r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13180
Expires: Sat, 18 Mar 2023 19:50:53 GMT
Date: Sat, 18 Mar 2023 16:11:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 443a700f85619f4fd8a548421c5c23e2
a58764a07feafb2bb4b340c020b5104c55b35195
0bc80613f3d493ea081bf5672ab76f6f33a1dcc0710fe1431de83c46d7e8d31d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BC80613F3D493EA081BF5672AB76F6F33A1DCC0710FE1431DE83C46D7E8D31D"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9049
Expires: Sat, 18 Mar 2023 18:42:02 GMT
Date: Sat, 18 Mar 2023 16:11:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 12cdbcb1b0785dc0423386448ac68c9c
08cff6b76fd708f0cef3c5bdb8fc72570c4536bd
bb7622a85d32cbff40abd2995055e03dbac05dd841b9a84d9023a5510d89e534
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB7622A85D32CBFF40ABD2995055E03DBAC05DD841B9A84D9023A5510D89E534"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3560
Expires: Sat, 18 Mar 2023 17:10:33 GMT
Date: Sat, 18 Mar 2023 16:11:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 18 Mar 2023 15:14:35 GMT
content-type: application/json
age: 3398
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QI9PNV9Wnogs1H0mjlWnkFpyXNha0H5geuLxJBBAc3kR4AVciO7Mq6MUBUVf7vOwg4qAhEkQGKY=
x-amz-request-id: GKS5W3HXSF64M5ER
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 18 Mar 2023 15:57:55 GMT
age: 798
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 16:11:13 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fir3.net/SSv8EwR
104.21.90.231200 OK 22 kB IP 104.21.90.231:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (59160), with CRLF, LF line terminators
Hash a9566d6a25719a09fad29a670dcaa340
2ae31fc343e1863ccdb3293bde1a919da1b5b1ca
5ae0c51a6a08a385963dbde74c2f9f88e64884571dbef946b7888a627648b460
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
GET /SSv8EwR HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: AppSession=108da42b7e3c494632a03ba06b628821; path=/; HttpOnly
csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBIktw7Ps2AmTa6i5kudrlKCbM%2BX9nOX2XBPaPrJw2tGMsAFktZFu1JpRbrheyloTJVbvC29I4c2RkmQK%2FYm9W7u1j9Sgnh4X%2FWb1rRrZsWIcIL4YzQKQiHH1w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec00eb86f0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fir3.net/vendor/bootstrap/css/bootstrap.min.css?ver=6.4.0
104.21.90.231200 OK 20 kB URL HTTP/1.1 fir3.net/vendor/bootstrap/css/bootstrap.min.css?ver=6.4.0
IP 104.21.90.231:0
File type ASCII text, with very long lines (65369)
Hash b154f3cd1d6d1a39bd2b5744951e705e
8cbb116b63d434a753be085041f3554f152fa0b1
53ee15614d6f2561b7ca4d3f7a57cd51c2ddf6a610ea84912b9f0b058abd3a10
GET /vendor/bootstrap/css/bootstrap.min.css?ver=6.4.0 HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: text/css
Content-Length: 19710
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Mon, 03 Apr 2023 13:54:25 GMT
last-modified: Fri, 20 Dec 2019 05:52:40 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1217808
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rw1Zx5V4hoL6YjOgvnyi4Em0LlpBDT60iw7GQxNA5MP1h410Ls7GPVb8Z18633NG3tQ7wKPIxrDaTWauPOpTGexrtkzfHS%2BT8k%2BeLxHf9XUyEghERnbyCFffeA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec0119ae70b65-OSL
alt-svc: h2=":443"; ma=60
fir3.net/css/app.css?ver=6.4.0
104.21.90.231200 OK 1.5 kB URL HTTP/1.1 fir3.net/css/app.css?ver=6.4.0
IP 104.21.90.231:0
Hash cd9793683fa5304b8ba0358f1372b0fa
4e201294cbac40101dbfd41dc35f1190a312edcd
43ddbd9a4b1c4ffc17070086864f2512e2a2e0a36a1107bd13608a01c9e26ab0
GET /css/app.css?ver=6.4.0 HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: text/css
Content-Length: 1546
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Mon, 03 Apr 2023 12:21:46 GMT
last-modified: Fri, 20 Dec 2019 05:51:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1223367
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7VKlzRkfF6cpfyWl8r%2BekvG34CNQb2SxIs6BwydlWJqE%2FijJXOOMhxge93CtPhM9aTShApYzpExR%2F9swahbvGF8r7m5lZQy2zx30gL1gtBjbQznNpArp1LbAA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec0119f35b512-OSL
alt-svc: h2=":443"; ma=60
fir3.net/vendor/dashboard/css/skins/_all-skins.min.css?ver=6.4.0
104.21.90.231200 OK 3.3 kB URL HTTP/1.1 fir3.net/vendor/dashboard/css/skins/_all-skins.min.css?ver=6.4.0
IP 104.21.90.231:0
File type ASCII text, with very long lines (40757), with no line terminators
Hash 222d4790ef03384d6a2cc00378f486da
9579ff128c2c5bb244c4de68e20abcc4df91f0a0
97fc179ba16df4f39bbd31b22f5f56ade96d906d6eb7521d7eb6bf48ddfc8d02
GET /vendor/dashboard/css/skins/_all-skins.min.css?ver=6.4.0 HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: text/css
Content-Length: 3327
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Mon, 27 Mar 2023 20:18:31 GMT
last-modified: Fri, 20 Dec 2019 05:52:54 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1799562
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFszeZ8wKsnWMlDuethd4q4RgHmgwmhm5oY1n1oGzaFQxVzVPyC7ztnz94GoZ7wKm3XLeBsPKAGifKbgFzf2Ss7zPWVeyImFwyEoTlTUbHMB6JzItu8EVOk%2F%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec0119c43069b-OSL
alt-svc: h2=":443"; ma=60
fir3.net/vendor/dashboard/css/AdminLTE.min.css?ver=6.4.0
104.21.90.231200 OK 15 kB URL HTTP/1.1 fir3.net/vendor/dashboard/css/AdminLTE.min.css?ver=6.4.0
IP 104.21.90.231:0
File type ASCII text, with very long lines (65310)
Hash 324663ad4acdf1f6d822c8fafe58ff02
3fa0614d23e35a2ef02b3b8aef6ebac29a9c82aa
23e186501490432407acff3ad96f16d617737694a91d12bf80ccf6e43bd93801
GET /vendor/dashboard/css/AdminLTE.min.css?ver=6.4.0 HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: text/css
Content-Length: 14753
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Sun, 16 Apr 2023 09:06:21 GMT
last-modified: Fri, 20 Dec 2019 05:52:46 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 111892
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gy8VWFgfjNkjUV%2B6sdCjnP87C8FpT89fdXW%2FBeCD5f959EXWhrUSKJ%2FVGFVMSNlxy9Lj7IxRUp5Q5810MZUkV01rkJPk7AI0Pg0U5%2FIBaI8soixYsMPJQxf6Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec0119ebab4fd-OSL
alt-svc: h2=":443"; ma=60
fir3.net/vendor/font-awesome/css/font-awesome.min.css?ver=6.4.0
104.21.90.231200 OK 7.0 kB URL HTTP/1.1 fir3.net/vendor/font-awesome/css/font-awesome.min.css?ver=6.4.0
IP 104.21.90.231:0
File type ASCII text, with very long lines (30789)
Hash a83eb857cd3ce2265642d4dfe8bcaf12
6ff801c6bd848c154648700375fa7d576c491bd2
76437ba558465a733f0b83726aea70daa48c17b1593011498d8df25b126f7850
GET /vendor/font-awesome/css/font-awesome.min.css?ver=6.4.0 HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: text/css
Content-Length: 6979
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Sun, 19 Mar 2023 09:19:51 GMT
last-modified: Fri, 20 Dec 2019 05:52:49 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2530282
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfyweyoLB59bqBghKV0OtDatdjNUaode3T6ofO0eLQo0a%2FFqAw6Fa9gVgJ9mYtwFbxl70XTg07biRhoeDWxDvz5a3r3xvfbCS59PxqFgXMfNsGMvg1lGiCrEsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec0119ec3b51b-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic
142.250.74.106200 OK 917 B URL HTTP/1.1 fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic
IP 142.250.74.106:0
Hash 4ec1188ea373906a22215906f4444869
dca9bb4b1ff7fa20ee7f94892035fdf45165199f
07c731d8bb7c5921cc6e6c0a21525eba2e770c71d8bb0fb63211a38d5cb05e67
GET /css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 18 Mar 2023 16:11:13 GMT
Date: Sat, 18 Mar 2023 16:11:13 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fir3.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.90.231200 OK 655 B URL HTTP/1.1 fir3.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.90.231:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 07 Mar 2023 22:56:30 GMT
ETag: W/"6407c11e-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2Bl1AsMRo290naAoCkxCRwChZ9ftmirrBeyYf33rxmcZrC75YEm0%2FlQ%2BtN5%2FtpUDc2tDjO78Xe6tHBWjJrGE6in5PEzJNM%2Fx7ZDKvwlbpAWjP1EF8WweKrZ9Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a9ec011df0bb4fd-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Mon, 20 Mar 2023 16:11:13 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
fir3.net/vendor/jquery.min.js?ver=6.4.0
104.21.90.231200 OK 30 kB URL HTTP/1.1 fir3.net/vendor/jquery.min.js?ver=6.4.0
IP 104.21.90.231:0
File type ASCII text, with very long lines (32065)
Hash a1dd1493bdf258e4dbf6dc07ed7308f6
650e73419cbdae0965313bc7fb1f6b22769215cd
163e1d87f980cd471550eed01b33398e9d29778b23bba65f861a2b23bc71f99a
GET /vendor/jquery.min.js?ver=6.4.0 HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: application/javascript
Content-Length: 29906
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Fri, 07 Apr 2023 10:38:12 GMT
last-modified: Fri, 20 Dec 2019 05:51:31 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 883981
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RT2ub97r4fCvsTwdwNIwTaXKIDflkndkcHsZaSrNpDytNx06EGIJgY4An3BXuSuxIIN978BKVF9Q5Xlo66PfCxC9ThY5AOLUVohDVTFvfP8pKWTJstsjxwoVDA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec011dc79069b-OSL
alt-svc: h2=":443"; ma=60
fir3.net/vendor/clipboard.min.js?ver=6.4.0
104.21.90.231200 OK 3.4 kB URL HTTP/1.1 fir3.net/vendor/clipboard.min.js?ver=6.4.0
IP 104.21.90.231:0
File type Unicode text, UTF-8 text, with very long lines (10645)
Hash b815f0ccc02820cdfdbfd6691717f1cb
68319410eae8acebfa5c8f3c935734394936013f
c91851de9dc2901cdd88ae6ab0228e74bd4cdee79db66f48fb54d1583c7b4b7c
GET /vendor/clipboard.min.js?ver=6.4.0 HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: application/javascript
Content-Length: 3350
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Sun, 19 Mar 2023 23:04:07 GMT
last-modified: Fri, 20 Dec 2019 05:51:30 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2480826
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rt9hWs2qJDCc9UQXhIGwhp686su4WqjLR%2BBaAVAWkfqUTn1ovLrE1uyq7TwBA9H%2F0lKP3RWYu%2BHeTqRTfeIUTr1RlmaffXHya4Kc5jV%2Bjztc2wBAOvWFuFXXpA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec011db400b65-OSL
alt-svc: h2=":443"; ma=60
fir3.net/js/ads.js
104.21.90.231200 OK 162 B IP 104.21.90.231:0
File type ASCII text, with no line terminators
Hash 19606e42047ff6fc62c605157dacf742
dc53398e76781c27eb48f7f948d35d3dacaf8a69
5c50a649421e815c40de836a05bf30d94daaeb9b4acf314b97db662eb8bdc4e1
GET /js/ads.js HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Mon, 03 Apr 2023 17:04:25 GMT
last-modified: Fri, 20 Dec 2019 05:51:28 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1206408
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alVP%2FBpkMkpjf4nK7mo4HSxJ1N3P6EP9ejEHP%2BGX%2FgXcuak5%2B85TIk4ImFChIEyzE6ms4%2B2SgGAAj8lxpUT1qRlPO0PoO7w%2FHUnI%2Fov%2Fq71EjR3VGFqu89XDzA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec011df2eb51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fir3.net/vendor/dashboard/js/app.min.js?ver=6.4.0
104.21.90.231200 OK 3.1 kB URL HTTP/1.1 fir3.net/vendor/dashboard/js/app.min.js?ver=6.4.0
IP 104.21.90.231:0
File type ASCII text, with very long lines (9522)
Hash c04b9cb357a0cecd3a806a5ea64c5ed9
d07973db9ebde7479a170f1c4f90d3176676a08d
ca06ed014b391ca8a0608c6c8ef1ef342763af55bb8e666be248b2c899ca1de3
GET /vendor/dashboard/js/app.min.js?ver=6.4.0 HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: application/javascript
Content-Length: 3055
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Mon, 03 Apr 2023 13:54:25 GMT
last-modified: Fri, 20 Dec 2019 05:52:48 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1217808
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxolVyp%2BnewEgoCUdmiWK0HwJLdJ4wNhkz3xo70ky%2FBnkZM83I429YbqOCj1yDNCBWXnwRegoxknuM62C0V%2FDCZaKHtLoc4VpDkyx%2Bv%2Fe%2BhnCgvhXCQDnzHecw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec011df19b4fd-OSL
alt-svc: h2=":443"; ma=60
fir3.net/vendor/bootstrap/js/bootstrap.min.js?ver=6.4.0
104.21.90.231200 OK 11 kB URL HTTP/1.1 fir3.net/vendor/bootstrap/js/bootstrap.min.js?ver=6.4.0
IP 104.21.90.231:0
File type ASCII text, with very long lines (39553)
Hash 73a8ec641af288a817a749efad5f0f33
5c17c6af1c288ca780738af7f23784e2a6f7697f
4a72330fd2395601c98468a7db0aeaec4352a9625d55328ba86a3d8b5d80d8b3
GET /vendor/bootstrap/js/bootstrap.min.js?ver=6.4.0 HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: application/javascript
Content-Length: 10952
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Sat, 01 Apr 2023 12:57:10 GMT
last-modified: Fri, 20 Dec 2019 05:52:44 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 1394043
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6Qbe307CkiRDYnUWfLLIbTTflALSE3Zpx54fnl1ZRuu6Z1MVT7fbvRl0D3rOJRDN2Cj%2FIJfjRgHOP%2BRoAzRtmiV3qNuEZh49NIEa1%2BxX1hFaNeg9li1ARdVcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec011df83b512-OSL
alt-svc: h2=":443"; ma=60
fir3.net/js/app.js?ver=6.4.0
104.21.90.231200 OK 5.9 kB URL HTTP/1.1 fir3.net/js/app.js?ver=6.4.0
IP 104.21.90.231:0
Hash c7e77d1961cec6c6541162d99ccc4cdf
09131601d1f47ec3c296cffe0f56d7fb2128b3c7
14e0bfc29ee020431b0f73b524771db997b5295f28f446cdfc5fddb258cf70db
GET /js/app.js?ver=6.4.0 HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: application/javascript
Content-Length: 5920
Connection: keep-alive
cache-control: public, max-age=2592000
expires: Sun, 09 Apr 2023 11:23:36 GMT
last-modified: Fri, 20 Dec 2019 05:51:28 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 708456
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHl80ij%2Brz8JaJqMAU9%2FMKQiBJrM3uXdfy1pF60GkCeG%2B6WrHb7icjWXmu4v9v5s98Y%2FX3IpqcEpnXO8yTHf%2BRmkvdPfQn%2F%2BrUWk2f3%2BVlQ2HtwGldFVsQ9DxA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec011df08b529-OSL
alt-svc: h2=":443"; ma=60
blog.encurta.net/wp-content/uploads/2017/02/Logo-Nova-2.png
188.114.97.1200 OK 20 kB URL HTTP/2 blog.encurta.net/wp-content/uploads/2017/02/Logo-Nova-2.png
IP 188.114.97.1:0
File type PNG image data, 720 x 245, 8-bit/color RGBA, non-interlaced\012- data
Hash bb9befcf2032aa148b00cca9510b2c05
1e62ed5a487d9f13e1a3bc0e1afc54bde750a55b
4b5419da69b46c79af03f015c77aa26599869034c95ce63b2a4b8f3975b2593a
GET /wp-content/uploads/2017/02/Logo-Nova-2.png HTTP/1.1
Host: blog.encurta.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fir3.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 18 Mar 2023 16:11:13 GMT
content-type: image/png
content-length: 19763
cache-control: public, max-age=604800
expires: Tue, 21 Mar 2023 14:31:55 GMT
last-modified: Thu, 02 Feb 2017 14:44:09 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 351558
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeQvvOv0SOmZlcyhkPprrmnceQy71MtPWvdAkSnk8pDamDpX3GJ%2B2xUAgPF2dLe5eXsTQbCihHVfdaRE0VZCf1q0fOybfypSrENF%2Bpng2A2P9tN2rK3kIoA5W33vJvTwvGV3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a9ec0120e4ab509-OSL
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123308 Permanent Redirect 171 B URL HTTP/1.1 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3c417e9efbcaeb3bf7e7df75cf3b22fd
00465aec6b8ec302eae8abb99678fc5c09c3f343
21bd143d38dbbae427615a7266a86a18dc95c417f3e510632d7a9180d98d3571
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/
HTTP/1.1 308 Permanent Redirect
Server: nginx/1.15.8
Content-Type: text/html
Content-Length: 171
Location: https://s7.addthis.com/js/300/addthis_widget.js
Date: Sat, 18 Mar 2023 16:11:13 GMT
Connection: keep-alive
X-Distribution: 99
X-Host: s7.addthis.com
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c636a9ac2da57f66a6b8b3dcd0a7105
0c1c432f6d83f3b47e46c90f42b2e5ad5cf59c65
63e5c25cebac0251daa3447b49c2fc7d8307a4168b92bc804c2f1efdc34a1d95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 16:11:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-kcTGwNfMBUA/XY4pBKoksTI/AAAAAAAAIlY/TsAXaSyXjbIDmh1PynFyoXBAhtS56J44QCPcBGAYYCw/s640/Continuar%2B%25282%2529.png
142.250.74.161200 OK 6.7 kB URL HTTP/2 1.bp.blogspot.com/-kcTGwNfMBUA/XY4pBKoksTI/AAAAAAAAIlY/TsAXaSyXjbIDmh1PynFyoXBAhtS56J44QCPcBGAYYCw/s640/Continuar%2B%25282%2529.png
IP 142.250.74.161:0
File type PNG image data, 250 x 400, 8-bit/color RGB, non-interlaced\012- data
Hash 4434678a022143a10f10c4da0fb35235
4c024d3d586abe08b91e98b8a97eb0b6dd6c781b
63aecc1fcc3b836462906c0f57ea36a4f7391c6af6260481dc6b4fae3047b2b5
GET /-kcTGwNfMBUA/XY4pBKoksTI/AAAAAAAAIlY/TsAXaSyXjbIDmh1PynFyoXBAhtS56J44QCPcBGAYYCw/s640/Continuar%2B%25282%2529.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fir3.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Continuar (2).png"
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6725
x-xss-protection: 0
date: Sat, 18 Mar 2023 12:54:33 GMT
expires: Fri, 17 Feb 2023 12:08:08 GMT
cache-control: public, max-age=86400, no-transform
age: 11800
etag: "v2256"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116423 bytes)
Hash d5b9b7a3accd3b7b7de639c072ae3ee2
9583b5c046d78af5c6379d844219f828aa2222d0
648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fir3.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116423
date: Sat, 18 Mar 2023 16:11:13 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c636a9ac2da57f66a6b8b3dcd0a7105
0c1c432f6d83f3b47e46c90f42b2e5ad5cf59c65
63e5c25cebac0251daa3447b49c2fc7d8307a4168b92bc804c2f1efdc34a1d95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 16:11:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yonhelioliskor.com/ntfc.php?p=3138250
139.45.197.251200 OK 5.9 kB URL HTTP/1.1 yonhelioliskor.com/ntfc.php?p=3138250
IP 139.45.197.251:0
File type C source, ASCII text, with very long lines (14391), with no line terminators
Hash ebd24c57e7c48956b7ba8ffcb4e45991
185644214f8d5f6dca4c203af2a1bd96274afbcb
ce1a5dc8201ecc8e77250f101e3f9c0d471bd865ec9a74487bced10e58e0a732
GET /ntfc.php?p=3138250 HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Mar 2023 16:11:13 GMT
Content-Type: application/javascript
Last-Modified: Thu, 16 Mar 2023 15:32:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"641336a8-3837"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Pragma, Content-Type, Content-Length, Cache-Control, Expires, Backoff, Alert, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 18 Mar 2023 15:14:32 GMT
age: 3401
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fir3.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 18 Mar 2023 16:11:13 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.35200 OK 13 kB URL HTTP/1.1 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fir3.net
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 13036
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 15 Mar 2023 13:18:15 GMT
Expires: Thu, 14 Mar 2024 13:18:15 GMT
Cache-Control: public, max-age=31536000
Age: 269578
Last-Modified: Wed, 27 Apr 2022 16:04:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
142.250.74.35200 OK 13 kB URL HTTP/1.1 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fir3.net
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 12924
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 14 Mar 2023 00:11:34 GMT
Expires: Wed, 13 Mar 2024 00:11:34 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:02:31 GMT
Content-Type: font/woff2
Age: 403179
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f173f5bbe5f046b2d8b058fdc5f11fac
58a93d5cb6c91343b1915d04e99b2786d1e6fe1d
14a6a0d96b6a3ac3654c831bddc8808e637fdfa5e430533f88898f5c789a194d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14A6A0D96B6A3AC3654C831BDDC8808E637FDFA5E430533F88898F5C789A194D"
Last-Modified: Fri, 17 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11592
Expires: Sat, 18 Mar 2023 19:24:26 GMT
Date: Sat, 18 Mar 2023 16:11:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f43ccc6a055aeef1778e59679f0d6336
ff4cdb930614c8fe3a36670f381dec87db6e9a8d
77031bba3e36d216cd3ec558098a788ee9b01d4f6b96f51ed6f652884b955aee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77031BBA3E36D216CD3EC558098A788EE9B01D4F6B96F51ED6F652884B955AEE"
Last-Modified: Fri, 17 Mar 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11309
Expires: Sat, 18 Mar 2023 19:19:43 GMT
Date: Sat, 18 Mar 2023 16:11:14 GMT
Connection: keep-alive
fir3.net/SSv8EwR
104.21.90.231200 OK 0 B IP 104.21.90.231:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
HEAD /SSv8EwR HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:14 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAbFuCu%2Bg0hLYzPq%2B6yK07kBOmZCe1JK9%2FIavjON96wU6DHFX5x6bMhPdDH48eO2yRswzibbxV3NF74ervwV0%2Fkrxnoae2IQ5qXutEE0SZYcf2VfgwPd1xRd7w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec0139e5d069b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
yonhelioliskor.com/zone?pub=0&zone_id=3138250&is_mobile=false&domain=fir3.net&var=&ymid=&var_3=
139.45.197.251200 OK 973 B URL HTTP/2 yonhelioliskor.com/zone?pub=0&zone_id=3138250&is_mobile=false&domain=fir3.net&var=&ymid=&var_3=
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (972)
Hash bd41e5e871a635c547d680c91a5b9316
5b8ed6a864fa5baeb958345ae64c9b634dd228e5
b48afcf68a7ffb54a40b67b4fe3df199186741b1403bdb7c1dac3705ae35a2f7
GET /zone?pub=0&zone_id=3138250&is_mobile=false&domain=fir3.net&var=&ymid=&var_3= HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fir3.net/
Origin: http://fir3.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 16:11:14 GMT
content-type: application/json; charset=utf-8
content-length: 973
x-trace-id: 07b32c86e55f76f074466ecdeba0112c
access-control-allow-origin: http://fir3.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 70f795f7a73fb087a4b08eebe6e2a970
faaa9283e766256900f3c3e00dee00973e7da2a6
4f7e4813f82f60ebf9c536d9342726307686931df7309a4c367f3b658602efde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F7E4813F82F60EBF9C536D9342726307686931DF7309A4C367F3B658602EFDE"
Last-Modified: Fri, 17 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2681
Expires: Sat, 18 Mar 2023 16:55:55 GMT
Date: Sat, 18 Mar 2023 16:11:14 GMT
Connection: keep-alive
s7.addthis.com/l10n/client.pt.min.json
23.38.200.123200 OK 1.7 kB URL HTTP/2 s7.addthis.com/l10n/client.pt.min.json
IP 23.38.200.123:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3560), with no line terminators
Hash 19a54a750c49510d0f4479d3aaa1d948
9f69430fe22676a26581cfeab7f79f7352b81fb0
cf281750841886c252bab68854486331fed3798014c49c9c24e024416477b6b6
GET /l10n/client.pt.min.json HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fir3.net
Connection: keep-alive
Referer: http://fir3.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
etag: W/"5d77be05-e24"
cache-control: public, s-maxage=604800
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 1747
date: Sat, 18 Mar 2023 16:11:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
fir3.net/favicon.ico
104.21.90.231200 OK 64 B IP 104.21.90.231:0
File type MS Windows icon resource - 1 icon, 16x16, 2 colors\012- data
Hash ce2521545b94598ae74196ee9ea9daf9
f9d08c84152378ca6472d760579d0ce67ab57f96
78f59a0a147d8844b82ae42a90c6a4614d90d50c65415464ecfbae4d1bc01c66
GET /favicon.ico HTTP/1.1
Host: fir3.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fir3.net/SSv8EwR
Cookie: AppSession=108da42b7e3c494632a03ba06b628821; csrfToken=6679d1060f44d5ea1dc3370d7c5f7664772f804e9df4f2b9ffdb1ba01bb854fce953cd15b264b17d487714d3b530f885c3002b043c75393c9073a91d22c02dfd; ab=2; __atuvc=1%7C11; __atuvs=6415e2a191badd0d000
HTTP/1.1 200 OK
Date: Sat, 18 Mar 2023 16:11:14 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=31536000
expires: Fri, 19 Jan 2024 18:11:19 GMT
last-modified: Fri, 20 Dec 2019 05:51:23 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 5003995
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuLJVGOD%2FP8M3JM0i1RwAfqW6A8tutvmQSIgMqNMgrFYOscuLke8OyCbDxeVHYBKcy6uBTPeuXGWPbdCj6Z7GcSSgPfLeSWepX4pT2z28M1lUp8bLnQE2SgxuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a9ec015c8ac069b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fir3.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=35358
date: Sat, 18 Mar 2023 16:11:14 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2791bef32b5f929f9b8ad37800b5cd57
d801651cd01d119fd8b761404c942e0f15fd449a
5be9b295f54d11dfffb0475781c1dbcdae5685969866def1580c624947a2511b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 16:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ebc741220dc17f13eb62bfa543f6f6a0
a0086027802e3b9ce28f644ee70f1d0e61012885
1b375b3a43fb324f10b2c05f7f023db31f82f7470f91baac6d1b85f8e90b7f66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 16:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.131200 OK 585 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.131:0
File type ASCII text, with very long lines (921), with no line terminators
Hash 7c54c4f36e9734741609896c481b17ac
2795d605aa890621f38a3c3749e82e06e1957750
731a247e8bc1bf4be584ea494c58a7940ed75a36d6e306d008a524ad69661253
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fir3.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 18 Mar 2023 16:11:14 GMT
date: Sat, 18 Mar 2023 16:11:14 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ebc741220dc17f13eb62bfa543f6f6a0
a0086027802e3b9ce28f644ee70f1d0e61012885
1b375b3a43fb324f10b2c05f7f023db31f82f7470f91baac6d1b85f8e90b7f66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 16:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 16:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
m.addthis.com/live/red_lojson/300lo.json?si=6415e2a19b3402b5&bkl=0&bl=1&pdt=514&sid=6415e2a19b3402b5&pub=ra-5bec6c158c239b28&rev=v8.28.8-wp&ln=pt&pc=men&cb=0&ab=-&dp=fir3.net&fp=SSv8EwR&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Encurtador%20de%20links%20que%20paga%2CEncurtaNet%2C&colc=1679155873381&jsl=1&uvs=6415e2a191badd0d000&skipb=1&callback=addthis.cbs.jsonp__039136372533085220
23.38.200.123200 OK 90 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=6415e2a19b3402b5&bkl=0&bl=1&pdt=514&sid=6415e2a19b3402b5&pub=ra-5bec6c158c239b28&rev=v8.28.8-wp&ln=pt&pc=men&cb=0&ab=-&dp=fir3.net&fp=SSv8EwR&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Encurtador%20de%20links%20que%20paga%2CEncurtaNet%2C&colc=1679155873381&jsl=1&uvs=6415e2a191badd0d000&skipb=1&callback=addthis.cbs.jsonp__039136372533085220
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 3fc19cb9ac5ab0f075bf0ba9ec1f2d04
e97467c50562c27fee66d4c105c05c48a66d903e
385e9b9dfe4b2d8d21ebb88fb8352681ea21adf9eb5cf86e68dbeb1223f6e8fe
GET /live/red_lojson/300lo.json?si=6415e2a19b3402b5&bkl=0&bl=1&pdt=514&sid=6415e2a19b3402b5&pub=ra-5bec6c158c239b28&rev=v8.28.8-wp&ln=pt&pc=men&cb=0&ab=-&dp=fir3.net&fp=SSv8EwR&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Encurtador%20de%20links%20que%20paga%2CEncurtaNet%2C&colc=1679155873381&jsl=1&uvs=6415e2a191badd0d000&skipb=1&callback=addthis.cbs.jsonp__039136372533085220 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fir3.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sat, 18 Mar 2023 16:11:14 GMT
X-Firefox-Spdy: h2
yonhelioliskor.com/pfe/current/universal.min.js?v=3.1.424
139.45.197.251200 OK 34 kB URL HTTP/2 yonhelioliskor.com/pfe/current/universal.min.js?v=3.1.424
IP 139.45.197.251:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e4dd7b56c2e0e2bd56c8ea1368e90cd3
d333fee36d42b7b3fe37d531f0a1291aa810a6f5
b3791365688750611347d63360b3edccce5e47428190cedcc53f8c51d3ba55b8
GET /pfe/current/universal.min.js?v=3.1.424 HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fir3.net/
Origin: http://fir3.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 16:11:14 GMT
content-type: application/javascript
last-modified: Thu, 16 Mar 2023 15:32:57 GMT
etag: W/"641336a9-190ac"
access-control-allow-origin: http://fir3.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js
142.250.74.67200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js
IP 142.250.74.67:0
File type ASCII text, with very long lines (576)
Size 165 kB (164678 bytes)
Hash f22f07ee02fbeed3958345c90b52b818
2aa44ea19d580589c06c2170103b4d0505e18cdb
dc1eadf37f70bef92766d0c316d1da7af283b84e5c309a4732d8ed35d7bbfb84
GET /recaptcha/releases/Trd6gj1dhC_fx0ma_AWHc1me/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fir3.net
Connection: keep-alive
Referer: http://fir3.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164678
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 11:44:52 GMT
expires: Thu, 14 Mar 2024 11:44:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Mar 2023 02:02:14 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 275182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yonhelioliskor.com/custom
139.45.197.251200 OK 39 B URL HTTP/2 yonhelioliskor.com/custom
IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fir3.net/
Content-Type: application/json
Origin: http://fir3.net
Content-Length: 355
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 16:11:14 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 8f1e5c7fbd9ae3922714bd550545346f
access-control-allow-origin: http://fir3.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4fe1012a4d75c602aab58bcff2d9c28
b079e7b9e4da4d67ecdc3e11bff33462bd026899
f7e4c8251356329744c989f9194354f78b9d142a69db8cc5d92ade3d70efcc01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 16:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
v1.addthisedge.com/live/boost/ra-5bec6c158c239b28/_ate.track.config_resp
23.38.200.123200 OK 954 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-5bec6c158c239b28/_ate.track.config_resp
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (2231), with no line terminators
Hash eec2bbb8bfc87a617c9ca7855aa81328
5b76db3b90d961613a25ff070bbe1dab3553cfac
e40ffa9bde7e24c485cd84edb00dacbed50ca664678f4f19f5d1cbec187b1037
GET /live/boost/ra-5bec6c158c239b28/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fir3.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 954
etag: 1298577078--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=48, s-maxage=86400
date: Sat, 18 Mar 2023 16:11:14 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=bdc6bcc3dc2a4708b2133c4def207ff1&zoneId=3138250&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=bdc6bcc3dc2a4708b2133c4def207ff1&zoneId=3138250&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e68d1f0aa46e8a1a730eefb0bf2070e5
c268e49785d64f7daa2891d454a846294dee1bfc
df4fc2f4824f9de58c6daf501707d597363cb6d58bb897fe5dc8d6e455973685
GET /gid.js?pub=0&userId=bdc6bcc3dc2a4708b2133c4def207ff1&zoneId=3138250&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fir3.net/
Origin: http://fir3.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 16:11:14 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://fir3.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=bdc6bcc3dc2a4708b2133c4def207ff1; expires=Sun, 17 Mar 2024 16:11:14 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
23.38.200.123200 OK 28 kB URL HTTP/2 s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (60526)
Hash 6f438e76ae391709e033a3e3809e0b9f
a5cd39eb8d85bee5846355f680d04a270a6f9f4f
a32c496c2c536b8c5aef8b3b7b8a977f41bbab712b93f933f4c6780c696f1b2a
GET /static/custom-messages.5799ddf75a30812a3d49.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fir3.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-1c9fc"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 28519
date: Sat, 18 Mar 2023 16:11:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fir3.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Sat, 18 Mar 2023 16:11:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.32.66.222101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.32.66.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lR231CIuqoQRyYC2Lup7Eg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9/e9tlT5BF4rNWveVgxhyfrmfUo=
blogger.googleusercontent.com/img/a/AVvXsEhP5dsqG8gU9pOcmTiO_hokWp5jIZ6CYdyyR4-bvSCs2-0n5q7fsiT6n9Hrqi0wcB-DPUOtNIpQH_DENbUEjtlbW488caDD5qhmlv8W5iza1GuTq5Q466rp1FwvYPJC6xZUFMCzGShIuBde_FSCUknZK-dCy-Z72TduKmuTuGiKRIoNLLrTAkMLp6pT=w400-h400
142.250.74.97200 OK 10 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEhP5dsqG8gU9pOcmTiO_hokWp5jIZ6CYdyyR4-bvSCs2-0n5q7fsiT6n9Hrqi0wcB-DPUOtNIpQH_DENbUEjtlbW488caDD5qhmlv8W5iza1GuTq5Q466rp1FwvYPJC6xZUFMCzGShIuBde_FSCUknZK-dCy-Z72TduKmuTuGiKRIoNLLrTAkMLp6pT=w400-h400
IP 142.250.74.97:0
File type PNG image data, 400 x 400, 8-bit/color RGB, non-interlaced\012- data
Hash 7a48859b9f4f046ed10b48c687d7a0da
2cf7b5feea1c3771aa53004b7e99df2cf91a1473
cd4ef8fd9a6e647b83b9306944ab00817de194867594e6b7b2be22d6e2ccac8a
GET /img/a/AVvXsEhP5dsqG8gU9pOcmTiO_hokWp5jIZ6CYdyyR4-bvSCs2-0n5q7fsiT6n9Hrqi0wcB-DPUOtNIpQH_DENbUEjtlbW488caDD5qhmlv8W5iza1GuTq5Q466rp1FwvYPJC6xZUFMCzGShIuBde_FSCUknZK-dCy-Z72TduKmuTuGiKRIoNLLrTAkMLp6pT=w400-h400 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fir3.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v32de"
expires: Sun, 19 Mar 2023 16:11:14 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Errata do EncurtaNet(1).png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 16:11:14 GMT
server: fife
content-length: 10312
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2791bef32b5f929f9b8ad37800b5cd57
d801651cd01d119fd8b761404c942e0f15fd449a
5be9b295f54d11dfffb0475781c1dbcdae5685969866def1580c624947a2511b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 18 Mar 2023 16:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/static/14.2dfb61b890959f78272d.js
23.38.200.123200 OK 304 B URL HTTP/2 s7.addthis.com/static/14.2dfb61b890959f78272d.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (397), with no line terminators
Hash ca0f404238de96a7e72a7412a43229ba
4f73f2828bffb15fe09660886210e4ec40eeaa8b
d44d9599170c634d819deecceaa0e7964c0eab00f2e424e882c2840b1363dd36
GET /static/14.2dfb61b890959f78272d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fir3.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-18d"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 304
date: Sat, 18 Mar 2023 16:11:14 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 21:48:03 GMT
expires: Fri, 15 Mar 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 152591
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 17:56:42 GMT
expires: Fri, 15 Mar 2024 17:56:42 GMT
cache-control: public, max-age=31536000
age: 166472
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yonhelioliskor.com/custom
139.45.197.251200 OK 39 B URL HTTP/2 yonhelioliskor.com/custom
IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fir3.net/
Content-Type: application/json
Origin: http://fir3.net
Content-Length: 643
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 16:11:14 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f0c1a92d59b35cb2fb0a64051db826b8
access-control-allow-origin: http://fir3.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
yonhelioliskor.com/custom
139.45.197.251200 OK 39 B URL HTTP/2 yonhelioliskor.com/custom
IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fir3.net/
Content-Type: application/json
Origin: http://fir3.net
Content-Length: 356
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 16:11:15 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d7347441e766bf4489f405a297fe7e75
access-control-allow-origin: http://fir3.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
yonhelioliskor.com/pfe/current/defaultSkin.min.js
139.45.197.251200 OK 44 kB URL HTTP/2 yonhelioliskor.com/pfe/current/defaultSkin.min.js
IP 139.45.197.251:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (52034)
Hash 191a649c9a29559621f9e6ee29fa1739
81dd77933d1a314d9400438f23cf423060ab9dea
3b442b014939c946c660cf2d74d2334bdc4e8bf25418e36a80b8dd4442cc49f1
GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fir3.net/
Origin: http://fir3.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 18 Mar 2023 16:11:15 GMT
content-type: application/javascript
last-modified: Thu, 16 Mar 2023 15:32:57 GMT
etag: W/"641336a9-df63"
access-control-allow-origin: http://fir3.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 12:53:56 GMT
expires: Thu, 14 Mar 2024 12:53:56 GMT
cache-control: public, max-age=31536000
age: 271039
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18504
Expires: Sat, 18 Mar 2023 21:19:39 GMT
Date: Sat, 18 Mar 2023 16:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18504
Expires: Sat, 18 Mar 2023 21:19:39 GMT
Date: Sat, 18 Mar 2023 16:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18504
Expires: Sat, 18 Mar 2023 21:19:39 GMT
Date: Sat, 18 Mar 2023 16:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18504
Expires: Sat, 18 Mar 2023 21:19:39 GMT
Date: Sat, 18 Mar 2023 16:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 84762efcb2e1535ae49fca6c1523df33
93e7f138a491d4276a793c2e5b947195ae69a88c
920778735cfb5f0395bbfa1391cb4e90c547d455cac77c8bb161a0c3b55a6a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "920778735CFB5F0395BBFA1391CB4E90C547D455CAC77C8BB161A0C3B55A6A3F"
Last-Modified: Thu, 16 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18504
Expires: Sat, 18 Mar 2023 21:19:39 GMT
Date: Sat, 18 Mar 2023 16:11:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f53bb1fb90c97461035e7f9f7f7837e
961b5fcbca5b49ca9136e74931253bb300aa1985
dad960991444a4cbd8841e5c673b0e4337bdeb8c18672b5cfadb93d4ac70e8d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a465734-2031-4538-bcbc-9d828ea81250.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11673
x-amzn-requestid: 3675d2d9-47ab-4712-9511-0ad7570dd3cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eNfFXSIAMFbhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dd89-53c9817044fda17b212f0237;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: RYqMTTPdmeDjKu7jhuuUFEn4Y420mbCQcZ8LN-vI9oBJ8LBkZEv0Ig==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 22:05:35 GMT
age: 65140
etag: "961b5fcbca5b49ca9136e74931253bb300aa1985"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: bka10YWXvoKBRkwgvJNMzm1SSv_J1USzdugO9lPduHxe2uYFYkXh4w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Mar 2023 04:25:40 GMT
age: 42335
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261ec986-2f8d-4ff1-a532-841fb845618b.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261ec986-2f8d-4ff1-a532-841fb845618b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae34f2fd5c842d15f05edef4c8b71dec
7e0306e3aa1b415cf9cae33b07da9f3303216a33
a5c1d1c217f6ebae09bbcb3c7ca6261e75773fdf32c1be4fedc29695f3233bf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261ec986-2f8d-4ff1-a532-841fb845618b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6151
x-amzn-requestid: 3df3d28e-80d9-40ff-a524-1c8d07c5b5f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eWhHeBIAMF2pA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414ddc3-023ab8d94bf6b98a5c0b4260;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:38:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Sf-LgGpKI-9JPfurhJ_S6vfH-mT0jEl77QDUUWeOE1jzGS6OU47QpA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 21:48:47 GMT
age: 66148
etag: "7e0306e3aa1b415cf9cae33b07da9f3303216a33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66d9dc-9b07-409d-b0ab-7ba2375be651.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66d9dc-9b07-409d-b0ab-7ba2375be651.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c7d44b2fe4e80865ebbb42bc9cbd182
1c13d1f47dade8c4fdcda4fe714f033ae8336ada
c0b9deca4b7dabc0a5aa3d59e7a349497b2544c3b4926e23d029c3d8cb7aad85
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66d9dc-9b07-409d-b0ab-7ba2375be651.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10041
x-amzn-requestid: 9f0722e3-0ed3-4679-8cf1-043a2fc702af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eWXEnLIAMFsqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414ddc2-71824c4a27d153a601bd74c2;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: rJx9KKSQM8h-4Vzz9oASVZINfsdkkjrQuyQPE22x2ePB9gnMtYaLAw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 21:55:47 GMT
age: 65728
etag: "1c13d1f47dade8c4fdcda4fe714f033ae8336ada"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a34f4ab-d2e4-48aa-b1d4-ba1513efdd5c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a34f4ab-d2e4-48aa-b1d4-ba1513efdd5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58ae9b9d874dd977b79bd6f8ad3829f9
070ba3e08796862f511f3313c99d863539696313
ef4738171c6cc5a2c2f725e5a32d65b3de38ba8bbbed72a52f724476ba764a42
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a34f4ab-d2e4-48aa-b1d4-ba1513efdd5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10029
x-amzn-requestid: ee521485-7d70-46d3-b7e6-7f38e1ca0f01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eR6GiMIAMFjUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dda5-3d5d5d5d37b1ed8e250d2146;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qqVri7BrFPm419PBmAnW-QQpwBf99IMBD8R1zLTvJzpNUJrXCJf2cg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 21:44:56 GMT
age: 66379
etag: "070ba3e08796862f511f3313c99d863539696313"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f030924-26fe-4a36-bf48-11d8ccfe470b.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f030924-26fe-4a36-bf48-11d8ccfe470b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 772-769, spot sensor temperature 0.000000, unit celsius, color scheme 0, minimum point enabled, calibration: offset 0.000000, slope 1115717714480204991250653249536.000000\012- data
Hash 7c6233f649c3f84fcba3d244b3e5c35d
2820939892ab0d9b7c995043dc0f38642ac1e415
1ff87957f29a41db7bcbfcbc644cd434705b046b32e8d01467ec6b8c9f75c77b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f030924-26fe-4a36-bf48-11d8ccfe470b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12699
x-amzn-requestid: ebcd4e4c-f214-463e-a2c9-1392f278d6d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B8eSgGFOIAMFt8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6414dda9-5ec892ee018fe3d118df30d6;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 21:37:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Xm-KvGwI47UAZpwvXtnkLrSo18bFGJIdPrSvw3AayrUqyWVHlgbkqA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 17 Mar 2023 21:55:54 GMT
age: 65721
etag: "2820939892ab0d9b7c995043dc0f38642ac1e415"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2