pesmedia.press/med-78228/1465449213
173.249.19.158301 Moved Permanently 251 B URL HTTP/1.1 pesmedia.press/med-78228/1465449213
IP 173.249.19.158:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5f9110fc8f023562da9298187f5676fe
2147534735425b59f31f972d38b0b5666c33a264
2f1206553d94bb407a39fdecf175214983776a1029122dac029ab67d8ecd2f97
GET /med-78228/1465449213 HTTP/1.1
Host: pesmedia.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 22 Jan 2023 09:04:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Location: https://pesmedia.press/med-78228/1465449213
Content-Length: 251
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7865
Expires: Sun, 22 Jan 2023 11:15:13 GMT
Date: Sun, 22 Jan 2023 09:04:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4594
Expires: Sun, 22 Jan 2023 10:20:42 GMT
Date: Sun, 22 Jan 2023 09:04:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 08:42:30 GMT
content-type: application/json
age: 1298
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15478
Expires: Sun, 22 Jan 2023 13:22:06 GMT
Date: Sun, 22 Jan 2023 09:04:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8cZuiPeNFObgrw28+BWsCwZpBm80CfkxB9damAjxLbXeVmfFvTEO2I+jfZb8Z+645mkKMev4Gos=
x-amz-request-id: DP1NZQJXNW15QCS7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 08:18:21 GMT
age: 2747
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 09:04:08 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 35943516dc5a4d5d36097667aaba94ca
151543fd1144cd3b8ab63cd10e245ced30c2f61b
52b155e1bb0d8c158fdc37dead9f9363cf44d42662b50ddfe28fae0f320e4c12
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52B155E1BB0D8C158FDC37DEAD9F9363CF44D42662B50DDFE28FAE0F320E4C12"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18570
Expires: Sun, 22 Jan 2023 14:13:38 GMT
Date: Sun, 22 Jan 2023 09:04:08 GMT
Connection: keep-alive
pesmedia.press/med-78228/1465449213
173.249.19.158200 OK 7.7 kB URL HTTP/1.1 pesmedia.press/med-78228/1465449213
IP 173.249.19.158:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1621), with CRLF, LF line terminators
Hash 803f5c82e657496ae8c08df5a840d75a
b2a0fa1b3601ff72fc47aed08dd62b88ef37f7eb
837c5044a12a79def1ca5edf9972dcccfc523cd866ce23febaaf07c8800387dc
GET /med-78228/1465449213 HTTP/1.1
Host: pesmedia.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 09:04:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *
Content-Length: 7708
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset="utf-8"
pesmedia.press/css/style.css
173.249.19.158200 OK 5.8 kB URL HTTP/1.1 pesmedia.press/css/style.css
IP 173.249.19.158:0
Hash dd76cbcb96529352ddf18fc2cfdbce74
0f580e24ab7f395ed873fa88cf84253ef03b577c
9c129b87039f03fa1ad8e8dda82e2668559b1253b078fdb523d410139fc48a40
GET /css/style.css HTTP/1.1
Host: pesmedia.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/med-78228/1465449213
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 09:04:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Wed, 01 Jul 2020 03:23:44 GMT
ETag: "16c7-5a958d1b3f000"
Accept-Ranges: bytes
Content-Length: 5831
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
104.17.24.14200 OK 591 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (1266)
Hash 414869f16aa77a65b4928a018f7f1abb
cea521f7a2958a50239526ed6b068f0937527653
afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 09:04:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6972141
expires: Fri, 12 Jan 2024 09:04:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiZANfZxv8Hy4M7W7I2NqVz7D81fcinBPM4UNAIgTS0kDfRlV9jWambs8Pn%2B9da5IS6JosPHgBYxz60AZQhEfRQsENexUSPvRDZknUvIPy%2FZ3gmUG3LkSOStdDqxMz5kxl%2FFGKEL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78d71ed5a9e4b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a25567cb3f63e13ec07e671356f7ad5b
f7bc53deb15fdeca18806318bf7d3267b1766c7f
09cbab3f29c812e2bc1c54b9a6600899fdc64ce0479bcb314a92553069a95f9d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5522
Cache-Control: max-age=155818
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 09:04:08 GMT
Etag: "63cca420-118"
Expires: Tue, 24 Jan 2023 04:21:06 GMT
Last-Modified: Sun, 22 Jan 2023 02:49:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
pesmedia.press/css/fbfeed.css
173.249.19.158200 OK 1.8 kB URL HTTP/1.1 pesmedia.press/css/fbfeed.css
IP 173.249.19.158:0
File type ASCII text, with CRLF line terminators
Hash 6f4fc8b223916bffb254463f5317faf6
07121890b2b8e3e2a587cf753e999df84b6e28b7
f50bfd19a8ed9e523dfcb4d2476af6f36579e7e79c0f8785746568f564091e3d
GET /css/fbfeed.css HTTP/1.1
Host: pesmedia.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/med-78228/1465449213
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 09:04:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 02 Feb 2016 05:55:53 GMT
ETag: "6e4-52ac3277c4c40"
Accept-Ranges: bytes
Content-Length: 1764
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
code.jquery.com/jquery-3.2.1.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32058)
Hash 148f8d3ffd9cc02048c5f4d1cc83c407
9f2b89cfd151be6a29b4d43ad64d164fb8471046
4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pesmedia.press
Connection: keep-alive
Referer: https://pesmedia.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 09:04:08 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CJiUtJ4GEoYBCiRjZDdlZDhiNy1iZGNjLTQxOWEtYTQwMi00NTA5NDdkZjAwNTQQ+OiCoKvU+wIaBgiI+LOeBiIMOTEuOTAuNDIuMTU0KKdWMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQ0NmJiOWM5Ni1mNDE5LTQyZjAtYjM4Ny1kZjZhMDlkNmVmNDEYresBIhgIAhIUY2RzMjIyLnNrMS5od2Nkbi5uZXQ=.PX8ykBwcBYuOcmacUZlbm3yU5rvRsbNoNh3GSZKgRlI=
x-hw: 1674378248.dop207.sk1.t,1674378248.cds239.sk1.hn,1674378248.cds222.sk1.c
X-Firefox-Spdy: h2
pesmedia.press/logo.gif
173.249.19.158200 OK 6.3 kB IP 173.249.19.158:0
File type GIF image data, version 89a, 250 x 218\012- data
Hash 5e47e0b99eabeb1acf80c5191704d6aa
3dd07a3113c6ba6583202b8430f9e4d609e97ae7
fa1af85e850673677f1735e81b6025fd8fdf02676298b9773738a104088d1f8d
GET /logo.gif HTTP/1.1
Host: pesmedia.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/med-78228/1465449213
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 09:04:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sat, 25 Feb 2017 11:01:13 GMT
ETag: "18b0-54958c3b63040"
Accept-Ranges: bytes
Content-Length: 6320
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
pesmedia.press/img/flag/glb.png
173.249.19.158200 OK 1.2 kB URL HTTP/1.1 pesmedia.press/img/flag/glb.png
IP 173.249.19.158:0
File type PNG image data, 30 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash 3cb3c9644eeaefffdc07d8b985ac2293
12037a2db0a3a8b1ccfe9e2d578ace65ac3ac565
7eafb7750ca40e2c7aeb997edc99ccd5e180c36bc40921e8805588cd678d14ba
GET /img/flag/glb.png HTTP/1.1
Host: pesmedia.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/med-78228/1465449213
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 09:04:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Wed, 20 Nov 2019 02:53:01 GMT
ETag: "484-597be4765fd40"
Accept-Ranges: bytes
Content-Length: 1156
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a25567cb3f63e13ec07e671356f7ad5b
f7bc53deb15fdeca18806318bf7d3267b1766c7f
09cbab3f29c812e2bc1c54b9a6600899fdc64ce0479bcb314a92553069a95f9d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5522
Cache-Control: max-age=155818
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 09:04:08 GMT
Etag: "63cca420-118"
Expires: Tue, 24 Jan 2023 04:21:06 GMT
Last-Modified: Sun, 22 Jan 2023 02:49:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
pesmedia.press/img/top1.png
173.249.19.158200 OK 22 kB URL HTTP/1.1 pesmedia.press/img/top1.png
IP 173.249.19.158:0
File type PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 59bcbb7a94e149511096132047f1d896
15e40ef8ef74136ef5fac386928e0688fe00b864
053017ccee24aa101dc07475131f9ff03f262885df9db37fdb188367074379d7
GET /img/top1.png HTTP/1.1
Host: pesmedia.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/med-78228/1465449213
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 09:04:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Wed, 25 May 2016 04:21:04 GMT
ETag: "56bf-533a300766c00"
Accept-Ranges: bytes
Content-Length: 22207
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
pesmedia.press/img/award.png
173.249.19.158200 OK 51 kB URL HTTP/1.1 pesmedia.press/img/award.png
IP 173.249.19.158:0
File type PNG image data, 331 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash 1c925b229332c88a3f0c4b002cbfe016
0538bc2e6f3e81230538b410c179cdc9b5ea3aa6
40b55ccc94082273b764739cbb1ebd95dc4e90c3568d6f831f60d61ece243e9a
GET /img/award.png HTTP/1.1
Host: pesmedia.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/med-78228/1465449213
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 09:04:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sat, 03 Sep 2016 09:03:07 GMT
ETag: "c8c9-53b96b71fc8c0"
Accept-Ranges: bytes
Content-Length: 51401
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 08:48:58 GMT
age: 910
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
images-na.ssl-images-amazon.com/images/I/51Ze8Ep0cvL.jpg
54.230.82.142200 OK 58 kB URL HTTP/2 images-na.ssl-images-amazon.com/images/I/51Ze8Ep0cvL.jpg
IP 54.230.82.142:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 418x500, components 3\012- data
Hash 6760c6aaa1fb25633b8d04431da176be
9448d459fa11db48ddcdcc6bd46bae2a29a35314
94c84dace28a5cfb3d71b016966b1d7e3aac949712c8648d178e374df8fbba88
GET /images/I/51Ze8Ep0cvL.jpg HTTP/1.1
Host: images-na.ssl-images-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 57503
server: Server
date: Sun, 22 Jan 2023 09:04:08 GMT
x-amz-ir-id: 9086762b-4065-4fbc-b9cb-ed9503670f51
expires: Sat, 17 Jan 2043 09:03:49 GMT
cache-control: max-age=630720000,public
surrogate-key: x-cache-834 /images/I/51Ze8Ep0cvL
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
edge-cache-tag: x-cache-834,/images/I/51Ze8Ep0cvL
access-control-allow-origin: *
last-modified: Mon, 10 Oct 2016 15:54:05 GMT
x-nginx-cache-status: HIT
accept-ranges: bytes
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
server-timing: provider;desc="cf"
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NJALiHC5lvbQmS9z8JZgdtEe0WmhS0II-JH5qrsbYiiiHRY0B59cWw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 09:04:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2359
Cache-Control: max-age=88919
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 09:04:08 GMT
Etag: "63cbab28-1d7"
Expires: Mon, 23 Jan 2023 09:46:07 GMT
Last-Modified: Sat, 21 Jan 2023 09:06:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 09:04:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pesmedia.press/img/bg-7.png
173.249.19.158200 OK 9.0 kB URL HTTP/1.1 pesmedia.press/img/bg-7.png
IP 173.249.19.158:0
File type PNG image data, 946 x 1020, 8-bit/color RGBA, non-interlaced\012- data
Hash e8e38fcbb549fc81d729690ac7fc5554
4568c3caa3a9ba3dbfd6218f7a39e771fc90c416
9a61d623e5f4186ea898850b5f85adc6852f15fc69900790ced4322525c3739f
GET /img/bg-7.png HTTP/1.1
Host: pesmedia.press
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/med-78228/1465449213
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 09:04:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Fri, 31 Mar 2017 13:29:53 GMT
ETag: "234a-54c06cdfd5640"
Accept-Ranges: bytes
Content-Length: 9034
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
push.services.mozilla.com/
35.166.158.207101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.158.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sRdva6vBKWrLYQtHaJGtjw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zCDh6YG0XRfiwjBpliDtCo9p2v8=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d8ec30b2d50b7c92a5d4e25db707af31
75535ee53a734f9397d3c089fe16dd10416bed21
c0fc08819d70c6d8cd7b1ac65bc6987bd22f22b6d3640535ee0d5ea8a3e9f0ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0FC08819D70C6D8CD7B1AC65BC6987BD22F22B6D3640535EE0D5EA8A3E9F0EC"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Sun, 22 Jan 2023 15:03:23 GMT
Date: Sun, 22 Jan 2023 09:04:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d8ec30b2d50b7c92a5d4e25db707af31
75535ee53a734f9397d3c089fe16dd10416bed21
c0fc08819d70c6d8cd7b1ac65bc6987bd22f22b6d3640535ee0d5ea8a3e9f0ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0FC08819D70C6D8CD7B1AC65BC6987BD22F22B6D3640535EE0D5EA8A3E9F0EC"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 22 Jan 2023 15:04:09 GMT
Date: Sun, 22 Jan 2023 09:04:09 GMT
Connection: keep-alive
faltercollection.com/09f7ebacf042f24698027cea5aed8ab5/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 faltercollection.com/09f7ebacf042f24698027cea5aed8ab5/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26980), with no line terminators
Hash 0474a8ff99341b336c425ef90b631e14
d975f77607dd382f0f291cc24f7b86a3db128d60
dd71ca21399a07ab2776d12d74080cc111c55ddc1faba86ebede854042fcdd86
GET /09f7ebacf042f24698027cea5aed8ab5/invoke.js HTTP/1.1
Host: faltercollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 09:04:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a399223aeb65d0e692c2ff9cd8f9abd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
faltercollection.com/ac00d9905d23c35abfd9985c2b855549/invoke.js
173.233.137.52200 OK 9.3 kB URL HTTP/1.1 faltercollection.com/ac00d9905d23c35abfd9985c2b855549/invoke.js
IP 173.233.137.52:0
File type Unicode text, UTF-8 text, with very long lines (25090), with no line terminators
Hash e147ed8a2d152a0076ab570a102d0e2b
723edb6f27c8944d144063fc12d5ab55e3e31af9
2dddc6793b27c339a88cc56f6604e2c74dbc480223d3f62c3711592c5fcf96f9
GET /ac00d9905d23c35abfd9985c2b855549/invoke.js HTTP/1.1
Host: faltercollection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 09:04:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e034b22dbadb6a6abf1ac9ba2dfd3453
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 57ad1f660b4be997f96455ba105d633c
e2bf6532ac16b6212b6f0a5aaa0fc4731d6ee368
97bceb6a459081e67a73d23144b07d4af7aca86fd16443fa39ab1fcaacc3108b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 09:04:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 20 Jan 2023 18:34:08 GMT
Expires: Fri, 27 Jan 2023 18:34:07 GMT
Etag: "e2bf6532ac16b6212b6f0a5aaa0fc4731d6ee368"
Cache-Control: max-age=465597,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78d71edb6d820b02-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash a8e6f157fd0ee89e42425a42b41a56b8
79e06666b07d926fed4cda7ee026f65dabbef491
cc71872eca6011b9bd4202ab8d970829a11a7f207507a2f6228b1599086dd69d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 09:04:09 GMT
Etag: "63cbe91a-1d7"
Last-Modified: Sun, 22 Jan 2023 07:15:05 GMT
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fdwyfjCHOI_uVFyQTzfnHc2cCwidYljgyMebfa3ZS5xbqp6GT1Qkrw==
Age: 6544
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash a8e6f157fd0ee89e42425a42b41a56b8
79e06666b07d926fed4cda7ee026f65dabbef491
cc71872eca6011b9bd4202ab8d970829a11a7f207507a2f6228b1599086dd69d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 09:04:09 GMT
Last-Modified: Sun, 22 Jan 2023 07:15:05 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: C42pxanAjcIOLSYbV0KBlPdrWL6suvXbX8r_ZvKDEgpVGf1h50NO2g==
Age: 6544
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d243b3fc0cecc95a397dce1a53ea771f
524b6a1584b6c22d28545ab16937f3658842eede
1c018a8aca6ba174dad6ee11261b2520756f782d6b70a01f18533059ae5c852c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C018A8ACA6BA174DAD6EE11261B2520756F782D6B70A01F18533059AE5C852C"
Last-Modified: Fri, 20 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4717
Expires: Sun, 22 Jan 2023 10:22:46 GMT
Date: Sun, 22 Jan 2023 09:04:09 GMT
Connection: keep-alive
simplewebanalysis.com/stats
52.58.34.136200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.58.34.136:0
File type ASCII text, with no line terminators
Hash e0f7c600cb6333ee36a8775135313362
08846bb698bcf56431b12a074ef5dffc4617c759
5c696d3cebd9607188fdc27cafea1a7f9f39a370b64c5442522661d842367f90
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pesmedia.press
Connection: keep-alive
Referer: https://pesmedia.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 09:04:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://pesmedia.press
access-control-allow-credentials: true
set-cookie: uid_id2=4a8cd5c5-17aa-46f0-8af5-4af241ead8f8:1:1; expires=Wed, 19 Jan 2033 09:04:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.58.34.136200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.58.34.136:0
File type ASCII text, with no line terminators
Hash d6ca8745dde7cee35aaa2a06b86b6d16
ab6c87718aa94e48263614a23ee44d892cdcc88c
2d307e221561e1115f3cf1fc395a5b219a36c42ef70e456dda5c653a759cc8d8
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pesmedia.press
Connection: keep-alive
Referer: https://pesmedia.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 09:04:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://pesmedia.press
access-control-allow-credentials: true
set-cookie: uid_id2=fb8546d9-29cb-4298-bdbc-47cb4a21c14b:3:1; expires=Wed, 19 Jan 2033 09:04:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
dimreproofjumped.com/34/36/c8/3436c8322d86a1583f48e7646f8bef82.js
173.233.137.44200 OK 29 kB URL HTTP/1.1 dimreproofjumped.com/34/36/c8/3436c8322d86a1583f48e7646f8bef82.js
IP 173.233.137.44:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 707f9b05e6e9210899221d36043e36fa
6e226553a404fad60448d271ece2fdcc5224763d
68c6981f8ac6256a6081ca23710fa308af18bade272ea69023603e12c63a943f
Analyzer Verdict Alert quad9 Sinkholed
GET /34/36/c8/3436c8322d86a1583f48e7646f8bef82.js HTTP/1.1
Host: dimreproofjumped.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 09:04:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 600b68f312ef283d17675d65f50578f8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
dimreproofjumped.com/watch.818895913886.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22english%22%2C%22for%22%2C%22everyone%22%2C%22business%22%2C%22english%22%2C%22course%22%2C%22book%22%2C%22by%22%2C%22dk%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fpesmedia.press%2Fmed-78228%2F1465449213&tz=0&dev=e&res=12.1055&uuid=4a8cd5c5-17aa-46f0-8af5-4af241ead8f8%3A1%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 dimreproofjumped.com/watch.818895913886.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22english%22%2C%22for%22%2C%22everyone%22%2C%22business%22%2C%22english%22%2C%22course%22%2C%22book%22%2C%22by%22%2C%22dk%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fpesmedia.press%2Fmed-78228%2F1465449213&tz=0&dev=e&res=12.1055&uuid=4a8cd5c5-17aa-46f0-8af5-4af241ead8f8%3A1%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.818895913886.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22english%22%2C%22for%22%2C%22everyone%22%2C%22business%22%2C%22english%22%2C%22course%22%2C%22book%22%2C%22by%22%2C%22dk%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fpesmedia.press%2Fmed-78228%2F1465449213&tz=0&dev=e&res=12.1055&uuid=4a8cd5c5-17aa-46f0-8af5-4af241ead8f8%3A1%3A1 HTTP/1.1
Host: dimreproofjumped.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pesmedia.press
Connection: keep-alive
Referer: https://pesmedia.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 09:04:10 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://pesmedia.press
Access-Control-Allow-Origin: https://pesmedia.press
Access-Control-Allow-Credentials: true
Location: https://dimreproofjumped.com/watch.818895913886.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22english%22%2C%22for%22%2C%22everyone%22%2C%22business%22%2C%22english%22%2C%22course%22%2C%22book%22%2C%22by%22%2C%22dk%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fpesmedia.press%2Fmed-78228%2F1465449213&tz=0&dev=e&res=12.1055&uuid=4a8cd5c5-17aa-46f0-8af5-4af241ead8f8%3A1%3A1&shu=4b746a71d45cba5225259dc0ec112db1cb3c51f98d5329f8b29973d83fd7ec3fe8cc67bf0d745af2ce96b1b3f7a6395958f7b54ca6edd4781e1a5e140960f92821f536d9b57a2c62ddf322b80454c5f22ae726a217d73fd573dddd12dd654a87&pst=1674378310&rmtc=t
Set-Cookie: u_pl=16268107; expires=Mon, 23 Jan 2023 09:04:10 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI2ODEwNywiayI6IjA5ZjdlYmFjZjA0MmYyNDY5ODAyN2NlYTVhZWQ4YWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQzNjY5LCJwaWQiOjMxMTI4OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjo1LCJwdCI6NCwicGsiOiJqNGN4eHQ0bTJyIiwiY3BrcyI6eyAiMjgiOiIzNDM2YzgzMjJkODZhMTU4M2Y0OGU3NjQ2ZjhiZWY4MiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9wZXNtZWRpYS5wcmVzcy9tZWQtNzgyMjgvMTQ2NTQ0OTIxMyJ9fQ.V8jy0NoaMWZgbB1mEmjUVZ4kkBU4czmKVCf-YrX1DYw; expires=Sun, 22 Jan 2023 09:05:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d60a2e02554bd17d8eb742a2ed022f94
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5cfe494f52916f95416f60446d6c0df5
8a19ba2ca25288feeb1644e2fb8cf604de7b255f
eee7aa8e8858a10a5fab9cfc60daca900a18fbbe8f4f574d5b293b21d3960ddb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE7AA8E8858A10A5FAB9CFC60DACA900A18FBBE8F4F574D5B293B21D3960DDB"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15278
Expires: Sun, 22 Jan 2023 13:18:48 GMT
Date: Sun, 22 Jan 2023 09:04:10 GMT
Connection: keep-alive
dimreproofjumped.com/watch.818895913886.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22english%22%2C%22for%22%2C%22everyone%22%2C%22business%22%2C%22english%22%2C%22course%22%2C%22book%22%2C%22by%22%2C%22dk%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fpesmedia.press%2Fmed-78228%2F1465449213&tz=0&dev=e&res=12.1055&uuid=4a8cd5c5-17aa-46f0-8af5-4af241ead8f8%3A1%3A1&shu=4b746a71d45cba5225259dc0ec112db1cb3c51f98d5329f8b29973d83fd7ec3fe8cc67bf0d745af2ce96b1b3f7a6395958f7b54ca6edd4781e1a5e140960f92821f536d9b57a2c62ddf322b80454c5f22ae726a217d73fd573dddd12dd654a87&pst=1674378310&rmtc=t
173.233.137.44200 OK 635 B URL HTTP/1.1 dimreproofjumped.com/watch.818895913886.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22english%22%2C%22for%22%2C%22everyone%22%2C%22business%22%2C%22english%22%2C%22course%22%2C%22book%22%2C%22by%22%2C%22dk%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fpesmedia.press%2Fmed-78228%2F1465449213&tz=0&dev=e&res=12.1055&uuid=4a8cd5c5-17aa-46f0-8af5-4af241ead8f8%3A1%3A1&shu=4b746a71d45cba5225259dc0ec112db1cb3c51f98d5329f8b29973d83fd7ec3fe8cc67bf0d745af2ce96b1b3f7a6395958f7b54ca6edd4781e1a5e140960f92821f536d9b57a2c62ddf322b80454c5f22ae726a217d73fd573dddd12dd654a87&pst=1674378310&rmtc=t
IP 173.233.137.44:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (582)
Hash d782cce0ac6e8ef6dca9c78c8c1b58c0
470eaedfba818551a19149546ac77e6a9559bca7
68357960868a7e9ab3823ebab4eb50d12f9afe08658ce1013ca2e3b37a1243a9
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.818895913886.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22english%22%2C%22for%22%2C%22everyone%22%2C%22business%22%2C%22english%22%2C%22course%22%2C%22book%22%2C%22by%22%2C%22dk%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fpesmedia.press%2Fmed-78228%2F1465449213&tz=0&dev=e&res=12.1055&uuid=4a8cd5c5-17aa-46f0-8af5-4af241ead8f8%3A1%3A1&shu=4b746a71d45cba5225259dc0ec112db1cb3c51f98d5329f8b29973d83fd7ec3fe8cc67bf0d745af2ce96b1b3f7a6395958f7b54ca6edd4781e1a5e140960f92821f536d9b57a2c62ddf322b80454c5f22ae726a217d73fd573dddd12dd654a87&pst=1674378310&rmtc=t HTTP/1.1
Host: dimreproofjumped.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pesmedia.press
Referer: https://pesmedia.press/
Connection: keep-alive
Cookie: u_pl=16268107; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI2ODEwNywiayI6IjA5ZjdlYmFjZjA0MmYyNDY5ODAyN2NlYTVhZWQ4YWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQzNjY5LCJwaWQiOjMxMTI4OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjo1LCJwdCI6NCwicGsiOiJqNGN4eHQ0bTJyIiwiY3BrcyI6eyAiMjgiOiIzNDM2YzgzMjJkODZhMTU4M2Y0OGU3NjQ2ZjhiZWY4MiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9wZXNtZWRpYS5wcmVzcy9tZWQtNzgyMjgvMTQ2NTQ0OTIxMyJ9fQ.V8jy0NoaMWZgbB1mEmjUVZ4kkBU4czmKVCf-YrX1DYw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 09:04:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://pesmedia.press
Access-Control-Allow-Origin: https://pesmedia.press
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=4a8cd5c5-17aa-46f0-8af5-4af241ead8f8:1:1; expires=Sun, 29 Jan 2023 09:04:10 GMT; secure; SameSite=None
iprc20216c3398e53cbb9762a2a559b5b835=2717340; expires=Mon, 23 Jan 2023 11:04:10 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Jan 2023 09:04:10 GMT; secure; SameSite=None
uncs=1; expires=Mon, 23 Jan 2023 09:04:10 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 23 Jan 2023 09:04:10 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 23 Jan 2023 09:04:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3cc98cb3b7efcea6ef3fafad8c2e6011
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6ec7632200e35267293042028940bd4f
58c255f2de6a2d881f4876230d5bd912feff9ff3
17372b064b1c6e4d3629e7199a6082418ca328455f587484893a3c9b322efe69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17372B064B1C6E4D3629E7199A6082418CA328455F587484893A3C9B322EFE69"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19363
Expires: Sun, 22 Jan 2023 14:26:53 GMT
Date: Sun, 22 Jan 2023 09:04:10 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8846
Expires: Sun, 22 Jan 2023 11:31:36 GMT
Date: Sun, 22 Jan 2023 09:04:10 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8846
Expires: Sun, 22 Jan 2023 11:31:36 GMT
Date: Sun, 22 Jan 2023 09:04:10 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8846
Expires: Sun, 22 Jan 2023 11:31:36 GMT
Date: Sun, 22 Jan 2023 09:04:10 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8846
Expires: Sun, 22 Jan 2023 11:31:36 GMT
Date: Sun, 22 Jan 2023 09:04:10 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8846
Expires: Sun, 22 Jan 2023 11:31:36 GMT
Date: Sun, 22 Jan 2023 09:04:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45b3e2b-1687-4d15-8241-c1b5422b7597.png
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45b3e2b-1687-4d15-8241-c1b5422b7597.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc0cd46a7749f64fba19f6be5f2de43
67b9c7ba8702b695036e253a20ab7b86c1725143
afbb5f9024e0397977575099fdbfdb32f06521c20556cb0b03501d822d2cc8cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb45b3e2b-1687-4d15-8241-c1b5422b7597.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 17237
x-amzn-requestid: 6c4b292b-633d-4063-8342-5022165de1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFObNH_eIAMFb0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb9114-5bf2228c7286c7fc3fc5dda4;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:15:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fvJtn3hDeRfp-0EcaTKl3rlCUZNEX6Kx-aAlRXQTL5ezw-oPfg90kg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 07:48:10 GMT
age: 4560
etag: "67b9c7ba8702b695036e253a20ab7b86c1725143"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f86ec004a2042b4030cd2cce2bf1e1d
e3c00dcc55f095f03a6f4505960ac1cee0b3877c
64b5084d4145d5931af05c335d21e31e75db30b1f9e8a2efd92fc4cd0aa7ac07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8221
x-amzn-requestid: 02db02af-4f05-450d-9370-0e7a9dda6948
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOEWGUMoAMF2QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d4e-050e7cdf21878aa159f36d0b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:46:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VtzsQ7NI9ODiQfxm_EaSDsizPQhDOSH3O23UEaHg1KI9bg8imLdOnw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:16 GMT
age: 40554
etag: "e3c00dcc55f095f03a6f4505960ac1cee0b3877c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ec85cf23f6ed6a70e62e17998dfcede
2a690f14cf97f33da2c4f4b21c737a7ca37665b4
ae3cedd8f51f9ed2d996f1d75e7288802d68fa3c27d928934311e4d8821940cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 86dec496-ff1b-4db8-9bcb-12275f6feeb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkBGiOIAMFaCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c7f-16c24501673bc2161c1e8a3b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EIRH5l-dSShdZbMvwSEE8jKooGny-prLtbXwx8ZNUi0Wfj4GItKV7g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 22:08:36 GMT
age: 39334
etag: "2a690f14cf97f33da2c4f4b21c737a7ca37665b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e5cb3e8d03fffcd307c5ebaef08167
1a813821d15afd416b82c3343a7920a0ffc909cb
84a81b6f63faa3f17a20222b8fa389761a0fb0512a1549b4848849c0425539c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7656
x-amzn-requestid: 6e1ebd9d-6ef0-48d0-a891-51bbf914ed42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNlYHaUoAMFr-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c88-479e8fb72b0b248d020d9e77;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DaWs0RT0IupgLoLeQZYbdYdvYFd02bXrdQBFYpqLxwmKf1bKhh_wgQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:06 GMT
etag: "1a813821d15afd416b82c3343a7920a0ffc909cb"
content-type: image/jpeg
age: 40564
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54bb2c2439cbf0cefc3075f25576f161
e4e506d7acc877b266c18ae6da3b948e0d41bb1e
8cfef01c8eea67086fdea9865d760f9ed1ecc15dc42f3b2c94fc85d609a31aa2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b9c3b02-6a9e-471d-9d0c-2b50255f00f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9334
x-amzn-requestid: 23f9071b-5274-4c6a-9a4a-d63ea74c7483
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNWQETCoAMFdjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c27-393e62854ba77f783f142985;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BWc9_KsIp1FH10PJZFoIteQrb0Q8cfqRN8RiynsqbHyFUHhDCxwqIw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:06 GMT
age: 40564
etag: "e4e506d7acc877b266c18ae6da3b948e0d41bb1e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 03:24:49 GMT
age: 20361
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 583638cafd239eb68a9ab28f5e67bd5b
95a8d45d07b3d6844ceba5dafd42f79cf13d5c67
83dbdaeb13cae8340e5831e6d5d1aa21d9be387dae97119a4e0ae4dea9a57a83
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83DBDAEB13CAE8340E5831E6D5D1AA21D9BE387DAE97119A4E0AE4DEA9A57A83"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10008
Expires: Sun, 22 Jan 2023 11:50:58 GMT
Date: Sun, 22 Jan 2023 09:04:10 GMT
Connection: keep-alive
concealbeakerdough.com/pixel/nvrwe?error=timeout
192.243.61.225200 OK 0 B URL HTTP/1.1 concealbeakerdough.com/pixel/nvrwe?error=timeout
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/nvrwe?error=timeout HTTP/1.1
Host: concealbeakerdough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 09:04:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16268107
173.233.139.164200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16268107
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 22cfdee757ee56d23ba0f43ed943db47
553d5bb7fd982c11487d86f69a62925b1fcda66c
2b7dfc212009d9f256f8fd5ebd4cfb96810e76ce98f846ea40a4ea5d4bdd4f54
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16268107 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 09:04:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Mon, 23 Jan 2023 09:04:10 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYyNjgxMDciLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9wZXNtZWRpYS5wcmVzcy8ifX0.wxR7wXFvpFQ_l-nt-HuOyzd6G-SxsQylaCy_QTvOS8g; expires=Sun, 22 Jan 2023 09:05:10 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e1ea3763dc052c2a11a99abff9abf0e3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?shu=4f80b330495baf9c094487d7f91400e8c20e68ee9af125a2701b0a774aab218ec0c8948334f0027bcd92404bb6540a5a72bdac9f5176d19db3efed4aa5f5de5ad0aec8afd228233818bec25019c200d43e96e037a7925ba250535e4904b8&pst=1674378310&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fpesmedia.press%2F&psid=16268107
173.233.139.164302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=4f80b330495baf9c094487d7f91400e8c20e68ee9af125a2701b0a774aab218ec0c8948334f0027bcd92404bb6540a5a72bdac9f5176d19db3efed4aa5f5de5ad0aec8afd228233818bec25019c200d43e96e037a7925ba250535e4904b8&pst=1674378310&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fpesmedia.press%2F&psid=16268107
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=4f80b330495baf9c094487d7f91400e8c20e68ee9af125a2701b0a774aab218ec0c8948334f0027bcd92404bb6540a5a72bdac9f5176d19db3efed4aa5f5de5ad0aec8afd228233818bec25019c200d43e96e037a7925ba250535e4904b8&pst=1674378310&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fpesmedia.press%2F&psid=16268107 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYyNjgxMDciLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9wZXNtZWRpYS5wcmVzcy8ifX0.wxR7wXFvpFQ_l-nt-HuOyzd6G-SxsQylaCy_QTvOS8g; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 09:04:11 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://asper-media.com/click.php?key=1wojcs0r58urwh6jy9ky&SUB_ID_SHORT=1c59c9875785e781da6a1cc0c1bf1380&COST_CPC=0.002500&PLACEMENT_ID=16122660&CAMPAIGN_ID=720711&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2126475
Set-Cookie: iprc9c8b7d493aa7e3540b7ff204ee9eeba9=3950617; expires=Mon, 23 Jan 2023 09:04:11 GMT
pdhtkv=true; expires=Mon, 23 Jan 2023 09:04:11 GMT
uncs=1; expires=Mon, 23 Jan 2023 09:04:11 GMT
pdhtkv28=true; expires=Mon, 23 Jan 2023 09:04:11 GMT
uncs28=1; expires=Mon, 23 Jan 2023 09:04:11 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1baf4c9ded6bcd51cbb44b20efc60f2
Strict-Transport-Security: max-age=0; includeSubdomains
asper-media.com/click.php?key=1wojcs0r58urwh6jy9ky&SUB_ID_SHORT=1c59c9875785e781da6a1cc0c1bf1380&COST_CPC=0.002500&PLACEMENT_ID=16122660&CAMPAIGN_ID=720711&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2126475
159.89.28.67302 Found 0 B URL HTTP/2 asper-media.com/click.php?key=1wojcs0r58urwh6jy9ky&SUB_ID_SHORT=1c59c9875785e781da6a1cc0c1bf1380&COST_CPC=0.002500&PLACEMENT_ID=16122660&CAMPAIGN_ID=720711&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2126475
IP 159.89.28.67:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?key=1wojcs0r58urwh6jy9ky&SUB_ID_SHORT=1c59c9875785e781da6a1cc0c1bf1380&COST_CPC=0.002500&PLACEMENT_ID=16122660&CAMPAIGN_ID=720711&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2126475 HTTP/1.1
Host: asper-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.18.0
date: Sun, 22 Jan 2023 09:04:11 GMT
content-type: text/html; charset=UTF-8
location: https://media.playamopartners.com/redirect.aspx?pid=205173&bid=2058&lpid=1225&clickid=de1e4x9c8d5ci198&campaign=1642&trafficsource=62
set-cookie: uclick=x9c8d5ci; expires=Mon, 23-Jan-2023 09:04:11 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=x9c8d5ci-x9c8d5ci-us7s-0-pmib-9za6-9za5-8f1448; expires=Mon, 23-Jan-2023 09:04:11 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
bizzocasinolp.com/bonus-wheel-en/?btag=667089_1F07596D93EA44BFB52310E6C2CFD7F9&clickid=de1e4x9c8d5ci198&campaign=1642&trafficsource=62
104.21.53.204200 OK 8.7 kB URL HTTP/2 bizzocasinolp.com/bonus-wheel-en/?btag=667089_1F07596D93EA44BFB52310E6C2CFD7F9&clickid=de1e4x9c8d5ci198&campaign=1642&trafficsource=62
IP 104.21.53.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (434)
Hash 9b0f30a5f16300f66a30593f84a643f4
2d2b4e79d19c0f0e6ce39043989af42cbda72ec9
eda26396506d5c35d4f49056ad0a7ca94dcb2e51aa872697c12a67983a55cb88
GET /bonus-wheel-en/?btag=667089_1F07596D93EA44BFB52310E6C2CFD7F9&clickid=de1e4x9c8d5ci198&campaign=1642&trafficsource=62 HTTP/1.1
Host: bizzocasinolp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jennyvisits.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 09:04:12 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFNZ32cnZOmeaQcOTnbQBzQYYn1pTpKtTLwT5TVEk3481M77CupvnZ%2FaR5GO%2FSpEAigNpQYQkhMnHwm7OifAPNWzv701CdgnYNyTumsoCOxqrnXT0hIbKKMMYilfJnDPyARMUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d71eeca9b1b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,400italic
142.250.74.106200 OK 4.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,400italic
IP 142.250.74.106:0
Hash 1d1813e485fd3e3368119ba1145f225e
7c3876a0b9534cb4ed51853b3acd3094645aeb36
de71f84ba551e0ae75453f659da3637f65c6ea1178012c13ab80fe5f840d0651
GET /css?family=Source+Sans+Pro:300,400,700,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 09:04:08 GMT
date: Sun, 22 Jan 2023 09:04:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 09:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TT75SSG
142.250.74.168200 OK 40 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TT75SSG
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 305226ea761b34106669106c9bd61e9d
d111f6159fbe4d0eb1e6ba85ddec4223caac4800
5e30e643b850f212bab29410a8be10d4f2408507358cc24e866076fd7974ee2e
GET /gtm.js?id=GTM-TT75SSG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bizzocasinolp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 22 Jan 2023 09:04:12 GMT
expires: Sun, 22 Jan 2023 09:04:12 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39563
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 09:04:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdc45398-1d4d-45ac-94a6-2cc6d910d8b8.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdc45398-1d4d-45ac-94a6-2cc6d910d8b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 375f2cf298e45122ca727fb63f0e5ea7
eb746e6842127741552c7dcc48e8a92193ca3075
8b5e5432f69dad1428c3a735f7a0d07823658e03befc7b6e15f6f5c3306fbaa8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdc45398-1d4d-45ac-94a6-2cc6d910d8b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5196
x-amzn-requestid: 24221211-6673-4d7b-88de-2ef8c9a62f1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNWRFPUIAMFf-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c27-286d3bb84ad3362d615479ed;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uSVzx-rzZIDLp55bKb-12pKjPUzRGih9sIupyPYRuDQasYa7JRnWoA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:52:07 GMT
etag: "eb746e6842127741552c7dcc48e8a92193ca3075"
content-type: image/jpeg
age: 40330
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootswatch/3.3.6/lumen/bootstrap.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootswatch/3.3.6/lumen/bootstrap.min.css
IP 104.18.11.207:0
GET /bootswatch/3.3.6/lumen/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 09:04:08 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:27 GMT
cdn-cachedat: 12/10/2021 15:32:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: e9a4e8c4f93483ac9ad4cfec0ed90682
cdn-cache: HIT
cf-cache-status: HIT
age: 1123576
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78d71ed60f72fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secure.statcounter.com/counter/counter.js
104.20.218.77200 OK 0 B URL HTTP/2 secure.statcounter.com/counter/counter.js
IP 104.20.218.77:0
GET /counter/counter.js HTTP/1.1
Host: secure.statcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pesmedia.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 09:04:09 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 19 Jan 2023 16:55:02 GMT
etag: W/"63c975e6-aa70"
expires: Sun, 22 Jan 2023 18:36:37 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 8852
server: cloudflare
cf-ray: 78d71edbc8551c06-OSL
content-encoding: br
X-Firefox-Spdy: h2