict Alert fortinet Phishing
GET /zw/en-us/assets/js/w8swl.js HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/zw/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "35a249c-e41-5e8a035686a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1550
Keep-Alive: timeout=5
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 11:08:56 GMT
cache-control: public,max-age=3600
age: 2856
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
soldfly.com/zw/en-us/assets/css/voucher_color_white7c56.css
68.178.247.221200 OK 1.3 kB URL HTTP/1.1 soldfly.com/zw/en-us/assets/css/voucher_color_white7c56.css
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6073), with no line terminators
Hash 73b573b4bc93e117b3751dc2a232d1ca
214e6afb5742f432f4b0a90b81fd29b930db04fc
ed61d52fa0eced742b7e1c3e963fb407b7c15dd3010c2cdbf59a3a989bb2ee18
GET /zw/en-us/assets/css/voucher_color_white7c56.css HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/zw/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "35a249f-17b9-5e8a035686a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1288
Keep-Alive: timeout=5
Content-Type: text/css
soldfly.com/zw/en-us/assets/css/voucher_brand_tesco90a7.css
68.178.247.221200 OK 1.3 kB URL HTTP/1.1 soldfly.com/zw/en-us/assets/css/voucher_brand_tesco90a7.css
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6291), with no line terminators
Hash 35e76e9856479fa9fa5da5347ea1e0a7
86605475e0a75c3edfdfe44d8024e053aca8bee3
8531742a3972751622d93f91408522942e1247a918d7d1330517fff2044518fd
GET /zw/en-us/assets/css/voucher_brand_tesco90a7.css HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/zw/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "35a24a1-1893-5e8a035686a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1305
Keep-Alive: timeout=5
Content-Type: text/css
soldfly.com/zw/en-us/assets/js/custom.min.js
68.178.247.221200 OK 3.4 kB URL HTTP/1.1 soldfly.com/zw/en-us/assets/js/custom.min.js
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (715)
Hash 0af0530047418282475dfbe6c7f131ee
14ab9fb3d5855f35ad7cae1ad333ce4489abc7fc
240fd0acbcf232844ddfda222d1228c8aff77d383f30b214fd212cf2053caad5
Analyzer Verdict Alert urlquery Promotion scam / Brand infringement
fortinet Phishing
GET /zw/en-us/assets/js/custom.min.js HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/zw/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:32 GMT
Server: Apache
Last-Modified: Wed, 14 Sep 2022 10:10:16 GMT
ETag: "35a2470-23aa-5e8a055d53200-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3353
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
soldfly.com/zw/en-us/assets/css/voucher_layout_layout-products0cee.css
68.178.247.221200 OK 2.2 kB URL HTTP/1.1 soldfly.com/zw/en-us/assets/css/voucher_layout_layout-products0cee.css
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
Hash 5cd08ce67e7fea2e47e1da7b6c113dee
87dbd70276696395b11b5e168526840e57c359f5
9b76d70fa735c07ab4127ebfbd942a5cc6b2a59302c949c3f6316bdaaae0c5f2
GET /zw/en-us/assets/css/voucher_layout_layout-products0cee.css HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/zw/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:32 GMT
Server: Apache
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "35a24a2-35b4-5e8a035686a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2236
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
soldfly.com/zw/ajax/libs/jquery/1-11-3/jquery.min.js
68.178.247.221200 OK 33 kB URL HTTP/1.1 soldfly.com/zw/ajax/libs/jquery/1-11-3/jquery.min.js
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32038)
Hash 52b94c239ac654d524aedfea51652120
5e2f762ca56010473d633225f4c5c34ce2f62197
e7da358d6cfe51b08ebf16f2085a31018016b02db285c8c08984300e599ef9d4
Analyzer Verdict Alert fortinet Phishing
GET /zw/ajax/libs/jquery/1-11-3/jquery.min.js HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/zw/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "35a1f3d-176f8-5e8a035686a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33303
Keep-Alive: timeout=5
Content-Type: application/javascript
soldfly.com/zw/en-us/assets/css/voucher_main_style0cee.css
68.178.247.221200 OK 25 kB URL HTTP/1.1 soldfly.com/zw/en-us/assets/css/voucher_main_style0cee.css
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (61814)
Hash 10c7ae01cda4659db971f9953775ce5f
6fa3b576d229763bf10a31a389cc251de82029db
1364339547342e8ec9c0003c587dd9c462932d5056e79ed9589579f94288a5d5
GET /zw/en-us/assets/css/voucher_main_style0cee.css HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/zw/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "35a249e-196a2-5e8a035686a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 25053
Keep-Alive: timeout=5
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1483
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:56:32 GMT
Last-Modified: Thu, 01 Dec 2022 11:31:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
soldfly.com/zw/zimbabwe.png
68.178.247.221200 OK 21 kB URL HTTP/1.1 soldfly.com/zw/zimbabwe.png
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash d5a1c35e496296d21a02ef954227f007
efd99950baf07475ae4917af286c6769006c6bec
b15d1bb0482cbe58b51264ae89282a3d91cb197fcddcdd71f8fcd357f1a89caa
GET /zw/zimbabwe.png HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/zw/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:33 GMT
Server: Apache
Last-Modified: Wed, 14 Sep 2022 10:06:56 GMT
ETag: "35a1f3e-52bb-5e8a049e97000"
Accept-Ranges: bytes
Content-Length: 21179
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
soldfly.com/zw/jh7p1c.jpg
68.178.247.221200 OK 4.9 kB URL HTTP/1.1 soldfly.com/zw/jh7p1c.jpg
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 80 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a050ff00d04052e1d1ce8743bac4dba
d7ebb691ce88884f0053f823129ca7a0dc275d9f
0a581c4110a0a5ca3c2c3cba39493e346594c7fc5d033d3bf599518e30466eb9
GET /zw/jh7p1c.jpg HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/zw/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:33 GMT
Server: Apache
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "35a1f3f-1320-5e8a035686a00"
Accept-Ranges: bytes
Content-Length: 4896
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
IP 142.250.74.131:0
Hash 22576f7915661aaa0d1329f09629846f
f63399055cae71c09084e5d348096d4862bf6a60
67f059126f501d74a953f3260d38f88a2efcd00d9dc48a7f431fbf64f2e8a535
POST /s/gts1p5/JNJj-Xek6-M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/geNBckx.png
151.101.84.193200 OK 1.1 kB IP 151.101.84.193:0
File type gzip compressed data, max compression\012- data
Hash a2678803e177416f3bf60ee405557d53
35f2a1a4ce676f2bca22e2226c932d50f6bc3878
8dba1ffd9fb20eeb21bede1f640adc136ec8e845c2543de0c135f08e4b4a248b
GET /geNBckx.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 17 Apr 2020 10:36:52 GMT
etag: "d7ae9442add710b1066911bfba428234"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 01 Dec 2022 11:56:33 GMT
age: 3795488
x-served-by: cache-iad-kcgs7200107-IAD, cache-bma1628-BMA
x-cache: HIT, HIT
x-cache-hits: 16944, 1
x-timer: S1669895793.187540,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 162
X-Firefox-Spdy: h2
i.imgur.com/RxS8FXk.png
151.101.84.193200 OK 279 B IP 151.101.84.193:0
File type PNG image data, 13 x 13, 8-bit colormap, non-interlaced\012- data
Hash ee4bde320c95dcf9ea57fe5f8eabff77
cb52950826ebf97148b9269ef04de16ce8b224b1
e55380e114a7050333af45d44453084ef42ad9dba7696ebf692ea4b42a0f1222
GET /RxS8FXk.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 17 Apr 2020 10:36:52 GMT
etag: "ee4bde320c95dcf9ea57fe5f8eabff77"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 01 Dec 2022 11:56:33 GMT
age: 3116266
x-served-by: cache-iad-kiad7000022-IAD, cache-bma1628-BMA
x-cache: HIT, HIT
x-cache-hits: 10061, 1
x-timer: S1669895793.188435,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 279
X-Firefox-Spdy: h2
i.imgur.com/FUwlTOP.png
151.101.84.193200 OK 293 B IP 151.101.84.193:0
File type PNG image data, 14 x 13, 8-bit colormap, non-interlaced\012- data
Hash 486bfc9a2b39a465bfa7b1f660a16877
4aa237e6f8a82fd09c452990cd25e27c4fa8e281
ccb07a38f5ebf3d51544fc76bbf00aaf9210e48c8338c204aae3f6d3321872b5
GET /FUwlTOP.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 17 Apr 2020 10:36:52 GMT
etag: "486bfc9a2b39a465bfa7b1f660a16877"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 01 Dec 2022 11:56:33 GMT
age: 2357338
x-served-by: cache-iad-kiad7000128-IAD, cache-bma1628-BMA
x-cache: HIT, HIT
x-cache-hits: 3346, 1
x-timer: S1669895793.188199,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 293
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
142.250.74.35200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 19228, version 1.0\012- data
Hash 4de1acb111366ff5358a27c36bfff049
3e746862c43c9bf6080efa2e67985c6017013db1
df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f
GET /s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://soldfly.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:32:05 GMT
expires: Tue, 28 Nov 2023 19:32:05 GMT
cache-control: public, max-age=31536000
age: 231868
last-modified: Mon, 15 Aug 2022 18:05:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NY/OrrPIf/ux1ySZOr36pA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WJs0PwIF+bRP0oj/A4BiXZlr+F8=
soldfly.com/zw/sold.png
68.178.247.221200 OK 100 kB IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 400 x 360, 8-bit/color RGBA, non-interlaced\012- data
Size 100 kB (100522 bytes)
Hash 6bdaaa633c5b0d76439edb5c780f5778
4f8fb4b2ad757cf7350f6f40658b06bb2ee156fc
a773cc2b03abbb2eba3bfd9712370d0ead9b1122bf559ce339768f9b3d1c3fb2
GET /zw/sold.png HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/zw/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:33 GMT
Server: Apache
Last-Modified: Wed, 14 Sep 2022 10:07:00 GMT
ETag: "35a1e8a-188aa-5e8a04a267900"
Accept-Ranges: bytes
Content-Length: 100522
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
soldfly.com/zw/en-us/assets/css/9eeec628/fonts/proximanovabold/proximanovabold.woff
68.178.247.221200 OK 75 kB URL HTTP/1.1 soldfly.com/zw/en-us/assets/css/9eeec628/fonts/proximanovabold/proximanovabold.woff
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 75196, version 1.1\012- data
Hash 2edf02908800d6535704c20c662727d9
3a0f05c005189721e2587af8565dc136807ae703
9792b461aa580c367d843488154f6aec8f4c706d7696c8408d718fb8ee348c2a
Analyzer Verdict Alert fortinet Phishing
GET /zw/en-us/assets/css/9eeec628/fonts/proximanovabold/proximanovabold.woff HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://soldfly.com/zw/en-us/assets/css/voucher_brand_tesco90a7.css
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:33 GMT
Server: Apache
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "35a24c1-125bc-5e8a035686a00"
Accept-Ranges: bytes
Content-Length: 75196
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff
soldfly.com/zw/en-us/assets/css/9eeec628/fonts/proximanovablack/proximanovablack.woff
68.178.247.221200 OK 75 kB URL HTTP/1.1 soldfly.com/zw/en-us/assets/css/9eeec628/fonts/proximanovablack/proximanovablack.woff
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 75196, version 1.1\012- data
Hash 2edf02908800d6535704c20c662727d9
3a0f05c005189721e2587af8565dc136807ae703
9792b461aa580c367d843488154f6aec8f4c706d7696c8408d718fb8ee348c2a
Analyzer Verdict Alert fortinet Phishing
GET /zw/en-us/assets/css/9eeec628/fonts/proximanovablack/proximanovablack.woff HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://soldfly.com/zw/en-us/assets/css/voucher_brand_tesco90a7.css
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:33 GMT
Server: Apache
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "35a24c8-125bc-5e8a035686a00"
Accept-Ranges: bytes
Content-Length: 75196
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:56:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 01 Dec 2022 10:41:08 GMT
expires: Thu, 01 Dec 2022 12:41:08 GMT
cache-control: public, max-age=7200
age: 4525
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:56:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j98&a=1534723043&t=pageview&_s=1&dl=http%3A%2F%2Fsoldfly.com%2Fzw%2F&ul=en-us&de=UTF-8&dt=Zimbabwe%20%3A%20Free%20credit&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=415528179&gjid=647138631&cid=1446322077.1669895793&tid=UA-147558510-1&_gid=1456054773.1669895793&_r=1&_slc=1&z=759801091
142.250.74.110200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1534723043&t=pageview&_s=1&dl=http%3A%2F%2Fsoldfly.com%2Fzw%2F&ul=en-us&de=UTF-8&dt=Zimbabwe%20%3A%20Free%20credit&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=415528179&gjid=647138631&cid=1446322077.1669895793&tid=UA-147558510-1&_gid=1456054773.1669895793&_r=1&_slc=1&z=759801091
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j98&a=1534723043&t=pageview&_s=1&dl=http%3A%2F%2Fsoldfly.com%2Fzw%2F&ul=en-us&de=UTF-8&dt=Zimbabwe%20%3A%20Free%20credit&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=415528179&gjid=647138631&cid=1446322077.1669895793&tid=UA-147558510-1&_gid=1456054773.1669895793&_r=1&_slc=1&z=759801091 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://soldfly.com
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://soldfly.com
date: Thu, 01 Dec 2022 11:56:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=soldzw&t=Zimbabwe%20%3A%20Free%20credit&c=s&x=http%3A%2F%2Fsoldfly.com%2Fzw%2F%23&y=&a=-1&d=1.33&v=27&r=2390
104.22.75.171200 OK 45 B URL HTTP/1.1 whos.amung.us/pingjs/?k=soldzw&t=Zimbabwe%20%3A%20Free%20credit&c=s&x=http%3A%2F%2Fsoldfly.com%2Fzw%2F%23&y=&a=-1&d=1.33&v=27&r=2390
IP 104.22.75.171:0
File type ASCII text, with no line terminators
Hash ee514f1f6050b77a889aa6f14b3a8952
b673493066c28bd260956855270ff9ad545d5a3c
be92ffaa260dc0e372a96732de54afaaa7322665f2502274a96678907026c0c5
GET /pingjs/?k=soldzw&t=Zimbabwe%20%3A%20Free%20credit&c=s&x=http%3A%2F%2Fsoldfly.com%2Fzw%2F%23&y=&a=-1&d=1.33&v=27&r=2390 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:34 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772ba3e80c589926-ARN
soldfly.com/favicon.ico
68.178.247.221404 Not Found 1.7 kB IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 12bc9fcd7f59bd4a0c74e0477ccbad55
9c866d208d2bc04fdc136dbc1fef2e889beb9cbf
cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
GET /favicon.ico HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/zw/
HTTP/1.1 404 Not Found
Date: Thu, 01 Dec 2022 11:56:33 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1699
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html
soldfly.com/zw/en-us/assets/css/9eeec628/fonts/proximanovaregular/proximanovaregular.ttf
68.178.247.221200 OK 185 kB URL HTTP/1.1 soldfly.com/zw/en-us/assets/css/9eeec628/fonts/proximanovaregular/proximanovaregular.ttf
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type TrueType Font data, 17 tables, 1st "FFTM", 24 names, Macintosh\012- data
Size 185 kB (185240 bytes)
Hash 7f775be831ca88d6c0ab6b055f986727
927fa09c4ae3fc44c52239cfa73e5a5e98abb8cb
e9a809715bfd7ca139515f13c1c121e7f18cf43dca83407459353c3843fd159b
Analyzer Verdict Alert fortinet Phishing
GET /zw/en-us/assets/css/9eeec628/fonts/proximanovaregular/proximanovaregular.ttf HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/zw/en-us/assets/css/voucher_brand_tesco90a7.css
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:56:33 GMT
Server: Apache
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "35a24c4-2d398-5e8a035686a00"
Accept-Ranges: bytes
Content-Length: 185240
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/ttf
t.dtscout.com/pv/?_a=v&_h=soldfly.com&_ss=6hkvliribs&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2nfv&_cb=_dtspv.c
141.101.120.11200 OK 523 B URL HTTP/2 t.dtscout.com/pv/?_a=v&_h=soldfly.com&_ss=6hkvliribs&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2nfv&_cb=_dtspv.c
IP 141.101.120.11:0
File type ASCII text, with no line terminators
Hash 13f67c34022a73903bc2a7479087aebd
c718f7523a518c91214f4f69a601283acd568c50
26f2ce0f277cb71550629781d6025a54040492c692d7b18b50d94fabdc31545e
GET /pv/?_a=v&_h=soldfly.com&_ss=6hkvliribs&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=2nfv&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Cookie: m=1; oa=1; df=1669895793
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:56:33 GMT
content-type: application/javascript
x-t: 0.173
x-c: 0
expires: Thu, 01 Dec 2022 11:56:32 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zj%2Byb6k0obPg5V3iLgC%2FC4rt00spTPDVHIGZPYkGpTk7Vsq7ihz8opOj3fPmle7HanjV2iU7pCAaOD61TZ70QDGQMhwqYQoVEEjygV%2FA5zun8o%2FzjQ3NaeuSy9rqFUk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ba3e53ad70a29-ARN
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5731
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 11:56:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5731
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 11:56:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5731
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 11:56:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: 2711a135-b390-43ef-9e95-92438058bc27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz81FIpIAMFs9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-742f7f293df074340ab6a217;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ygs-Qd7UU_k4t4_breZTyqkHqGjJzlH1UMa9ncww5_IGpJ1n781jfg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:51:55 GMT
age: 50679
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5731
Expires: Thu, 01 Dec 2022 13:32:05 GMT
Date: Thu, 01 Dec 2022 11:56:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 50674
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kZfRQsF_Fo2UtTqK0ByOPeQK-IzTQO9JtTmxIMlapmsd93SJk_4VYw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:47:30 GMT
age: 50944
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:57 GMT
age: 50617
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: c6c3e3dc-c9a2-4fda-a83b-cdd6ae81166b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7uyE9CoAMF6Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830cc4-2c8940405044071a082ee678;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qykE_oaoqqPTgqGnfUo74mH29IOS97b5sZb_3VmB9yW7KUiJ1a7dnA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 18:58:06 GMT
age: 61108
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:43:35 GMT
age: 47579
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
172.64.151.83200 OK 6.7 kB IP 172.64.151.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash 1c19de1014ecbb64bf79594584b7e243
e2ab949e99c448f107245a0a39c10e0b30130e9f
5c80cda6336fe83e049aea16c899b4983fa70744beccddd14d75ee0c178c5c77
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:56:34 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
vary: Accept-Encoding
etag: W/"62d96959-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 73863
expires: Sun, 04 Dec 2022 11:56:34 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 772ba3eae8db0b65-OSL
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9&t=Zimbabwe%20%3A%20Free%20credit&cu=https%3A%2F%2Finternet.com%2F
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9&t=Zimbabwe%20%3A%20Free%20credit&cu=https%3A%2F%2Finternet.com%2F
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9&t=Zimbabwe%20%3A%20Free%20credit&cu=https%3A%2F%2Finternet.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 01 Dec 2022 11:56:34 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!soldzw&dn=TC&cc=1&r=
67.202.105.33200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!soldzw&dn=TC&cc=1&r=
IP 67.202.105.33:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!soldzw&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
expires: Fri, 02 Dec 2022 11:56:34 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Thu, 01 Dec 2022 11:56:34 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9&t=Zimbabwe%20%3A%20Free%20credit
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9&t=Zimbabwe%20%3A%20Free%20credit
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9&t=Zimbabwe%20%3A%20Free%20credit HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 01 Dec 2022 11:56:34 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 01 Dec 2022 11:56:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 01 Dec 2022 11:56:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0&img=sold.png HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 01 Dec 2022 11:56:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldzw&lm=0&ts=1669895792948&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Thu, 01 Dec 2022 11:56:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu|Lora
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu|Lora
IP 142.250.74.106:0
GET /css?family=Ubuntu|Lora HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 11:56:32 GMT
date: Thu, 01 Dec 2022 11:56:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=http%3A%2F%2Fsoldfly.com%2Fzw%2F%23&j=
141.101.120.11200 OK 0 B URL HTTP/2 t.dtscout.com/i/?l=http%3A%2F%2Fsoldfly.com%2Fzw%2F%23&j=
IP 141.101.120.11:0
GET /i/?l=http%3A%2F%2Fsoldfly.com%2Fzw%2F%23&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:56:33 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Thu, 01-Dec-2022 13:19:53 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Thu, 01-Dec-2022 15:56:33 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1669895793; Domain=dtscout.com; Expires=Sat, 11-Mar-2023 11:56:33 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.546
expires: Thu, 01 Dec 2022 11:56:32 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWnOdQPqMw%2BtLWMeg84EfMPR3UIL7CRwO%2FU0xdW%2F0sxB%2Blpqhnb7rbL8Tm4h4i5NjCLgmThWtkAofkBhN%2Bl5S975VJUrJMM4VPhjNkhLS9MPhXqiHehyDYNDA9wrPbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772ba3e388f10a29-ARN
content-encoding: br
X-Firefox-Spdy: h2