r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7183
Expires: Mon, 07 Nov 2022 00:22:11 GMT
Date: Sun, 06 Nov 2022 22:22:28 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4834
Cache-Control: max-age=134949
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 22:22:28 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:51:37 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 06 Nov 2022 21:43:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d8c32b2fb818533a5b3fe5c69157bde9
93594fd3fc50d9d444c28660eabba1edbe4f0588
df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F"
Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4962
Expires: Sun, 06 Nov 2022 23:45:10 GMT
Date: Sun, 06 Nov 2022 22:22:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OKA1vIZ0FiDaBDUcCnf3h8U6WwS/jIKEiZffrenmV2oZ7QuvNMOn+ANrVCrMA71hz2RhYpz8oWY=
x-amz-request-id: X3RQT72YD51GH3A9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 21:47:47 GMT
age: 2081
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
umbra.lol/land2/671b7c6f53f2ee47457300ca369f1d5516e3a8c0.html?cep=G-XWGnl3GO9TxIDUCtzRH1LjAbdj29mchzFOARd1Dzt6Mq-qJIhHpf4EIvgw1auw49F0HZ3HEIsDydfQAkt3bnXoNqRHQJcsZNlVqwEbhzFijDTqx8wZmaBepGSVRLkUeyuLo3C4qTSYSuSNrbQexXhwwOmeSd6mE6TONf1lkoSnlQajRLWurLkUTsdgdwokZOy5NQOVuiguzkE_NNAAQBN0zxnjRnTF52jAB-Z-AYCPdGWRoSxI6CH4FGNU6stuEvE8O6_xl63KBtsdPEXLw7KEejJzd9JBKV8lxyaZX-bngcuHgFEbyd2A-vq0GmwBUr11UyKQwZooHerFKd2OZk8V825LGgheC5tPjXfVW_HpcBK-XyKG4msocdHALe1F&lptoken=1615673a774051203019
68.65.122.97301 Moved Permanently 707 B URL HTTP/1.1 umbra.lol/land2/671b7c6f53f2ee47457300ca369f1d5516e3a8c0.html?cep=G-XWGnl3GO9TxIDUCtzRH1LjAbdj29mchzFOARd1Dzt6Mq-qJIhHpf4EIvgw1auw49F0HZ3HEIsDydfQAkt3bnXoNqRHQJcsZNlVqwEbhzFijDTqx8wZmaBepGSVRLkUeyuLo3C4qTSYSuSNrbQexXhwwOmeSd6mE6TONf1lkoSnlQajRLWurLkUTsdgdwokZOy5NQOVuiguzkE_NNAAQBN0zxnjRnTF52jAB-Z-AYCPdGWRoSxI6CH4FGNU6stuEvE8O6_xl63KBtsdPEXLw7KEejJzd9JBKV8lxyaZX-bngcuHgFEbyd2A-vq0GmwBUr11UyKQwZooHerFKd2OZk8V825LGgheC5tPjXfVW_HpcBK-XyKG4msocdHALe1F&lptoken=1615673a774051203019
IP 68.65.122.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /land2/671b7c6f53f2ee47457300ca369f1d5516e3a8c0.html?cep=G-XWGnl3GO9TxIDUCtzRH1LjAbdj29mchzFOARd1Dzt6Mq-qJIhHpf4EIvgw1auw49F0HZ3HEIsDydfQAkt3bnXoNqRHQJcsZNlVqwEbhzFijDTqx8wZmaBepGSVRLkUeyuLo3C4qTSYSuSNrbQexXhwwOmeSd6mE6TONf1lkoSnlQajRLWurLkUTsdgdwokZOy5NQOVuiguzkE_NNAAQBN0zxnjRnTF52jAB-Z-AYCPdGWRoSxI6CH4FGNU6stuEvE8O6_xl63KBtsdPEXLw7KEejJzd9JBKV8lxyaZX-bngcuHgFEbyd2A-vq0GmwBUr11UyKQwZooHerFKd2OZk8V825LGgheC5tPjXfVW_HpcBK-XyKG4msocdHALe1F&lptoken=1615673a774051203019 HTTP/1.1
Host: umbra.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 06 Nov 2022 22:22:28 GMT
server: LiteSpeed
location: https://umbra.lol/land2/671b7c6f53f2ee47457300ca369f1d5516e3a8c0.html?cep=G-XWGnl3GO9TxIDUCtzRH1LjAbdj29mchzFOARd1Dzt6Mq-qJIhHpf4EIvgw1auw49F0HZ3HEIsDydfQAkt3bnXoNqRHQJcsZNlVqwEbhzFijDTqx8wZmaBepGSVRLkUeyuLo3C4qTSYSuSNrbQexXhwwOmeSd6mE6TONf1lkoSnlQajRLWurLkUTsdgdwokZOy5NQOVuiguzkE_NNAAQBN0zxnjRnTF52jAB-Z-AYCPdGWRoSxI6CH4FGNU6stuEvE8O6_xl63KBtsdPEXLw7KEejJzd9JBKV8lxyaZX-bngcuHgFEbyd2A-vq0GmwBUr11UyKQwZooHerFKd2OZk8V825LGgheC5tPjXfVW_HpcBK-XyKG4msocdHALe1F&lptoken=1615673a774051203019
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 22:22:28 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 54cddd432c7d2f00e488a3bf9b0f0a74
c5c945a7a8e2155d219e32879292fc990c354b89
9bb04eb66771fe0a76a4482e64d7c54a11bf8ef45a8b3d72903e51594202def7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 22:22:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 17:11:13 GMT
Expires: Sat, 12 Nov 2022 17:11:12 GMT
Etag: "c5c945a7a8e2155d219e32879292fc990c354b89"
Cache-Control: max-age=499123,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76613a651a0cb4ff-OSL
umbra.lol/land2/671b7c6f53f2ee47457300ca369f1d5516e3a8c0.html?cep=G-XWGnl3GO9TxIDUCtzRH1LjAbdj29mchzFOARd1Dzt6Mq-qJIhHpf4EIvgw1auw49F0HZ3HEIsDydfQAkt3bnXoNqRHQJcsZNlVqwEbhzFijDTqx8wZmaBepGSVRLkUeyuLo3C4qTSYSuSNrbQexXhwwOmeSd6mE6TONf1lkoSnlQajRLWurLkUTsdgdwokZOy5NQOVuiguzkE_NNAAQBN0zxnjRnTF52jAB-Z-AYCPdGWRoSxI6CH4FGNU6stuEvE8O6_xl63KBtsdPEXLw7KEejJzd9JBKV8lxyaZX-bngcuHgFEbyd2A-vq0GmwBUr11UyKQwZooHerFKd2OZk8V825LGgheC5tPjXfVW_HpcBK-XyKG4msocdHALe1F&lptoken=1615673a774051203019
68.65.122.97200 OK 4.7 kB URL HTTP/2 umbra.lol/land2/671b7c6f53f2ee47457300ca369f1d5516e3a8c0.html?cep=G-XWGnl3GO9TxIDUCtzRH1LjAbdj29mchzFOARd1Dzt6Mq-qJIhHpf4EIvgw1auw49F0HZ3HEIsDydfQAkt3bnXoNqRHQJcsZNlVqwEbhzFijDTqx8wZmaBepGSVRLkUeyuLo3C4qTSYSuSNrbQexXhwwOmeSd6mE6TONf1lkoSnlQajRLWurLkUTsdgdwokZOy5NQOVuiguzkE_NNAAQBN0zxnjRnTF52jAB-Z-AYCPdGWRoSxI6CH4FGNU6stuEvE8O6_xl63KBtsdPEXLw7KEejJzd9JBKV8lxyaZX-bngcuHgFEbyd2A-vq0GmwBUr11UyKQwZooHerFKd2OZk8V825LGgheC5tPjXfVW_HpcBK-XyKG4msocdHALe1F&lptoken=1615673a774051203019
IP 68.65.122.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (514)
Hash 39e04879e2064788c963f8e15b9455cc
c79748533772ebfb1b38b20fadccb824e536bc09
c5bea4d7e61c32f44a93a9be996805c059f4d02fa69d1156212836a7f894af9f
GET /land2/671b7c6f53f2ee47457300ca369f1d5516e3a8c0.html?cep=G-XWGnl3GO9TxIDUCtzRH1LjAbdj29mchzFOARd1Dzt6Mq-qJIhHpf4EIvgw1auw49F0HZ3HEIsDydfQAkt3bnXoNqRHQJcsZNlVqwEbhzFijDTqx8wZmaBepGSVRLkUeyuLo3C4qTSYSuSNrbQexXhwwOmeSd6mE6TONf1lkoSnlQajRLWurLkUTsdgdwokZOy5NQOVuiguzkE_NNAAQBN0zxnjRnTF52jAB-Z-AYCPdGWRoSxI6CH4FGNU6stuEvE8O6_xl63KBtsdPEXLw7KEejJzd9JBKV8lxyaZX-bngcuHgFEbyd2A-vq0GmwBUr11UyKQwZooHerFKd2OZk8V825LGgheC5tPjXfVW_HpcBK-XyKG4msocdHALe1F&lptoken=1615673a774051203019 HTTP/1.1
Host: umbra.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
last-modified: Wed, 28 Sep 2022 10:33:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4704
date: Sun, 06 Nov 2022 22:22:28 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d862f992e9902530594e7aca425f129b
25b414fe833d30b52928535d659a1ee281b82e3a
0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4599
Cache-Control: max-age=129662
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 22:22:28 GMT
Etag: "6367792b-1d7"
Expires: Tue, 08 Nov 2022 10:23:30 GMT
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0b1c0ce71472c4771ec26b3c0b6caa3f
a490d46b533f616556669a93116fc05993ce2128
872472dcc46f3e472fb5c7556a7d3c145b1beb3ded88ffdfa1c456a3ded65ea1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "872472DCC46F3E472FB5C7556A7D3C145B1BEB3DED88FFDFA1C456A3DED65EA1"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21535
Expires: Mon, 07 Nov 2022 04:21:24 GMT
Date: Sun, 06 Nov 2022 22:22:29 GMT
Connection: keep-alive
track.umbra.lol/d/.js?lpref=&lpurl=https%3A%2F%2Fumbra.lol%2Fland2%2F671b7c6f53f2ee47457300ca369f1d5516e3a8c0.html%3Fcep%3DG-XWGnl3GO9TxIDUCtzRH1LjAbdj29mchzFOARd1Dzt6Mq-qJIhHpf4EIvgw1auw49F0HZ3HEIsDydfQAkt3bnXoNqRHQJcsZNlVqwEbhzFijDTqx8wZmaBepGSVRLkUeyuLo3C4qTSYSuSNrbQexXhwwOmeSd6mE6TONf1lkoSnlQajRLWurLkUTsdgdwokZOy5NQOVuiguzkE_NNAAQBN0zxnjRnTF52jAB-Z-AYCPdGWRoSxI6CH4FGNU6stuEvE8O6_xl63KBtsdPEXLw7KEejJzd9JBKV8lxyaZX-bngcuHgFEbyd2A-vq0GmwBUr11UyKQwZooHerFKd2OZk8V825LGgheC5tPjXfVW_HpcBK-XyKG4msocdHALe1F%26lptoken%3D1615673a774051203019%23&lpt=Attention!&vtm=1667773346906
18.195.30.247200 OK 2.9 kB URL HTTP/2 track.umbra.lol/d/.js?lpref=&lpurl=https%3A%2F%2Fumbra.lol%2Fland2%2F671b7c6f53f2ee47457300ca369f1d5516e3a8c0.html%3Fcep%3DG-XWGnl3GO9TxIDUCtzRH1LjAbdj29mchzFOARd1Dzt6Mq-qJIhHpf4EIvgw1auw49F0HZ3HEIsDydfQAkt3bnXoNqRHQJcsZNlVqwEbhzFijDTqx8wZmaBepGSVRLkUeyuLo3C4qTSYSuSNrbQexXhwwOmeSd6mE6TONf1lkoSnlQajRLWurLkUTsdgdwokZOy5NQOVuiguzkE_NNAAQBN0zxnjRnTF52jAB-Z-AYCPdGWRoSxI6CH4FGNU6stuEvE8O6_xl63KBtsdPEXLw7KEejJzd9JBKV8lxyaZX-bngcuHgFEbyd2A-vq0GmwBUr11UyKQwZooHerFKd2OZk8V825LGgheC5tPjXfVW_HpcBK-XyKG4msocdHALe1F%26lptoken%3D1615673a774051203019%23&lpt=Attention!&vtm=1667773346906
IP 18.195.30.247:0
File type ASCII text, with very long lines (874)
Hash 7dff778b938b3ab219ff3cb5da637893
3d2c1c3dc4f11d288a5bb7acaa2850ed5a12960a
829471c924cc9a5ce4535b2810b1114c72bb270fe10a24ce342d6d551b6e94a2
GET /d/.js?lpref=&lpurl=https%3A%2F%2Fumbra.lol%2Fland2%2F671b7c6f53f2ee47457300ca369f1d5516e3a8c0.html%3Fcep%3DG-XWGnl3GO9TxIDUCtzRH1LjAbdj29mchzFOARd1Dzt6Mq-qJIhHpf4EIvgw1auw49F0HZ3HEIsDydfQAkt3bnXoNqRHQJcsZNlVqwEbhzFijDTqx8wZmaBepGSVRLkUeyuLo3C4qTSYSuSNrbQexXhwwOmeSd6mE6TONf1lkoSnlQajRLWurLkUTsdgdwokZOy5NQOVuiguzkE_NNAAQBN0zxnjRnTF52jAB-Z-AYCPdGWRoSxI6CH4FGNU6stuEvE8O6_xl63KBtsdPEXLw7KEejJzd9JBKV8lxyaZX-bngcuHgFEbyd2A-vq0GmwBUr11UyKQwZooHerFKd2OZk8V825LGgheC5tPjXfVW_HpcBK-XyKG4msocdHALe1F%26lptoken%3D1615673a774051203019%23&lpt=Attention!&vtm=1667773346906 HTTP/1.1
Host: track.umbra.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://umbra.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 22:22:29 GMT
content-type: application/javascript;charset=UTF-8
content-length: 2902
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.125.72101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.125.72:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ntbptpoyio8OTigQS5AJzw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2uBlONMxj9ML5H8/gW9Z/vYxTuk=
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfaf6e9c3b61921732955af1fb21c2ab
3747df6876b7ff05383b0c6f9bb25a6b5fcc799e
fa6e2ded205fdef89ef8084d26e5ebdfcf4297f15d91609bfbf103e2d078fb23
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "FA6E2DED205FDEF89EF8084D26E5EBDFCF4297F15D91609BFBF103E2D078FB23"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21544
Expires: Mon, 07 Nov 2022 04:21:33 GMT
Date: Sun, 06 Nov 2022 22:22:29 GMT
Connection: keep-alive
ios-protection.com/en/imitatenobr/en/icon.png
172.67.163.136200 OK 6.0 kB URL HTTP/2 ios-protection.com/en/imitatenobr/en/icon.png
IP 172.67.163.136:0
File type PNG image data, 60 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash f3bd4c11560fd617cabaddc46c090032
6e6c962e561af2b30f374c480a70f6571023dd40
ae5f00ff823451639b66cb0ea59c4e62f89ca43ab299e978bfdae02a163abfba
GET /en/imitatenobr/en/icon.png HTTP/1.1
Host: ios-protection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://umbra.lol/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 22:22:29 GMT
content-type: image/png
content-length: 5993
last-modified: Thu, 08 Sep 2022 08:48:24 GMT
etag: "6319ac58-1769"
expires: Sat, 05 Nov 2022 21:48:07 GMT
cache-control: max-age=86400
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
referrer-policy: strict-origin
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kARdiFzkVT1qrvM43pIGMZYSerQNehjpOZVhg3Zlo37vSiTU7%2F0Mlnvyn%2Bvrad5z0TPMHYT01AEhfqglZdfBeVSrwcMEKZwh5Lc1tpim0Z%2FJVzXzTukh2R7CZ6r0LL1K8dtP42c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76613a68fb19b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfaf6e9c3b61921732955af1fb21c2ab
3747df6876b7ff05383b0c6f9bb25a6b5fcc799e
fa6e2ded205fdef89ef8084d26e5ebdfcf4297f15d91609bfbf103e2d078fb23
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "FA6E2DED205FDEF89EF8084D26E5EBDFCF4297F15D91609BFBF103E2D078FB23"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21544
Expires: Mon, 07 Nov 2022 04:21:33 GMT
Date: Sun, 06 Nov 2022 22:22:29 GMT
Connection: keep-alive
umbra.lol/favicon.ico
68.65.122.97404 Not Found 1.2 kB IP 68.65.122.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: umbra.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://umbra.lol/land2/671b7c6f53f2ee47457300ca369f1d5516e3a8c0.html?cep=G-XWGnl3GO9TxIDUCtzRH1LjAbdj29mchzFOARd1Dzt6Mq-qJIhHpf4EIvgw1auw49F0HZ3HEIsDydfQAkt3bnXoNqRHQJcsZNlVqwEbhzFijDTqx8wZmaBepGSVRLkUeyuLo3C4qTSYSuSNrbQexXhwwOmeSd6mE6TONf1lkoSnlQajRLWurLkUTsdgdwokZOy5NQOVuiguzkE_NNAAQBN0zxnjRnTF52jAB-Z-AYCPdGWRoSxI6CH4FGNU6stuEvE8O6_xl63KBtsdPEXLw7KEejJzd9JBKV8lxyaZX-bngcuHgFEbyd2A-vq0GmwBUr11UyKQwZooHerFKd2OZk8V825LGgheC5tPjXfVW_HpcBK-XyKG4msocdHALe1F&lptoken=1615673a774051203019
Cookie: vl-cep=cep=tQ_6w7NLp7SI2xo-RATpDfY3_d_nUjsFkkRdSGet58tqmzFam6X0bd5z2iK0EDbOJs5u96TbSQlmq4h2dWuvIiJStmfGqBG4HNuxpVrscDCgZ_aIdR04nXWi2qIillAwG7wsAh6Csd7zNrxoNnEF9vF_kdvBP-tBqgDzHenP5e7nwLajaVSkalE7gDQucDY512q5AEbUuIW2SWWyD9k1j0WCwGqb5ITKoCC0_ic_tQrdMYm4nDfnw5DF4dxI8WezTgsVT8ChsVpJ8BVxL2vGCDnaDEFlXQEBcbr6vAmRQfZLPscj6IwpV2A24s8kwPddcYWkScGBA5pYqF4_nSLvmlu-30nJVF8uVD9clAMoZh6moP5KDAkYjKJRMSjyk4_C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sun, 06 Nov 2022 22:22:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7979
Expires: Mon, 07 Nov 2022 00:35:29 GMT
Date: Sun, 06 Nov 2022 22:22:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7979
Expires: Mon, 07 Nov 2022 00:35:29 GMT
Date: Sun, 06 Nov 2022 22:22:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6db454c-443b-4ca6-982a-3856bcc96e03.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6db454c-443b-4ca6-982a-3856bcc96e03.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 261f11f1f3c32679559e7ca92868bca9
0cb101f9081261eaadc55593acedeae23a530114
15e6d3cb9b100bce9ebcc537939f56703f6a9018bcbcc76bebc2cdac1b92f363
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6db454c-443b-4ca6-982a-3856bcc96e03.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6907
x-amzn-requestid: b6f67609-796a-4beb-b51b-e241fb4f7b13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bMtWGE3yIAMF1FA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636828f3-6520fdac16744a3d237d0746;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 21:36:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uC3eqDqX2p4N8YJpNFjG1RZgd-seTCgcNrla3-hm66RDZPigEc2ubA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 21:51:00 GMT
etag: "0cb101f9081261eaadc55593acedeae23a530114"
content-type: image/jpeg
age: 1890
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa958db65-71f7-4c79-9753-9af1fe88477b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa958db65-71f7-4c79-9753-9af1fe88477b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a5e060b41bd5313b1cf828c1d5ecbcc
e63e4bee84953491236a8261ef07b5a4743fa891
e8750b0156ed980f11682d92f5c60ce2783518b37f156e74340617a74d826813
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa958db65-71f7-4c79-9753-9af1fe88477b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13224
x-amzn-requestid: d6c8a626-313d-4add-9467-eb946a38262a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a9iPHEkgoAMF1Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6362172d-1be7a03a1b288dec56281915;Sampled=0
x-amzn-remapped-date: Wed, 02 Nov 2022 07:07:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: R2vHbrKm_n2kWK3bG4htWAIqi1YNjNjaX8LG5AWWHPlKnaWi6JAGzA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 20:12:14 GMT
age: 7816
etag: "e63e4bee84953491236a8261ef07b5a4743fa891"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 09:11:34 GMT
age: 47456
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1257248e-fe28-4957-b9ab-69ac80322250.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1257248e-fe28-4957-b9ab-69ac80322250.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 247a287e6f9c64b82090a10f9dcc67ce
2920c3a58ecf25799069c33cf304edbb6bc03e90
3c4452c5e175ffdb68cf2ebe9dc83560eed52f11cd456fea4a4ad0001f950280
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1257248e-fe28-4957-b9ab-69ac80322250.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9187
x-amzn-requestid: 268dc5ff-71b7-4570-8104-0647250cef4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGXhrGsZoAMF4MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63659fa4-487e71380605f6e16bc05e28;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 23:26:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Kf6GV5vE8xIBFwFhV4WOYkEOMawiiKvcrB9XIAQWa-xo43PDlNYVCw==
via: 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 22:05:57 GMT
age: 993
etag: "2920c3a58ecf25799069c33cf304edbb6bc03e90"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F546ab5b1-f588-4ce7-97f3-29ce7fbebad3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F546ab5b1-f588-4ce7-97f3-29ce7fbebad3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 200c49edab8c82958daf311146d431ba
7f52cb1318b16f59ca6df0d1c810b567a799073a
8870497d5784f369cef169b2dbd61f4b431e31853441ec8d4e739955acd9a6ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F546ab5b1-f588-4ce7-97f3-29ce7fbebad3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10695
x-amzn-requestid: 6fb6f603-98d6-40ee-9ed8-a247c8e14b2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bMtUrGX4IAMF-Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636828ea-538fda19613b37ef48bd05e9;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cP5v3pe6hzAQ5UOrc4eFPv8n31kimd__XrXGdRxgyO8sZpCat727CQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 21:39:31 GMT
age: 2579
etag: "7f52cb1318b16f59ca6df0d1c810b567a799073a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F100d1c51-b2c7-40d5-bd34-a37c21b8252d.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F100d1c51-b2c7-40d5-bd34-a37c21b8252d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0a079a6dfb70fb2a2d6b5aff7103f73
55ffd5d6cb8074bdbdb8d06719119021bc81aeab
196ffd4e5245355c1c5d67f49b28200630ccfe1e4ebaa7280154b7adaf39b18f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F100d1c51-b2c7-40d5-bd34-a37c21b8252d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9435
x-amzn-requestid: 7c39c00f-1362-44c1-9628-749045e542b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEIU9G5gIAMFzZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364ba85-57fbfb872251c37f4137b262;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 07:08:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GaFmcnh2vF0lCj_QPQ7SAIT_UzHHyr8UaHa-R_ifuZsX7quU0mBJ9Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 21:50:59 GMT
age: 1891
etag: "55ffd5d6cb8074bdbdb8d06719119021bc81aeab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ios-protection.com/en/imitatenobr/en/sounds/alert.mp3
172.67.163.136404 Not Found 0 B URL HTTP/2 ios-protection.com/en/imitatenobr/en/sounds/alert.mp3
IP 172.67.163.136:0
Analyzer Verdict Alert fortinet Phishing
GET /en/imitatenobr/en/sounds/alert.mp3 HTTP/1.1
Host: ios-protection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://umbra.lol/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 06 Nov 2022 22:22:29 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Npo3yN6xDKsWdOQRyVVVcKXavUNnKS7jkZSw1Iyiaz8QHiexRxGOss55YVCqvDEVzoTz96%2B0Qa2l87NqCryoP%2FYoBa6WCpUPuN0KwQISfnJsuJljZqeamn7asQve3qo2zUCluC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76613a698bbcb4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2