r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2039a1dda99e075b82840608771d2326
e89713a35b312f3b87fbeaad98f03fddecbf77ce
aae78c754635e9833fa6c231d775bddc82add02f9ce3197a0b260a0806e708c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAE78C754635E9833FA6C231D775BDDC82ADD02F9CE3197A0B260A0806E708C3"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3139
Expires: Mon, 19 Dec 2022 10:42:29 GMT
Date: Mon, 19 Dec 2022 09:50:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3865
Expires: Mon, 19 Dec 2022 10:54:35 GMT
Date: Mon, 19 Dec 2022 09:50:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 19 Dec 2022 09:34:22 GMT
content-type: application/json
age: 948
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcade8542361774f13ecd22557ff8fb8
5e67a3753b0856c765f3b17f1742d3ed684ffb6d
647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4496
Expires: Mon, 19 Dec 2022 11:05:06 GMT
Date: Mon, 19 Dec 2022 09:50:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BtiR8J4uCigWFnRXkMlHeCGG7v9PsS6yYnKJSEs3uK8rl54M8lg5rOZTX26Dn1uwCDhGXsTJDRY=
x-amz-request-id: B99JY191W105DPE9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 19 Dec 2022 08:54:29 GMT
age: 3341
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
spare.holearm.shop/kaqtvs/koidj1331hock/drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
172.67.166.162200 OK 558 B URL HTTP/1.1 spare.holearm.shop/kaqtvs/koidj1331hock/drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
IP 172.67.166.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6dbf7e2bf14fe10d6121b0c5e3718b6a
348aaadd8338a35eba9be68a27d568fe7c113654
0d7006cb83deb646068b76cfb6ed22e4896237dbd94d8e2912a2d8391c393f4b
Analyzer Verdict Alert fortinet Malware
GET /kaqtvs/koidj1331hock/drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8riJAOSSMLNayKOLjExqQeMoXjXUOO8MVxpJJARiW0qIKti1%2Fh7sn63I7puCWEKuaKv2Gxwnf9Dtk3%2BcUa5ljs%2BRHUHe5rHnLtReUN6di%2BXpYQj%2F7P3GxLHjebvGkjIKoA7f9w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bf3b824a071c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 09:50:10 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d62c4eea8ea4b9e5545fc952781c3b1d
47ca338b2d6be9d8a22c052d0838bce364463dce
75f6054477e9c699a1ee189cc77b20c5696ec306db93af0396a98b3b5b49bbc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 09:50:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-22484186-3
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 8671b75695a82824b71b60e8efd8a4f8
2402b27438cfe88599ba7c694033fc7b42afa870
9eff87acde1b5944bf1c31351fb1e0e3b66619d24e3fbfea375f42ff4ba8c64c
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spare.holearm.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Dec 2022 09:50:10 GMT
expires: Mon, 19 Dec 2022 09:50:10 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d62c4eea8ea4b9e5545fc952781c3b1d
47ca338b2d6be9d8a22c052d0838bce364463dce
75f6054477e9c699a1ee189cc77b20c5696ec306db93af0396a98b3b5b49bbc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 09:50:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
spare.holearm.shop/jquery-1.11.0.min.js
172.67.166.162200 OK 33 kB URL HTTP/1.1 spare.holearm.shop/jquery-1.11.0.min.js
IP 172.67.166.162:0
File type ASCII text, with very long lines (32341)
Hash 95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16
GET /jquery-1.11.0.min.js HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/kaqtvs/koidj1331hock/drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:20 GMT
ETag: W/"6388f8d4-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NB5IIhzPNLeCMprDPukro5QlvsyQgf0gnrMPM2yufKDTWBQT96EWIORRbiWzN8oDU38Wal1Vq%2BJl2dPxkkxTvXR3Xr52kJlXcSYTaqTvVPiQAza%2BnQ1n2pDGlHqj7IRJcY7kowo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bf3b851d121c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 19 Dec 2022 09:08:01 GMT
age: 2530
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
spare.holearm.shop/offer.php?id=1&sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
172.67.166.162200 OK 346 B URL HTTP/1.1 spare.holearm.shop/offer.php?id=1&sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
IP 172.67.166.162:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (310)
Hash c6853363c7203d1356f46fe0cd10bf5f
8e59fffdf385b0d24e009ace9f139e5a00f7e7ba
4ae491d28d65d45bd147b99abd434e500f4a172aea7898ada3ac359f854e9dde
GET /offer.php?id=1&sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/kaqtvs/koidj1331hock/drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZt2Vt63m3IKrCHlvLOpesQHwBUq8%2B9tOYrqyw9qtYWPNPmLwm3c4IHAanT09PprGyNWQJrs1ypFcGthNXRI2T1AgOMtDOHtSQmC1hOu6tsFJqKyw6xbenAY8cXqFf1Gu64WlJM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bf3b87efa51c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0bc27cdcd6c42d7f8eece6c074bc452f
ff1234b58f7381f51f9082c1ef4894b1ac5700ff
672fc3b7ba7ee7a8b376c73a86a5bab00b1a1aead54c3ca64c0bff83d831348e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4642
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 09:50:11 GMT
Last-Modified: Mon, 19 Dec 2022 08:32:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
spare.holearm.shop/clicks/javaburn.php?sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
172.67.166.162200 OK 3.7 kB URL HTTP/1.1 spare.holearm.shop/clicks/javaburn.php?sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
IP 172.67.166.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (487), with CRLF line terminators
Hash 639c98eae077b019857460cc4c773156
e10121850b07621a4a4db6640a34e1088c87290a
63111a7b55f1e4f6ad59dbfb44a17db1079da76a137e84652eabbaada94cfe03
GET /clicks/javaburn.php?sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ruzLvnzAS15wM3xjmg6bPWA95ePA0aRvJyFftMuuGC%2BgPjanMG6xVHSCWN9F2zjoR%2BGNRqaTEvTqUq8aMZ59OB6E1fyuzYPBVUXywXwZEGxvbDAKjvRgC2KlfCqXoD8SLRLgmM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bf3b8928aa1c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 930f0320ed7bc9738f6d3d00639c7537
f9a1d6bea1bd4816546a03821888cd3dff122c73
1f59797edf40eaef89b0c2671766ecdcaf9e48ec2883f285b34d330f01823d19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 09:50:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
142.250.74.138200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spare.holearm.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 11:42:47 GMT
expires: Thu, 14 Dec 2023 11:42:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 425244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lW4sxwJ57vi2ePqjyKQjuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8j0QKYYpCfBfdrTsYc03NdrXtd4=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 930f0320ed7bc9738f6d3d00639c7537
f9a1d6bea1bd4816546a03821888cd3dff122c73
1f59797edf40eaef89b0c2671766ecdcaf9e48ec2883f285b34d330f01823d19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 09:50:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
spare.holearm.shop/clicks/javaburn_files/style-right2.css
172.67.166.162200 OK 2.0 kB URL HTTP/1.1 spare.holearm.shop/clicks/javaburn_files/style-right2.css
IP 172.67.166.162:0
File type ASCII text, with very long lines (411)
Hash 9822a3a50c41f5645cb7f97826297b83
b7a4fae3135b3f1ec0eb576250810fdaeb2d2194
bb65ced10e647964335e6ed77d9e3a5e67aa851d26d65b0be0eace35cf8a3410
GET /clicks/javaburn_files/style-right2.css HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/clicks/javaburn.php?sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:53:33 GMT
ETag: W/"6388f82d-19c8"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1mlszKugrdvPqvEYzrUt6SLp32mvdXYwU4wYE107So5Lu%2B5H8rThvB05JsD8xg9GLmO3sDAobN%2FnXC8HG9I%2BLcvXHsD3kmq7sn1WfxwylcnTiSoEUoR1wxrbKcj4XsHEr0pqx%2Bg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bf3b8a69c51c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
spare.holearm.shop/clicks/javaburn_files/font-awesome.min.css
172.67.166.162200 OK 6.9 kB URL HTTP/1.1 spare.holearm.shop/clicks/javaburn_files/font-awesome.min.css
IP 172.67.166.162:0
File type ASCII text, with very long lines (30837)
Hash d6c8c1428db744943001ade348510e65
83e16acc875a5e3559526ac3c3f31c471dc77d4c
13de46b403869629f28eb7e5c1403f714372b09b5eb8ecbe3a5955ba94debf16
GET /clicks/javaburn_files/font-awesome.min.css HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/clicks/javaburn.php?sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:53:33 GMT
ETag: W/"6388f82d-7918"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7y3F6K%2BiC3vvBoYF36exVNQ3QOi89MJGO4eGaU%2BpCQxG8Rlm9l5E2iUbohiKlLGSVpUqhsnA%2Fw6OQg1WJNDJwEtO1tUu04WArrgyLHPwHT%2F2EiRvCzq3vJGk819eFL4DEsw040%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bf3b8a6bb4b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
spare.holearm.shop/clicks/javaburn_files/widgets.css
172.67.166.162200 OK 311 B URL HTTP/1.1 spare.holearm.shop/clicks/javaburn_files/widgets.css
IP 172.67.166.162:0
File type assembler source, ASCII text
Hash b9f41ad07e5b6a0fbc9f6d6165c0e9c7
8d0c39912e888d390474fa02b2441ed421ce637a
4e8761a484fc3457c7e2e03db8c158a6c1da77097a9987a028f37610745de634
GET /clicks/javaburn_files/widgets.css HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/clicks/javaburn.php?sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:11 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:53:33 GMT
ETag: W/"6388f82d-2c8"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVVc1nafM2APaUIhaI7c3PB3hdqeqLKqoD9aWhvq382d6LhhkPdXovg6PfXAmhpH3KTUrgSGL%2F0VqCXlMdBPFcpe4bhSwfXKywcPydEkCmMVybZbtXxQzXS38AQkDRaJaNbPJXI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bf3b8a6abb0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
spare.holearm.shop/clicks/javaburn_files/obtp.js
172.67.166.162200 OK 5.3 kB URL HTTP/1.1 spare.holearm.shop/clicks/javaburn_files/obtp.js
IP 172.67.166.162:0
File type ASCII text, with very long lines (16620), with no line terminators
Hash 3f4bb23a709b2ccf65a1fe9b8d388d8b
180bbe0a6979774d47b458b1f9af4507eab6d9e1
eb7afab099cf11028bd481d32b199b5e9b1ff34997eaed4578ff260ee382e0fa
GET /clicks/javaburn_files/obtp.js HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/clicks/javaburn.php?sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:53:33 GMT
ETag: W/"6388f82d-40ec"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzeSUTSLZhJmj7Ap35bSX5U6xTg1RxqK5nXtHslV99cRDOXVvBwES%2FrcyseYiY6xoPiKFYXp11O1Xr74xxZyxsY8R21oy1LDyjpc1CgaF2Xx3BeeZsbWnQ%2BbxCyuFOs6wttePCA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bf3b8a69bbb50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
spare.holearm.shop/clicks/javaburn_files/gummies2-org.jpg
172.67.166.162200 OK 13 kB URL HTTP/1.1 spare.holearm.shop/clicks/javaburn_files/gummies2-org.jpg
IP 172.67.166.162:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x200, components 3\012- data
Hash 1a867c5c078c09825f6d0026401e9ecb
65d0fc5c0f4ef30a55849b01528d41e1764c6c58
69979a3da880e330937d34fd15d16b37b45dab67dd14e9f040bf88e089296320
GET /clicks/javaburn_files/gummies2-org.jpg HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/clicks/javaburn.php?sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:12 GMT
Content-Type: image/jpeg
Content-Length: 12587
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:53:33 GMT
ETag: "6388f82d-312b"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJxdeqCw8oowhjN3GGMgPsEYBAeGoF%2BV0hK9WYc1iBwz0TfDcNIQLvNC3BYHPntpwYYOcr%2FQluJwjexsa2TMXF3Be1p4ZjBFHlw19sLBOvuMMjmFHNnNsQjs%2FCxtL%2FWVz1s5hWo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bf3b8c4bba1c0e-OSL
alt-svc: h2=":443"; ma=60
spare.holearm.shop/clicks/javaburn_files/tinnitus2-org.jpg
172.67.166.162200 OK 20 kB URL HTTP/1.1 spare.holearm.shop/clicks/javaburn_files/tinnitus2-org.jpg
IP 172.67.166.162:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x196, components 3\012- data
Hash 11bc88ad669405776ab1397338d6a13f
363d6408e5af897e834c3f3b4b3571f63738f17f
a6cb32ebe4a371774a29fbbc45b15ac5a930f29330f7e6864b33980b8f5c5fce
GET /clicks/javaburn_files/tinnitus2-org.jpg HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/clicks/javaburn.php?sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:12 GMT
Content-Type: image/jpeg
Content-Length: 20143
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:53:33 GMT
ETag: "6388f82d-4eaf"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HCVyiT%2F6pTqCPwPttD1ukln%2FE9sW2IPJELI4ipeOLkhSJhRZKJIzMUc5Wm%2FPBTP2TaIvOPVIP0TdjSUaTG%2B%2FpWgfQjp9UCpD1icGToj0UP0qYuafxoxSS74bPxNQsaiq4Ql8KY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bf3b8c4eacb51d-OSL
alt-svc: h2=":443"; ma=60
spare.holearm.shop/clicks/javaburn_files/teeth3-org.jpg
172.67.166.162200 OK 64 kB URL HTTP/1.1 spare.holearm.shop/clicks/javaburn_files/teeth3-org.jpg
IP 172.67.166.162:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x401, components 3\012- data
Hash c48b6d09c9bf5c4bd0b1ffcfebdbacc8
d9b8f1a351e8d5d75985cb2a006dd2b8e58479c0
c592dae1c4138dff97e79fc76b94eeaf0dbf5e9ec436be5aaa45ed727e63eecb
GET /clicks/javaburn_files/teeth3-org.jpg HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/clicks/javaburn.php?sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:12 GMT
Content-Type: image/jpeg
Content-Length: 64400
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:53:33 GMT
ETag: "6388f82d-fb90"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zhsbdpcZjeSLsxNjZS5fBv2ae2mpmgHq1LmpTC4C%2B%2FzOJGhj778WUoEvpe1mT%2FlJjo9RX2tKP6wdULsoHGdeN4L51fQF5b%2F8l6n%2Fbw%2F6ipFFoAvCtBC19dIShsLdCqeGh3%2FQZE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bf3b8c4e21b529-OSL
alt-svc: h2=":443"; ma=60
amplify.outbrain.com/cp/obtp.js
2.18.173.74200 OK 5.3 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 2.18.173.74:0
File type ASCII text, with very long lines (16574), with no line terminators
Hash 5cdda5ed80a4ee13f700ae502f7cd4ec
0e6aa932abf3c56561a686aa3e8d069aaa3ca228
d54fc3e1792330cc768902f861f0a79ecffbfd23b8db14f354e8fcefd1c831c1
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "fe80c55f1e1387116ff9765261ed192c:1669645506.686439"
Last-Modified: Mon, 28 Nov 2022 14:22:05 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Mon, 19 Dec 2022 10:10:12 GMT
Date: Mon, 19 Dec 2022 09:50:12 GMT
Content-Length: 5269
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spare.holearm.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 19 Dec 2022 08:41:08 GMT
expires: Mon, 19 Dec 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 4144
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
spare.holearm.shop/clicks/javaburn_files/blank.htm
172.67.166.162200 OK 548 B URL HTTP/1.1 spare.holearm.shop/clicks/javaburn_files/blank.htm
IP 172.67.166.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Hash cd64b4aeec0a8560c0d6527312e2c806
3b84cb918c9cf6a06d81b2aee07f5fec52ec6878
7dc0902142b34ea216d209ad68f58687c2190ebb974b2f540f61cc64b2b22ef4
GET /clicks/javaburn_files/blank.htm HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/clicks/javaburn.php?sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:53:33 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjh%2BhL2INp0j9g28OiBOaQmpWlgdQS%2BBCqNML8B%2BG12iMtCkaJ7UCDlYXd7dCuJCdLvR%2FrD%2FfBK4krAr9cDaR8hgzBmkJiYrtCwb0GxnTGqbD4zkQ0RdFaldC%2BFKBSuvzO5Z82I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bf3b8c7c29b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
tr.outbrain.com/cachedClickId?marketerId=00d814f45dc31fb500bb38af0d3f643a5f
70.42.32.63200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00d814f45dc31fb500bb38af0d3f643a5f
IP 70.42.32.63:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00d814f45dc31fb500bb38af0d3f643a5f HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:12 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: 5592f6e26c5e2e7cfe8269cc6b11e9a3
content-encoding: gzip
spare.holearm.shop/clicks/javaburn_files/blank_data/inject.css
172.67.166.162200 OK 928 B URL HTTP/1.1 spare.holearm.shop/clicks/javaburn_files/blank_data/inject.css
IP 172.67.166.162:0
File type ASCII text, with CRLF line terminators
Hash e1c22e631b7cce42e3ef13cd9bb02ff5
6c6c2b15c56e776d9eac10babf3a6c4a2bd964ae
93950a736308fe62073a44a76b8ec05b9a651062f6ecee4782059d0718aab6dc
GET /clicks/javaburn_files/blank_data/inject.css HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/clicks/javaburn_files/blank.htm
Cookie: _ga=GA1.2.755494354.1671443412; _gid=GA1.2.1402129288.1671443412; _gat_gtag_UA_22484186_3=1
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:12 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:53:33 GMT
ETag: W/"6388f82d-f28"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxP%2FmGG%2FSIZ2NXe0DpaQtQaF8c0RSj%2BLd3%2FwO0oWQG07VEGzYu%2FWiClwMD0e7uENCH3ez09%2FuDZ1vJjZVdhLquwhsCQTgQ76K%2BqCtBju62zrrmp1qQTJ5r0bdSb6c5aVoTay4Tk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bf3b8e7942b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c76e2d1033fe19d491bcdb4e24faaeeb
9b3da75ba4ebf950d17ee9178c64c46afc363047
20590ac857bae294c81ad22c37bb5ec0aca36ad35ae4aa4ece7a5e5ea47ded63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 09:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=755494354.1671443412&jid=83891369&gjid=967662465&_gid=1402129288.1671443412&_u=YEBAAUAAAAAAACAAI~&z=38890557
209.85.233.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=755494354.1671443412&jid=83891369&gjid=967662465&_gid=1402129288.1671443412&_u=YEBAAUAAAAAAACAAI~&z=38890557
IP 209.85.233.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=755494354.1671443412&jid=83891369&gjid=967662465&_gid=1402129288.1671443412&_u=YEBAAUAAAAAAACAAI~&z=38890557 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://spare.holearm.shop
Connection: keep-alive
Referer: http://spare.holearm.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://spare.holearm.shop
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Dec 2022 09:50:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.outbrain.com/cachedClickId?marketerId=00d814f45dc31fb500bb38af0d3f643a5f
70.42.32.63200 OK 56 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=00d814f45dc31fb500bb38af0d3f643a5f
IP 70.42.32.63:0
File type ASCII text, with no line terminators
Hash 77fbe8ab311fa20557d95906363035ed
5806df80f09a37e070d5f37c49f19797c2763fd0
4fa9f4ca5bfa56b9f8467324e3654f4a717dcd40b70c05b538092d8a101b0599
GET /cachedClickId?marketerId=00d814f45dc31fb500bb38af0d3f643a5f HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:12 GMT
Content-Type: application/javascript
Content-Length: 56
X-TraceId: fbbe9fc6b92d32d3f50d045d116c5e30
content-encoding: gzip
spare.holearm.shop/favicon.ico
172.67.166.162200 OK 69 B URL HTTP/1.1 spare.holearm.shop/favicon.ico
IP 172.67.166.162:0
File type MS Windows icon resource - 1 icon, 16x16\012- data
Hash f12fb6edbda074603f749a028770f49a
419983c6073469bac7fb8535a847b8f78c2040ce
8aec3412c7c37feacec2dc9d7b2f3560a2e0af0af573085665a57e1d09ab397d
GET /favicon.ico HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/clicks/javaburn.php?sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:12 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:52:31 GMT
ETag: W/"6388f7ef-57e"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sC9LV5rcxITaMtZVguWhCSnNtysaJ167qQCsvaaDJ5S77mjQ%2BpRkAnI2jpNp0pft5wLHQI16qRcBa18lmYRXSTCLk%2Fjc1z%2BNsMAZ50YtLXgr1yhkRND8Ly39Xzzd6uRvjIEKYk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bf3b8df81cb529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c76e2d1033fe19d491bcdb4e24faaeeb
9b3da75ba4ebf950d17ee9178c64c46afc363047
20590ac857bae294c81ad22c37bb5ec0aca36ad35ae4aa4ece7a5e5ea47ded63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 09:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7b18428df832332e2f89ca51203de4ba
8272451b056b54992cfa05e70c53adde8b744299
c9bdf42b2f8b0cf614cd4821bce48a719d284c836eb98959dce1802dea20e617
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 09:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 03c8258e1c16364384a10c746732e080
24f121ea76ab812448228b238fadc421f5c4d6c8
9dfb03f619014cd8683030fb68b00b8a0befd9ad9755fcd77c69a2a4e163d397
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 09:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=755494354.1671443412&jid=83891369&_u=YEBAAUAAAAAAACAAI~&z=135391721
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=755494354.1671443412&jid=83891369&_u=YEBAAUAAAAAAACAAI~&z=135391721
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=755494354.1671443412&jid=83891369&_u=YEBAAUAAAAAAACAAI~&z=135391721 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spare.holearm.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 09:50:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
spare.holearm.shop/clicks/javaburn_files/mainimg.jpg
172.67.166.162200 OK 198 kB URL HTTP/1.1 spare.holearm.shop/clicks/javaburn_files/mainimg.jpg
IP 172.67.166.162:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 916x664, components 3\012- data
Size 198 kB (197596 bytes)
Hash 58931340428938043bca2eda90a40c72
f11d221b4feda923ff417fe111b5f11dace4604c
c56bbd026c376b0dd7bd82c2424008a64fd1efaf665c61462d80ce6e070cb22c
GET /clicks/javaburn_files/mainimg.jpg HTTP/1.1
Host: spare.holearm.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spare.holearm.shop/clicks/javaburn.php?sid=1001238&h=drqo0tIkEhrHCoAhcoQh_k56iV3J-unpjrFsBjySuxg/aJzf1KBWPe3rOkciKiKS0UhRqxrDG27Zho9zbMMOdyngYeLaMWjHMRU72HYbMNbUSyLj9NcVhofPN8hEzVC-7MmTrHSqLB4J4aovFeeO3XhSQPvIGgRcbkQl-dB2NgDJHOw8GmxEd2u7q7lg_x6LgQ
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 09:50:12 GMT
Content-Type: image/jpeg
Content-Length: 197596
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:53:33 GMT
ETag: "6388f82d-303dc"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ej9FbKro1W7NSDjzYJXqw0Nf8IkxsmjxXn6G2ySdzv%2BFCbuCgX08qLNqhoaODAOsOWjz9PogMpZCM3h0fFqA7Cyavm5qIJ1i05duXeQ3Vd7OwiZYNUt%2B6C%2FQ8bOsLUkgZxWnlDg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bf3b8c4be5fabc-OSL
alt-svc: h2=":443"; ma=60
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=755494354.1671443412&jid=83891369&_u=YEBAAUAAAAAAACAAI~&z=135391721
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=755494354.1671443412&jid=83891369&_u=YEBAAUAAAAAAACAAI~&z=135391721
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=755494354.1671443412&jid=83891369&_u=YEBAAUAAAAAAACAAI~&z=135391721 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spare.holearm.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 09:50:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7067973a30c54b2897aeeb5e204f014
7b0711fd3909e48347441e4edc9c429af69595a9
b224be5e7ec78abaa46ab333f0adee535cb24e5bc4b2b721c441e4061043a467
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 09:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7b18428df832332e2f89ca51203de4ba
8272451b056b54992cfa05e70c53adde8b744299
c9bdf42b2f8b0cf614cd4821bce48a719d284c836eb98959dce1802dea20e617
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 09:50:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3058
Expires: Mon, 19 Dec 2022 10:41:10 GMT
Date: Mon, 19 Dec 2022 09:50:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3058
Expires: Mon, 19 Dec 2022 10:41:10 GMT
Date: Mon, 19 Dec 2022 09:50:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3058
Expires: Mon, 19 Dec 2022 10:41:10 GMT
Date: Mon, 19 Dec 2022 09:50:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa07f7ca-6934-430f-92d6-9bc043047221.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa07f7ca-6934-430f-92d6-9bc043047221.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2361f592471c52524830ea99ab9f217
884fd2a1cfcef20f2e5e549a0853ec3b27be9968
8732e50c7734c8a787c1305a1edf977f5d6db02f0030a79908d18d39dcf70987
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa07f7ca-6934-430f-92d6-9bc043047221.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8421
x-amzn-requestid: bb4a007a-4ec2-4e59-9c5a-b8272d5abe99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQDS9H9coAMFlRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639cb279-3ea9ae2f47d34ee8705530ef;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 18:01:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V8RgEzMUX6YkBfP420KHX39cKVqT3WVfPvd5ehbm7_NqmrwYRTJ_gA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 08:20:10 GMT
age: 5402
etag: "884fd2a1cfcef20f2e5e549a0853ec3b27be9968"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1283f05-ca54-470d-bbc4-9b6d4386b138.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1283f05-ca54-470d-bbc4-9b6d4386b138.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0773ba795a9e9a70038c6d8c64ebfa2
3d1db768017331da152d0df6cf5bc6ea6c813b83
46c25962e3bad9785a77bd8f51021460bcf44e9907c725c38329b6dadf560a44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1283f05-ca54-470d-bbc4-9b6d4386b138.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8722
x-amzn-requestid: 88a7ab87-3bee-429d-9d3d-8969f6908c65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKGGkH2UIAMF78Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a5090-072ab9b341d4c00622492ee8;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 22:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lpuH1nfNTFrtEUzxSDBEtunOkPU7Y5cP5PSVlJQ43YkRBrRX4OukPg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:38:25 GMT
age: 43907
etag: "3d1db768017331da152d0df6cf5bc6ea6c813b83"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71e9a308430eff340bb55c56b64fcc63
63d49b26322a1dca8ed669c1abafc27ee7f7c4b2
e3c8917124f2d13de6d1c0a1f1539f035abef31bbbf2246e77db44d9a3e29b61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12161
x-amzn-requestid: 6ad8283c-3d3d-41f0-ada7-1b0d20568aa6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dXIZIGZFIAMFubg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639f876d-0bc6f28d582f63b35a494472;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gJgluMuS-cEZnEk8LNtVJk02T883tD8OZJy4BftXFGhJ6tHeLGrcqw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:37:59 GMT
age: 43933
etag: "63d49b26322a1dca8ed669c1abafc27ee7f7c4b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e12be4-4d3a-4c89-acc3-9f2634b84373.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e12be4-4d3a-4c89-acc3-9f2634b84373.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8576327b06d5d8259e87bfeb71761ff5
2b2e5694e77b30f2e2cdfddd8ad616be214c9df2
377ffbcb85710900d97b1d99522a8087a6c66bcb778be42da806283cae833715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e12be4-4d3a-4c89-acc3-9f2634b84373.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5654
x-amzn-requestid: b9f6e88a-f07b-4c6c-b823-9b9e928274ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKtB8Eb5oAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a8ed9-3c8888ca41c995d67a09fa50;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 03:04:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FaoiV9Jr3-1aqI-rVbXAYEMTsG_cjqVxmr0di-CbJaQBwIbb6BRg6A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 06:05:02 GMT
age: 13510
etag: "2b2e5694e77b30f2e2cdfddd8ad616be214c9df2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed374d0c34e8b2e15f08a6479a4f45e7
5db9e59699048998f0685e940640eae19ef11c8e
9933854830be796a87cfe44b6b8336294e2d3dbbe3205f267720aca6968c3a21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12125
x-amzn-requestid: e44faa15-1dfd-4bc0-bdfb-307c3de2755d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2QPFZAIAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3734-33d636210a1e24742ee71187;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DmeWRYIlUMCR8Nds0-n0a9ju0ySR7ZuTAS82Lu8sZxPXQpBJkqzvww==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:52:16 GMT
age: 43076
etag: "5db9e59699048998f0685e940640eae19ef11c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F098a9ffa-a930-493a-86d2-96d21a07d7ae.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F098a9ffa-a930-493a-86d2-96d21a07d7ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 945d09b8aa956ddee667614c08687f76
0db0497203df4f2ec5da40cd0ab89383479e5d9b
a0953dafcf933d120941f84b60d2884b3df33fa01dfbc5bfe62fc4910b392a83
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F098a9ffa-a930-493a-86d2-96d21a07d7ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9824
x-amzn-requestid: c9683b2f-dcf3-4c59-ad63-d10ec8908aa9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dTQDBE5tIAMFwdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639dfa13-6ab265cc3d4229b548a8dc4d;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 17:19:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sXOJkHnQUxV2rJN7VQkRpyqQO36n2AsIyokaIoWOVc2zoQWrCktLXg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 06:02:10 GMT
age: 13682
etag: "0db0497203df4f2ec5da40cd0ab89383479e5d9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2