r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0602913f3d432ffbfaa654440972ee1
e5aaf31749e65875fd840091f9a3bba641de413d
5495ad212166703dcd1d17d7aa6ff4d1c40e73dfad703d24f00f60f35bc7d56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5495AD212166703DCD1D17D7AA6FF4D1C40E73DFAD703D24F00F60F35BC7D56C"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5904
Expires: Thu, 13 Oct 2022 20:22:46 GMT
Date: Thu, 13 Oct 2022 18:44:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.65200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 13 Oct 2022 17:49:35 GMT
Expires: Thu, 13 Oct 2022 18:27:14 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 54Lsg1kbvcKTPYUKdl8WIKvJljqPJZpCVcU2GWShs_l0osOZLg9bQw==
Age: 3287
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bce7a9c1ff7500c4cfad5c3a3581a939
74b8dadf6ead0ce5d1d72e40a2eac554c5f5430c
6c840089371a0e25d60d0d76d6400348b0cdfb5967876c7b88e2b4a2aaf01a03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C840089371A0E25D60D0D76D6400348B0CDFB5967876C7B88E2B4A2AAF01A03"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9389
Expires: Thu, 13 Oct 2022 21:20:51 GMT
Date: Thu, 13 Oct 2022 18:44:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: m9eCOeCT7Lzw5xTkTaJLHbapl/X/s+sg74w98vrPYnvGVjdbRxkUvZ5mkijv1rtYpor9ZzQ1/ReVlTqkHnqF8w==
x-amz-request-id: BRZFVB7ZVFT1PS3B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 13 Oct 2022 18:01:49 GMT
age: 2553
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 18:44:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.65200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 13 Oct 2022 18:07:43 GMT
Cache-Control: max-age=3600
Expires: Thu, 13 Oct 2022 18:26:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Wxx_Ygi32-uCyCfzt-o-EIT-91sXU46vdTpBs4grxMsPp-zNVpN0NA==
Age: 2199
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3583e23195fad53de085f55b7ae476b8
1e1ee824f8b5706b0a32b269af82769bb44f5d0f
0c3d6dbcec45e2d28fe0b43d2ae2eaf8cbb05d435b981edc1da311ce356fe30d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6260
Cache-Control: max-age=140808
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 18:44:22 GMT
Etag: "6347c71a-1d7"
Expires: Sat, 15 Oct 2022 09:51:10 GMT
Last-Modified: Thu, 13 Oct 2022 08:06:50 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.187.71.185101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.71.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MknjrQP3wB7Vc8Ai2PtZuA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vxb5sWcB5F4+cl84jHAwicKUmzw=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 24b79ec946ea2f46c118f1d32753fab7
9e3a5b712f6f1aea7bf30cad622a113428736c02
2444b6ba10658bc23690a3065438df55ac52b240bde9c29a5226a3588924e65a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 18:44:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 24b79ec946ea2f46c118f1d32753fab7
9e3a5b712f6f1aea7bf30cad622a113428736c02
2444b6ba10658bc23690a3065438df55ac52b240bde9c29a5226a3588924e65a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 18:44:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.7 kB IP 142.250.74.3:0
Hash 25e0fc6aa0401283371fcc231df03796
54bca12079dc7159bbd5146487ec443b0e57437e
d4c6f12270d796f1cb402421e439e5d2a221bb6496202d38d4444c52c681f486
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 18:44:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4a7c955d46e803f09524911fe5a34259
4adbbd7a049b7b450193b253fa7f1fb7cd4bb77e
c1072a4938a4aea6d25ea19540790b57fd0118765511cbbb963b41d1cd7ad642
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 18:44:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.195200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.195:0
Hash 093f3063515d410ea97aea272987da8b
96cb3962b3acac32d1098bc4864c5b58c65baf0e
6472752f88ea202c7ced5b5d64f14d6fd69d4d736461b2a9b9147fc9d5b8f29f
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://godentalcare.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Oct 2022 17:10:21 GMT
expires: Wed, 11 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 178442
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4a7c955d46e803f09524911fe5a34259
4adbbd7a049b7b450193b253fa7f1fb7cd4bb77e
c1072a4938a4aea6d25ea19540790b57fd0118765511cbbb963b41d1cd7ad642
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 18:44:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4a7c955d46e803f09524911fe5a34259
4adbbd7a049b7b450193b253fa7f1fb7cd4bb77e
c1072a4938a4aea6d25ea19540790b57fd0118765511cbbb963b41d1cd7ad642
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 18:44:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4a7c955d46e803f09524911fe5a34259
4adbbd7a049b7b450193b253fa7f1fb7cd4bb77e
c1072a4938a4aea6d25ea19540790b57fd0118765511cbbb963b41d1cd7ad642
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 18:44:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
Hash 5194b587b5045e6f2c0a09147634ae6a
e130805699c15fb7cfc85d7d8a019baf67369ad0
a2901fb66b0571e148bfacbb9fe1e6c203de5f750ef838a27515ef4d8a258509
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://godentalcare.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 05:42:51 GMT
expires: Fri, 13 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 46892
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
216.58.207.195200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Hash ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://godentalcare.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 07:00:19 GMT
expires: Fri, 13 Oct 2023 07:00:19 GMT
cache-control: public, max-age=31536000
age: 42244
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Hash efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://godentalcare.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 10 Oct 2022 20:02:02 GMT
expires: Tue, 10 Oct 2023 20:02:02 GMT
cache-control: public, max-age=31536000
age: 254541
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accessily.com/img/Accessily_badge.png
104.21.86.155404 Not Found 23 kB URL HTTP/2 accessily.com/img/Accessily_badge.png
IP 104.21.86.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 81af831e0d0be4c0a3a7bba228485325
d17f26d93fc8a3819991f7efc22f19c2e9f2ee8e
7fd465c5519676a06ed051cfcc5d104040f7b6419863770f89383527a0608aa1
GET /img/Accessily_badge.png HTTP/1.1
Host: accessily.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://godentalcare.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Thu, 13 Oct 2022 18:44:23 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=2678400
cf-cache-status: HIT
age: 104
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuqfRXUkZZ0079tugOdylEekmEfv8NZamEYkbIKdRRHv1JV0UcAiCJdfirNMnBReNj9cO0jWu59txRp8YlSh1NruGWQZXtAX6YPon0BVgxXaYv3AmWqJanRLGHi8HFu2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 759a39f0b85c0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d5738fadfd14ee094abde15bccc21efa
dc09db0e0d326104b2c41c8982e036d770f0a2f9
11785be62471d0c75f0ef30c8bc4c40ebc217b3c256dcc4e47d6dbd937b99551
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 18:44:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4797
Expires: Thu, 13 Oct 2022 20:04:21 GMT
Date: Thu, 13 Oct 2022 18:44:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4797
Expires: Thu, 13 Oct 2022 20:04:21 GMT
Date: Thu, 13 Oct 2022 18:44:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4797
Expires: Thu, 13 Oct 2022 20:04:21 GMT
Date: Thu, 13 Oct 2022 18:44:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 372301cc3e0ad3b9318a13a6ec327d30
9d34de85f08bf496e76a3577e0b23af5a2e06548
b5b57c12618c4d45d9b712be3fccaba0debbbf018f82b028bff74e39a077cf03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5B57C12618C4D45D9B712BE3FCCABA0DEBBBF018F82B028BFF74E39A077CF03"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4797
Expires: Thu, 13 Oct 2022 20:04:21 GMT
Date: Thu, 13 Oct 2022 18:44:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F792c747c-98f4-41ff-82f8-4c4c6b53cdd9.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F792c747c-98f4-41ff-82f8-4c4c6b53cdd9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c1c9c993c5a82d5a146afa74f3455c24
34d415f33034c3f825c7adaf35c29fb0f597ed5b
212acaf34f23c1b351320600adb1f467986f7a9c24f6e573384eb513317c78d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F792c747c-98f4-41ff-82f8-4c4c6b53cdd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12475
x-amzn-requestid: 66e8a01a-ba8e-4142-9f26-16cd153e98cc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtpojFH5IAMFfbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63422303-048d921853ef351357c45b36;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 01:25:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: shlClI--CZDLhubG0uAFTKcTaHVr6QhiRE2KXdnOjibRZXBVdixrpw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 04:49:33 GMT
age: 50091
etag: "34d415f33034c3f825c7adaf35c29fb0f597ed5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c3b83e-ab1b-415f-87e8-75fbe6a8804e.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c3b83e-ab1b-415f-87e8-75fbe6a8804e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4428a41f1c63e0c32664bc1b7d6b65a0
325484ea6c2653483019d85d690b4a697f8dde9f
7a8e1afc1f987dbd6275617db2655d7f92f2ead75ce6cbe924bf572e1b2567d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c3b83e-ab1b-415f-87e8-75fbe6a8804e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7580
x-amzn-requestid: 6a320517-254f-40f6-b7cd-b87317d2177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6Tq9HkqoAMFVcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63473312-13af2ea55b9d524d37b1dd46;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:35:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: id-QQZYxL6Dpl_Z2U4srKJqH00wGS4K1XkEtmfWNXDWgEvBCjta61w==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:43:09 GMT
age: 75675
etag: "325484ea6c2653483019d85d690b4a697f8dde9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc8e71c-ad38-40c0-aa1c-62d0543b412e.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc8e71c-ad38-40c0-aa1c-62d0543b412e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7c910df57ddbb4c965a2368ecd0b7c0
3c43ed5bf8ebd3e103a6b8f4736ccb414353937e
bfe79d8edb1e729797ca5a044b425a50e17402a8e02f7aa46d196c4717940995
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc8e71c-ad38-40c0-aa1c-62d0543b412e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3621
x-amzn-requestid: 331206f5-c205-42f7-b4ec-33cda2fb63b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxutmHYYoAMFW9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6343c4bd-40c2f12833e077be52ca770c;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 07:07:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: m0UA1qs-Ea9UjOtLqAwh7WEhU3OJAwvBKEuyn7iUUweXAHdFDYpjMQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 07:40:57 GMT
age: 39807
etag: "3c43ed5bf8ebd3e103a6b8f4736ccb414353937e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3ba405-5ddf-47b4-a3a4-c8bbbb892ae1.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3ba405-5ddf-47b4-a3a4-c8bbbb892ae1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a5b340fa22bc00565ee580506185ee6
82a9e94edf6c32a825c7ab17032ec1e12f3b8f64
a1a6c75338c0a27765c510d3b417ab452eade7dea7e59db1aa4ddf1e52cfbc41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3ba405-5ddf-47b4-a3a4-c8bbbb892ae1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3460
x-amzn-requestid: c5274c89-1ff2-430d-8f86-fcf875b33da6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0e-EE8VoAMFSFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344dec0-1fb43c655a843a72400ded76;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:10:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TNmMNrPPGcJsR_4G83tFzuuHecnILprs9wVt7BrCbLmjVEGImlj4vA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 04:04:29 GMT
age: 52795
etag: "82a9e94edf6c32a825c7ab17032ec1e12f3b8f64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f4ddcd0-37eb-41bb-b930-ef4cec44401e.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f4ddcd0-37eb-41bb-b930-ef4cec44401e.jpeg
IP 34.120.237.76:0
Hash eb848c4d5129058462b83464ba6044f6
4e460b36483a9a0454a6bc9c9b110a8954c9628a
0864d3b4790f102b8f87ab90562d5272547fa397b5b191195310389a414b826d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f4ddcd0-37eb-41bb-b930-ef4cec44401e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7434
x-amzn-requestid: d2ca5388-80cd-4082-a01c-54d701494d20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6TqfERSIAMF8-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347330f-340bae193e3547840bd0d45d;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 02jwYGldxH-OiwHR5fFT9V5PrbU2xMx8dPMeGRA3byKZZ7wPAuMVLg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:52:17 GMT
etag: "66ae1ad987d78fc76dd7cdc4f30a8e903ff47d49"
content-type: image/jpeg
age: 75127
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd38e46c-1252-4a62-b18c-fa49d9d76841.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd38e46c-1252-4a62-b18c-fa49d9d76841.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7411df7da53e98c4988663b3338ac449
cd5518eff668619efbf3b821306d651fcb30a712
b87d92eef134e1378d51aac8503545949596c982b53fbda75ccbec71dbff6d7b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd38e46c-1252-4a62-b18c-fa49d9d76841.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5994
x-amzn-requestid: c4d202a5-0dcc-4ece-9200-4f1865d619c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZhRaIHWfoAMFgGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633d2f73-07f65d1f633273a6422c4e5c;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 07:17:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jc6QSHFxsZBjkJx66v2m6XvBaImSG43hXrLd-VW7mK-e3R8v1V94ng==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:59:14 GMT
age: 74710
etag: "cd5518eff668619efbf3b821306d651fcb30a712"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
away.bettershitecolumn.com/fly/follow.js?v=3.8.3
91.211.91.104200 OK 264 B URL HTTP/2 away.bettershitecolumn.com/fly/follow.js?v=3.8.3
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
File type ASCII text, with no line terminators
Hash 097cb2a23be637330a947fa13eade5cc
768238b5f60182f4cf43514ba34c02db523f0278
ae9e443696485a89aff52db60660e3b8d29909638f025cf68715746265adc3ec
GET /fly/follow.js?v=3.8.3 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://godentalcare.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 18:44:25 GMT
content-type: text/html; charset=UTF-8
content-length: 264
x-powered-by: PHP/7.3.33
set-cookie: ht_rr=1; expires=Fri, 14-Oct-2022 18:44:25 GMT; Max-Age=86400; path=/
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
away.bettershitecolumn.com/fly.php?t=aHR0cHM6Ly9laGltaW5hbmxhaWRlLnRrL2hlbHAvPzIzMDcxNjUwOTAyMTIw
91.211.91.104302 Found 0 B URL HTTP/2 away.bettershitecolumn.com/fly.php?t=aHR0cHM6Ly9laGltaW5hbmxhaWRlLnRrL2hlbHAvPzIzMDcxNjUwOTAyMTIw
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fly.php?t=aHR0cHM6Ly9laGltaW5hbmxhaWRlLnRrL2hlbHAvPzIzMDcxNjUwOTAyMTIw HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://godentalcare.com.au/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 13 Oct 2022 18:44:26 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/fly.php?lid=9554-29&t=aHR0cHM6Ly9laGltaW5hbmxhaWRlLnRrL2hlbHAvPzIzMDcxNjUwOTAyMTIw
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
away.bettershitecolumn.com/fly.php?lid=9554-29&t=aHR0cHM6Ly9laGltaW5hbmxhaWRlLnRrL2hlbHAvPzIzMDcxNjUwOTAyMTIw
91.211.91.104200 OK 740 B URL HTTP/2 away.bettershitecolumn.com/fly.php?lid=9554-29&t=aHR0cHM6Ly9laGltaW5hbmxhaWRlLnRrL2hlbHAvPzIzMDcxNjUwOTAyMTIw
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b18699c1e3bc4ca8cc23cdde5245486f
c941a5ccd6e573d1ef6b1a53638dc55d50f6fe82
409c4ce0e7cbdea7a6ef12162e7b749e49b5698333b490a0c87c8677aeb236fc
GET /fly.php?lid=9554-29&t=aHR0cHM6Ly9laGltaW5hbmxhaWRlLnRrL2hlbHAvPzIzMDcxNjUwOTAyMTIw HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://godentalcare.com.au/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 18:44:26 GMT
content-type: text/html; charset=UTF-8
content-length: 740
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eb22410129525ff36d2141e0864ee78c
210b7cc49dc01cb027924fa68c91fedc44352874
47a44e5268ddc249c49aec4d6ab54a30ff48bdf080e2116bb5c24ed3df6f27fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47A44E5268DDC249C49AEC4D6AB54A30FF48BDF080E2116BB5C24ED3DF6F27FA"
Last-Modified: Tue, 11 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2314
Expires: Thu, 13 Oct 2022 19:23:00 GMT
Date: Thu, 13 Oct 2022 18:44:26 GMT
Connection: keep-alive
whitetouchmysky.com/l89ea0f0d.js
185.177.92.29200 OK 54 B URL HTTP/2 whitetouchmysky.com/l89ea0f0d.js
IP 185.177.92.29:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash b00c6e64b490a0a8cde59d4fb3b4ffe1
bf886536cd6072bb2839ff06998956d96537142b
9a595925ca018867df53ec2725eed08f61bebf383468752c4413019046849975
GET /l89ea0f0d.js HTTP/1.1
Host: whitetouchmysky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=18702993-97ba-4327-b63f-53d284a73a11
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 18:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 54
last-modified: Sat, 18 Jun 2022 12:51:55 GMT
etag: "62adca6b-36"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
whitetouchmysky.com/go/mu2gknlgme5dgnjs
185.177.92.29200 OK 29 kB URL HTTP/2 whitetouchmysky.com/go/mu2gknlgme5dgnjs
IP 185.177.92.29:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18459)
Hash 42c27a1d6cd09893a858bd99339831d2
2128800df834e27038d14f3649dd570a9860b439
bc8a0ca5985c3ebe0516601320db1466483b51f910bd2c780a4b096b4a40f35c
GET /go/mu2gknlgme5dgnjs HTTP/1.1
Host: whitetouchmysky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.bettershitecolumn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 18:44:26 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=18702993-97ba-4327-b63f-53d284a73a11; expires=Sat, 12-Nov-2022 18:44:26 GMT; Max-Age=2592000; path=/; domain=whitetouchmysky.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e1c96df676ef2803810973ef4deec913
68f5bf7b8103bcc634e0c26ea6621d532954e4c1
9aaf52318f4ede2b94c4a48fa74bbff3261fe629c64be240d4530dd88460f4f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AAF52318F4EDE2B94C4A48FA74BBFF3261FE629C64BE240D4530DD88460F4F9"
Last-Modified: Tue, 11 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12621
Expires: Thu, 13 Oct 2022 22:14:48 GMT
Date: Thu, 13 Oct 2022 18:44:27 GMT
Connection: keep-alive
0.whitetouchmysky.com/l89ea0f0d.js
185.177.92.29200 OK 54 B URL HTTP/2 0.whitetouchmysky.com/l89ea0f0d.js
IP 185.177.92.29:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash b00c6e64b490a0a8cde59d4fb3b4ffe1
bf886536cd6072bb2839ff06998956d96537142b
9a595925ca018867df53ec2725eed08f61bebf383468752c4413019046849975
GET /l89ea0f0d.js HTTP/1.1
Host: 0.whitetouchmysky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=18702993-97ba-4327-b63f-53d284a73a11; uuid=18702993-97ba-4327-b63f-53d284a73a11
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 18:44:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 54
last-modified: Sat, 18 Jun 2022 12:51:55 GMT
etag: "62adca6b-36"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
0.whitetouchmysky.com/favicon.ico
185.177.92.29204 No Content 0 B URL HTTP/2 0.whitetouchmysky.com/favicon.ico
IP 185.177.92.29:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 0.whitetouchmysky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.whitetouchmysky.com/index.php?p=mu2gknlgme5dgnjs
Cookie: uuid=18702993-97ba-4327-b63f-53d284a73a11; uuid=18702993-97ba-4327-b63f-53d284a73a11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 13 Oct 2022 18:44:27 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89f138c721d370dc7e9ec62a5249af87
3cdaf757b7b9ebae722bbda272cd16c5ba0707cf
c838fb9d29ec171049bcbb0f547edcb00c85c6b5430e84a0f4ded3b9d20e27eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C838FB9D29EC171049BCBB0F547EDCB00C85C6B5430E84A0F4DED3B9D20E27EB"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9041
Expires: Thu, 13 Oct 2022 21:15:08 GMT
Date: Thu, 13 Oct 2022 18:44:27 GMT
Connection: keep-alive
di4.biz/favicon.ico
185.177.92.179204 No Content 0 B IP 185.177.92.179:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: di4.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://di4.biz/?auf=he2dqnrxgi5dinzvf4ztkmrpgezc6zjqmzswezdeg4xtenbpge3dmnjwha3dmnrx&p=l&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0
Cookie: uuid=b43ab058-8224-4e03-9eb9-159b47ad3302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 13 Oct 2022 18:44:27 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
cdn.weatherplllatform.com/news.js?v=34.5
91.211.91.114200 OK 0 B URL HTTP/2 cdn.weatherplllatform.com/news.js?v=34.5
IP 91.211.91.114:0
ASN #206638 PE Brezhnev Daniil
GET /news.js?v=34.5 HTTP/1.1
Host: cdn.weatherplllatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://godentalcare.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 18:44:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 11 Oct 2022 08:01:57 GMT
vary: Accept-Encoding
etag: W/"634522f5-d5e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
alfonsino.top/sw/lib.js
51.15.19.93200 OK 0 B IP 51.15.19.93:0
GET /sw/lib.js HTTP/1.1
Host: alfonsino.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whitetouchmysky.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 18:44:27 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Fri, 13 Oct 2023 18:44:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
0.whitetouchmysky.com/index.php?p=mu2gknlgme5dgnjs
185.177.92.29200 OK 0 B URL HTTP/2 0.whitetouchmysky.com/index.php?p=mu2gknlgme5dgnjs
IP 185.177.92.29:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Malware
GET /index.php?p=mu2gknlgme5dgnjs HTTP/1.1
Host: 0.whitetouchmysky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://whitetouchmysky.com/
Cookie: uuid=18702993-97ba-4327-b63f-53d284a73a11
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 18:44:27 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=18702993-97ba-4327-b63f-53d284a73a11; expires=Sat, 12-Nov-2022 18:44:27 GMT; Max-Age=2592000; path=/; domain=0.whitetouchmysky.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
alfonsino.top/sw/lib.js
51.15.19.93200 OK 0 B IP 51.15.19.93:0
GET /sw/lib.js HTTP/1.1
Host: alfonsino.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.whitetouchmysky.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 18:44:27 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Fri, 13 Oct 2023 18:44:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
di4.biz/?auf=he2dqnrxgi5dinzvf4ztkmrpgezc6zjqmzswezdeg4xtenbpge3dmnjwha3dmnrx&p=l&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0
185.177.92.179200 OK 0 B URL HTTP/2 di4.biz/?auf=he2dqnrxgi5dinzvf4ztkmrpgezc6zjqmzswezdeg4xtenbpge3dmnjwha3dmnrx&p=l&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0
IP 185.177.92.179:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /?auf=he2dqnrxgi5dinzvf4ztkmrpgezc6zjqmzswezdeg4xtenbpge3dmnjwha3dmnrx&p=l&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0 HTTP/1.1
Host: di4.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.whitetouchmysky.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 18:44:27 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=b43ab058-8224-4e03-9eb9-159b47ad3302; expires=Sat, 12-Nov-2022 18:44:27 GMT; Max-Age=2592000; path=/
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
godentalcare.com.au/ua/ilordmmouull
172.67.134.126200 OK 0 B URL HTTP/2 godentalcare.com.au/ua/ilordmmouull
IP 172.67.134.126:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ua/ilordmmouull HTTP/1.1
Host: godentalcare.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 13 Oct 2022 18:44:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhZcqxVn6D%2FWIcncS%2Brp1%2BUZDm1%2FHahJz3oCtQTbfV8hf4UW7NshShMQEiDQbqZPskkG3%2BIxFKJIw2XZGfEZDbDM9niKZ06l%2BC4J%2B1eTIHbOpf0SOOiY5filjQlWS8Gl5gdeTd5D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 759a39e4bda4b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2