majorcharacter.com/cdG-Ffzgc.zh9ik_akXlQm9nM-TpYq3rNsT_AuwvOwDxg-wzNAzBQC4_MEDFgG0HO-DJAK2LOMS_ZOkPdQGRt-uTPUTVNWH_RYkZ5a2bM-GdReGfYgT_limjWkjlF-jnSo0pJqV_WsHtJuvvN-HxVyLzbA1_pCnDVEjFA-2HZIVJpKH_JMnNBO0Pb-jR1SDTZU0_pWPXUYnZh-JbRc2dJeX_OgWhlihjV-3lhmsnSoW_dqOrdsGtR-HvNwHxFyJ_RAGBhCpDW-WF1GNHeIV_lKtLRMTNB-OPMQlRkSw_TUTVJWWXb-FZpaEbScm_teOfVgGhc-wjTkWl1mJ_eoFplq6rW-mttuNvRwE_0y0zWAXBp-VDNEEF1GL_ZITJIKyLc-DNROHPTQ1_BSQTcUEVJ-FXRYGZJa1_NcWd9eDfJ-nhJiyjZkX_FmonPoWpQ-yrYszthuk_NwGxQyzzZ-TBYC2DMEG_UGwHYITJN-kLYMTNkOx_MQWRISzTN-mVFWmXOYT_FambNcTdN-jfJgnhJiy_akWlQm9nN-TpkqxrOsW_VuhvZwjxZ-kzMAWBZCk_NEWFIG2HO-WJUK1LNM2_FOiPYQzRI-3TMUjVgW0_NYmZIaybN-Tdkemfcgn_NiyjYkzl1-vndoXpQqm_cs0tlukvP-TxQy3zMAz_IC5DOETFQ-mHeImJ9Ku_ZMUNlOkPP-TRQS2TMUj_cW5XMYzZE-
88.85.94.246301 Moved Permanently 162 B URL HTTP/1.1 majorcharacter.com/cdG-Ffzgc.zh9ik_akXlQm9nM-TpYq3rNsT_AuwvOwDxg-wzNAzBQC4_MEDFgG0HO-DJAK2LOMS_ZOkPdQGRt-uTPUTVNWH_RYkZ5a2bM-GdReGfYgT_limjWkjlF-jnSo0pJqV_WsHtJuvvN-HxVyLzbA1_pCnDVEjFA-2HZIVJpKH_JMnNBO0Pb-jR1SDTZU0_pWPXUYnZh-JbRc2dJeX_OgWhlihjV-3lhmsnSoW_dqOrdsGtR-HvNwHxFyJ_RAGBhCpDW-WF1GNHeIV_lKtLRMTNB-OPMQlRkSw_TUTVJWWXb-FZpaEbScm_teOfVgGhc-wjTkWl1mJ_eoFplq6rW-mttuNvRwE_0y0zWAXBp-VDNEEF1GL_ZITJIKyLc-DNROHPTQ1_BSQTcUEVJ-FXRYGZJa1_NcWd9eDfJ-nhJiyjZkX_FmonPoWpQ-yrYszthuk_NwGxQyzzZ-TBYC2DMEG_UGwHYITJN-kLYMTNkOx_MQWRISzTN-mVFWmXOYT_FambNcTdN-jfJgnhJiy_akWlQm9nN-TpkqxrOsW_VuhvZwjxZ-kzMAWBZCk_NEWFIG2HO-WJUK1LNM2_FOiPYQzRI-3TMUjVgW0_NYmZIaybN-Tdkemfcgn_NiyjYkzl1-vndoXpQqm_cs0tlukvP-TxQy3zMAz_IC5DOETFQ-mHeImJ9Ku_ZMUNlOkPP-TRQS2TMUj_cW5XMYzZE-
IP 88.85.94.246:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /cdG-Ffzgc.zh9ik_akXlQm9nM-TpYq3rNsT_AuwvOwDxg-wzNAzBQC4_MEDFgG0HO-DJAK2LOMS_ZOkPdQGRt-uTPUTVNWH_RYkZ5a2bM-GdReGfYgT_limjWkjlF-jnSo0pJqV_WsHtJuvvN-HxVyLzbA1_pCnDVEjFA-2HZIVJpKH_JMnNBO0Pb-jR1SDTZU0_pWPXUYnZh-JbRc2dJeX_OgWhlihjV-3lhmsnSoW_dqOrdsGtR-HvNwHxFyJ_RAGBhCpDW-WF1GNHeIV_lKtLRMTNB-OPMQlRkSw_TUTVJWWXb-FZpaEbScm_teOfVgGhc-wjTkWl1mJ_eoFplq6rW-mttuNvRwE_0y0zWAXBp-VDNEEF1GL_ZITJIKyLc-DNROHPTQ1_BSQTcUEVJ-FXRYGZJa1_NcWd9eDfJ-nhJiyjZkX_FmonPoWpQ-yrYszthuk_NwGxQyzzZ-TBYC2DMEG_UGwHYITJN-kLYMTNkOx_MQWRISzTN-mVFWmXOYT_FambNcTdN-jfJgnhJiy_akWlQm9nN-TpkqxrOsW_VuhvZwjxZ-kzMAWBZCk_NEWFIG2HO-WJUK1LNM2_FOiPYQzRI-3TMUjVgW0_NYmZIaybN-Tdkemfcgn_NiyjYkzl1-vndoXpQqm_cs0tlukvP-TxQy3zMAz_IC5DOETFQ-mHeImJ9Ku_ZMUNlOkPP-TRQS2TMUj_cW5XMYzZE- HTTP/1.1
Host: majorcharacter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 29 Jan 2023 16:14:28 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://majorcharacter.com/cdG-Ffzgc.zh9ik_akXlQm9nM-TpYq3rNsT_AuwvOwDxg-wzNAzBQC4_MEDFgG0HO-DJAK2LOMS_ZOkPdQGRt-uTPUTVNWH_RYkZ5a2bM-GdReGfYgT_limjWkjlF-jnSo0pJqV_WsHtJuvvN-HxVyLzbA1_pCnDVEjFA-2HZIVJpKH_JMnNBO0Pb-jR1SDTZU0_pWPXUYnZh-JbRc2dJeX_OgWhlihjV-3lhmsnSoW_dqOrdsGtR-HvNwHxFyJ_RAGBhCpDW-WF1GNHeIV_lKtLRMTNB-OPMQlRkSw_TUTVJWWXb-FZpaEbScm_teOfVgGhc-wjTkWl1mJ_eoFplq6rW-mttuNvRwE_0y0zWAXBp-VDNEEF1GL_ZITJIKyLc-DNROHPTQ1_BSQTcUEVJ-FXRYGZJa1_NcWd9eDfJ-nhJiyjZkX_FmonPoWpQ-yrYszthuk_NwGxQyzzZ-TBYC2DMEG_UGwHYITJN-kLYMTNkOx_MQWRISzTN-mVFWmXOYT_FambNcTdN-jfJgnhJiy_akWlQm9nN-TpkqxrOsW_VuhvZwjxZ-kzMAWBZCk_NEWFIG2HO-WJUK1LNM2_FOiPYQzRI-3TMUjVgW0_NYmZIaybN-Tdkemfcgn_NiyjYkzl1-vndoXpQqm_cs0tlukvP-TxQy3zMAz_IC5DOETFQ-mHeImJ9Ku_ZMUNlOkPP-TRQS2TMUj_cW5XMYzZE-
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13004
Expires: Sun, 29 Jan 2023 19:51:12 GMT
Date: Sun, 29 Jan 2023 16:14:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15386
Expires: Sun, 29 Jan 2023 20:30:54 GMT
Date: Sun, 29 Jan 2023 16:14:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17178
Expires: Sun, 29 Jan 2023 21:00:46 GMT
Date: Sun, 29 Jan 2023 16:14:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 15:35:38 GMT
content-type: application/json
age: 2331
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KKRRWp9Sg90VwWPappzCePU3tC1SPxCeEH2Nk6JCUfgrOBgTCaofso/o0xCB95Coy+/vK7USRow=
x-amz-request-id: GH1B9V5AZJCSXPQH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 15:50:22 GMT
age: 1447
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 16:14:29 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
majorcharacter.com/cdG-Ffzgc.zh9ik_akXlQm9nM-TpYq3rNsT_AuwvOwDxg-wzNAzBQC4_MEDFgG0HO-DJAK2LOMS_ZOkPdQGRt-uTPUTVNWH_RYkZ5a2bM-GdReGfYgT_limjWkjlF-jnSo0pJqV_WsHtJuvvN-HxVyLzbA1_pCnDVEjFA-2HZIVJpKH_JMnNBO0Pb-jR1SDTZU0_pWPXUYnZh-JbRc2dJeX_OgWhlihjV-3lhmsnSoW_dqOrdsGtR-HvNwHxFyJ_RAGBhCpDW-WF1GNHeIV_lKtLRMTNB-OPMQlRkSw_TUTVJWWXb-FZpaEbScm_teOfVgGhc-wjTkWl1mJ_eoFplq6rW-mttuNvRwE_0y0zWAXBp-VDNEEF1GL_ZITJIKyLc-DNROHPTQ1_BSQTcUEVJ-FXRYGZJa1_NcWd9eDfJ-nhJiyjZkX_FmonPoWpQ-yrYszthuk_NwGxQyzzZ-TBYC2DMEG_UGwHYITJN-kLYMTNkOx_MQWRISzTN-mVFWmXOYT_FambNcTdN-jfJgnhJiy_akWlQm9nN-TpkqxrOsW_VuhvZwjxZ-kzMAWBZCk_NEWFIG2HO-WJUK1LNM2_FOiPYQzRI-3TMUjVgW0_NYmZIaybN-Tdkemfcgn_NiyjYkzl1-vndoXpQqm_cs0tlukvP-TxQy3zMAz_IC5DOETFQ-mHeImJ9Ku_ZMUNlOkPP-TRQS2TMUj_cW5XMYzZE-
88.85.94.246302 Found 0 B URL HTTP/2 majorcharacter.com/cdG-Ffzgc.zh9ik_akXlQm9nM-TpYq3rNsT_AuwvOwDxg-wzNAzBQC4_MEDFgG0HO-DJAK2LOMS_ZOkPdQGRt-uTPUTVNWH_RYkZ5a2bM-GdReGfYgT_limjWkjlF-jnSo0pJqV_WsHtJuvvN-HxVyLzbA1_pCnDVEjFA-2HZIVJpKH_JMnNBO0Pb-jR1SDTZU0_pWPXUYnZh-JbRc2dJeX_OgWhlihjV-3lhmsnSoW_dqOrdsGtR-HvNwHxFyJ_RAGBhCpDW-WF1GNHeIV_lKtLRMTNB-OPMQlRkSw_TUTVJWWXb-FZpaEbScm_teOfVgGhc-wjTkWl1mJ_eoFplq6rW-mttuNvRwE_0y0zWAXBp-VDNEEF1GL_ZITJIKyLc-DNROHPTQ1_BSQTcUEVJ-FXRYGZJa1_NcWd9eDfJ-nhJiyjZkX_FmonPoWpQ-yrYszthuk_NwGxQyzzZ-TBYC2DMEG_UGwHYITJN-kLYMTNkOx_MQWRISzTN-mVFWmXOYT_FambNcTdN-jfJgnhJiy_akWlQm9nN-TpkqxrOsW_VuhvZwjxZ-kzMAWBZCk_NEWFIG2HO-WJUK1LNM2_FOiPYQzRI-3TMUjVgW0_NYmZIaybN-Tdkemfcgn_NiyjYkzl1-vndoXpQqm_cs0tlukvP-TxQy3zMAz_IC5DOETFQ-mHeImJ9Ku_ZMUNlOkPP-TRQS2TMUj_cW5XMYzZE-
IP 88.85.94.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdG-Ffzgc.zh9ik_akXlQm9nM-TpYq3rNsT_AuwvOwDxg-wzNAzBQC4_MEDFgG0HO-DJAK2LOMS_ZOkPdQGRt-uTPUTVNWH_RYkZ5a2bM-GdReGfYgT_limjWkjlF-jnSo0pJqV_WsHtJuvvN-HxVyLzbA1_pCnDVEjFA-2HZIVJpKH_JMnNBO0Pb-jR1SDTZU0_pWPXUYnZh-JbRc2dJeX_OgWhlihjV-3lhmsnSoW_dqOrdsGtR-HvNwHxFyJ_RAGBhCpDW-WF1GNHeIV_lKtLRMTNB-OPMQlRkSw_TUTVJWWXb-FZpaEbScm_teOfVgGhc-wjTkWl1mJ_eoFplq6rW-mttuNvRwE_0y0zWAXBp-VDNEEF1GL_ZITJIKyLc-DNROHPTQ1_BSQTcUEVJ-FXRYGZJa1_NcWd9eDfJ-nhJiyjZkX_FmonPoWpQ-yrYszthuk_NwGxQyzzZ-TBYC2DMEG_UGwHYITJN-kLYMTNkOx_MQWRISzTN-mVFWmXOYT_FambNcTdN-jfJgnhJiy_akWlQm9nN-TpkqxrOsW_VuhvZwjxZ-kzMAWBZCk_NEWFIG2HO-WJUK1LNM2_FOiPYQzRI-3TMUjVgW0_NYmZIaybN-Tdkemfcgn_NiyjYkzl1-vndoXpQqm_cs0tlukvP-TxQy3zMAz_IC5DOETFQ-mHeImJ9Ku_ZMUNlOkPP-TRQS2TMUj_cW5XMYzZE- HTTP/1.1
Host: majorcharacter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 29 Jan 2023 16:14:29 GMT
content-type: text/html;charset=UTF-8
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
location: https://majorcharacter.com/bS3TV-0.PV3WJXyYa_WaQb9cNdT-kfxgOhWiV_hkZljmZnk-MpWqZrksN_WuIv2wOxW-Uz1ANB2CF_iEYFzGIH3-MJjKgL0MN_mOIPyQNRT-kTmUcVnWN_yYYZza1bv-ddXeQfmgc_0iljkkPlT-Qn2oMpjqc_5sMtzuAvm-dxHyZzyAP_TCADmEeFm-9HuIZJUKl_kMPNTOIP1-MRTSUTxUO_DWcX
referrer-policy: no-referrer
x-content-type-options: nosniff
X-Firefox-Spdy: h2
active-year.com/l?v=_CwzkE9L
88.85.69.213200 OK 3.6 kB URL HTTP/1.1 active-year.com/l?v=_CwzkE9L
IP 88.85.69.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (830)
Hash 43e963c93320fec69c251be7abbfab3b
b575156c286632bd656ad609c2aa9ed57bc6beb1
b0efb8015a3b29a56989498de35d89d661435d6a49a75a109e9ee038d591e9b2
POST /l?v=_CwzkE9L HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 834
Origin: null
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:29 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
active-year.com/views/grecaptcha/css/style.css
88.85.69.213200 OK 599 B URL HTTP/1.1 active-year.com/views/grecaptcha/css/style.css
IP 88.85.69.213:0
Hash f7ae3d7fd5be8ed7316cc60877ffaa61
66090c3432a77768431a0e8ea50bab13f5461c39
d07bc124c348060d0d697f6d5b1e3e764f234461f63c9a4556b52011b0578060
GET /views/grecaptcha/css/style.css HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/l?v=_CwzkE9L
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:29 GMT
Content-Type: text/css
Last-Modified: Thu, 12 Jan 2023 14:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c01914-67e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
active-year.com/views/grecaptcha/css/mainstream.css
88.85.69.213200 OK 170 B URL HTTP/1.1 active-year.com/views/grecaptcha/css/mainstream.css
IP 88.85.69.213:0
Hash 51ed1c04de00b14acfefc11e667880b4
511b5b13e2a6350adaa48615794e86bd6261abb7
fc0849b75e278610fb9ffb0d98f3c38ad0f3719156fd98bbef555c92c6d0347b
GET /views/grecaptcha/css/mainstream.css HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/l?v=_CwzkE9L
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:29 GMT
Content-Type: text/css
Last-Modified: Thu, 12 Jan 2023 14:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c01914-2d0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8fbba08253208adee87e3e1bfc8ad7df
e588db4bccc3c8c84d505f5b710ffdba64fa520a
8d515f9b71805273b1c64b93b19165018329608c371a6fdaccaea4f8aea764ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5250
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 16:14:29 GMT
Last-Modified: Sun, 29 Jan 2023 14:46:59 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
active-year.com/views/grecaptcha/js/pathRecaptcha.min.js?v=1673605188672910848
88.85.69.213200 OK 546 B URL HTTP/1.1 active-year.com/views/grecaptcha/js/pathRecaptcha.min.js?v=1673605188672910848
IP 88.85.69.213:0
File type ASCII text, with very long lines (1115)
Hash 465d58d8af269f055507d700dd3cc7ee
069eaf2fd10760d858715a69d6d6d8a565395ce8
b3728f4bbedae628c1ac4176f15b18d40e26b166c3fb5a007d983c25a9837801
GET /views/grecaptcha/js/pathRecaptcha.min.js?v=1673605188672910848 HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/l?v=_CwzkE9L
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:29 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Jan 2023 14:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c01914-4f6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
active-year.com/views/grecaptcha/js/debugMode.js?v=1673605188672910848
88.85.69.213200 OK 434 B URL HTTP/1.1 active-year.com/views/grecaptcha/js/debugMode.js?v=1673605188672910848
IP 88.85.69.213:0
Hash e257ae39c476af1c24717256b9dadc2b
1280e7527a353bc0ed332b6b86174ef6a314519e
11df5f5e7472afb539e79522dc90962a0faf8c559a71e90c5ae219d0a3a3b70c
GET /views/grecaptcha/js/debugMode.js?v=1673605188672910848 HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/l?v=_CwzkE9L
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:29 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Jan 2023 14:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c01914-553"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
active-year.com/views/grecaptcha/js/pathBotDetect.min.js?v=1673605188672910848
88.85.69.213200 OK 9.0 kB URL HTTP/1.1 active-year.com/views/grecaptcha/js/pathBotDetect.min.js?v=1673605188672910848
IP 88.85.69.213:0
File type ASCII text, with very long lines (29124)
Hash fd44685a361ff93f68dac5bb72767869
9fd946cd00e0469306f0c4a2227f13dd5df2b6a6
2e5414490db85598f88a210527d1c98031ecc9b76f5ac1b045cc02b88a94d9f5
GET /views/grecaptcha/js/pathBotDetect.min.js?v=1673605188672910848 HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/l?v=_CwzkE9L
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:29 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Jan 2023 14:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c01914-7225"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
active-year.com/views/grecaptcha/js/pathTouchEvent.min.js?v=1673605188672910848
88.85.69.213200 OK 5.3 kB URL HTTP/1.1 active-year.com/views/grecaptcha/js/pathTouchEvent.min.js?v=1673605188672910848
IP 88.85.69.213:0
File type ASCII text, with very long lines (20222)
Hash 02c4b147e90a11dbab365beaee11a7b7
94760b7c1a56b6a893d12ddc4a8007255c588c07
52ceeb4b55eaf071dc1ace3cf79b38e89d5f725a8cf22a97360d0322f5978ede
GET /views/grecaptcha/js/pathTouchEvent.min.js?v=1673605188672910848 HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/l?v=_CwzkE9L
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:29 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Jan 2023 14:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c01914-4f92"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
active-year.com/views/grecaptcha/js/pathHanalytics.min.js?v=1673605188672910848
88.85.69.213200 OK 3.0 kB URL HTTP/1.1 active-year.com/views/grecaptcha/js/pathHanalytics.min.js?v=1673605188672910848
IP 88.85.69.213:0
File type ASCII text, with very long lines (8002)
Hash a6f56ac6b7ce884488fdd3ca9d5f78be
24abc81f87998c9319d624127b125052b03709d2
26465ae0fee3b9b4c22c63712eaced952a411013154d59a11cb8d0515fc0ba80
GET /views/grecaptcha/js/pathHanalytics.min.js?v=1673605188672910848 HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/l?v=_CwzkE9L
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:29 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Jan 2023 14:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c01914-1fa3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
active-year.com/views/grecaptcha/js/pathEvents.min.js?v=1673605188672910848
88.85.69.213200 OK 2.5 kB URL HTTP/1.1 active-year.com/views/grecaptcha/js/pathEvents.min.js?v=1673605188672910848
IP 88.85.69.213:0
File type ASCII text, with very long lines (7151), with no line terminators
Hash 6e2692533e8efa6f6019fde4d124747a
5ec982163e290c19c543e6bdd0c639b681b22fde
4d55e8d1442e8ee388e1233612d80909021313c70a5182a7faae235cb88b5507
GET /views/grecaptcha/js/pathEvents.min.js?v=1673605188672910848 HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/l?v=_CwzkE9L
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:29 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Jan 2023 14:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c01914-1bef"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
active-year.com/views/grecaptcha/js/cacheIcon.min.js?v=1673605188672910848
88.85.69.213200 OK 900 B URL HTTP/1.1 active-year.com/views/grecaptcha/js/cacheIcon.min.js?v=1673605188672910848
IP 88.85.69.213:0
File type ASCII text, with very long lines (1999), with no line terminators
Hash 7c8e2f8ac5c58b22d58f897b439a9f72
718bbf49997d6c7459f611fe633523eaf4372298
57e524d06c9c57d2b67f76c4d9b4f34ba3383c73108672ad9c4c967043295c7f
GET /views/grecaptcha/js/cacheIcon.min.js?v=1673605188672910848 HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/l?v=_CwzkE9L
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:29 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Jan 2023 14:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c01914-7cf"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
active-year.com/views/grecaptcha/js/checkLogin.min.js?v=1673605188672910848
88.85.69.213200 OK 626 B URL HTTP/1.1 active-year.com/views/grecaptcha/js/checkLogin.min.js?v=1673605188672910848
IP 88.85.69.213:0
File type ASCII text, with very long lines (1749), with no line terminators
Hash 00cbf800b5956b1ec4ce56809d3fe183
4d505849d483012329ede71dc4edbebcec348f76
c5fbead748c771e4fff8be9e1e335579ecca5a7629b072bfd1092a49511f9587
GET /views/grecaptcha/js/checkLogin.min.js?v=1673605188672910848 HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/l?v=_CwzkE9L
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:29 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Jan 2023 14:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c01914-6d5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 15:41:41 GMT
age: 1968
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8fbba08253208adee87e3e1bfc8ad7df
e588db4bccc3c8c84d505f5b710ffdba64fa520a
8d515f9b71805273b1c64b93b19165018329608c371a6fdaccaea4f8aea764ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5250
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 16:14:29 GMT
Last-Modified: Sun, 29 Jan 2023 14:46:59 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
active-year.com/views/grecaptcha/js/extFpHash.js?v=1673605188672910848
88.85.69.213200 OK 97 kB URL HTTP/1.1 active-year.com/views/grecaptcha/js/extFpHash.js?v=1673605188672910848
IP 88.85.69.213:0
File type ASCII text, with very long lines (65465)
Hash bd50f6a801866149feafb232cb7bd73f
c4a3a12410af7a6e1591f341806aef9d1b1601ec
17ed83529ad003a5cf59d0fcc11a9c0289b717790162a539e6fee7bc95ddfd4e
GET /views/grecaptcha/js/extFpHash.js?v=1673605188672910848 HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/l?v=_CwzkE9L
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:29 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Jan 2023 14:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63c01914-41f2c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Content-Encoding: br
intrepidsock.pro/aMG_EO/Pe.mQ9Ru-ZTUUlVkWP_TYIZ1aMbT-UdxeOfDgc_miYjWkRlJ-ZnDo0pzqN_DsYtzuMvj-cxmycz0Al_kCPDTEQF2-MHjIcJ5KM_zMANmOcP0-lRkSMTjU0_mWcX0YlZk-Mbzc0dmec_ngJhpiZjD-0l1mOnToE_5qZrWsFtm-NvmwQxxyZ_mAQB1CYDj-YF5GZHTIU_3KYLWMJNj-MPjQcRySO_DUQV2WYXj-IZ1aObScZ_1ebfmglhx-QjnkllUme_XoBplqPrT-AtmudvWw5_pyczUAJB5-WDmE9FuGZ_TI0JwKJLn-VNuOaPXQF_CSeTUUZVl-ZXWYQZ9aM_CcZd1ebfm-lhxiQjnkl_Gmbn3oJpt-YrXsQt9uM_CwZxwydzD-0BwCJDnEJ_2GPHTIAJm-aLHMMN9Oc_WQERmSbTH-BVpWPXTYM_yaNbTcIdm-afGglh0iS_WkQl9mYnW-NpiqZrWsE_2uMvWwQxw-NzmAEB5CY_TENFiGMHG-MJxKML2MN_mOYPTQZRi-MTTUgVxWZ_GYMZ3aMbj-Yd
188.72.219.36200 OK 0 B URL HTTP/2 intrepidsock.pro/aMG_EO/Pe.mQ9Ru-ZTUUlVkWP_TYIZ1aMbT-UdxeOfDgc_miYjWkRlJ-ZnDo0pzqN_DsYtzuMvj-cxmycz0Al_kCPDTEQF2-MHjIcJ5KM_zMANmOcP0-lRkSMTjU0_mWcX0YlZk-Mbzc0dmec_ngJhpiZjD-0l1mOnToE_5qZrWsFtm-NvmwQxxyZ_mAQB1CYDj-YF5GZHTIU_3KYLWMJNj-MPjQcRySO_DUQV2WYXj-IZ1aObScZ_1ebfmglhx-QjnkllUme_XoBplqPrT-AtmudvWw5_pyczUAJB5-WDmE9FuGZ_TI0JwKJLn-VNuOaPXQF_CSeTUUZVl-ZXWYQZ9aM_CcZd1ebfm-lhxiQjnkl_Gmbn3oJpt-YrXsQt9uM_CwZxwydzD-0BwCJDnEJ_2GPHTIAJm-aLHMMN9Oc_WQERmSbTH-BVpWPXTYM_yaNbTcIdm-afGglh0iS_WkQl9mYnW-NpiqZrWsE_2uMvWwQxw-NzmAEB5CY_TENFiGMHG-MJxKML2MN_mOYPTQZRi-MTTUgVxWZ_GYMZ3aMbj-Yd
IP 188.72.219.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /aMG_EO/Pe.mQ9Ru-ZTUUlVkWP_TYIZ1aMbT-UdxeOfDgc_miYjWkRlJ-ZnDo0pzqN_DsYtzuMvj-cxmycz0Al_kCPDTEQF2-MHjIcJ5KM_zMANmOcP0-lRkSMTjU0_mWcX0YlZk-Mbzc0dmec_ngJhpiZjD-0l1mOnToE_5qZrWsFtm-NvmwQxxyZ_mAQB1CYDj-YF5GZHTIU_3KYLWMJNj-MPjQcRySO_DUQV2WYXj-IZ1aObScZ_1ebfmglhx-QjnkllUme_XoBplqPrT-AtmudvWw5_pyczUAJB5-WDmE9FuGZ_TI0JwKJLn-VNuOaPXQF_CSeTUUZVl-ZXWYQZ9aM_CcZd1ebfm-lhxiQjnkl_Gmbn3oJpt-YrXsQt9uM_CwZxwydzD-0BwCJDnEJ_2GPHTIAJm-aLHMMN9Oc_WQERmSbTH-BVpWPXTYM_yaNbTcIdm-afGglh0iS_WkQl9mYnW-NpiqZrWsE_2uMvWwQxw-NzmAEB5CY_TENFiGMHG-MJxKML2MN_mOYPTQZRi-MTTUgVxWZ_GYMZ3aMbj-Yd HTTP/1.1
Host: intrepidsock.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 61
Origin: https://active-year.com
Connection: keep-alive
Referer: https://active-year.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 16:14:29 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-origin: https://active-year.com
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-credentials: true
vary: Origin
last-modified: Sun, 29 Jan 2023 16:14:29 GMT
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14025
Expires: Sun, 29 Jan 2023 20:08:14 GMT
Date: Sun, 29 Jan 2023 16:14:29 GMT
Connection: keep-alive
active-year.com/views/grecaptcha/img/mainstream/laptop.png
88.85.69.213200 OK 1.2 MB URL HTTP/1.1 active-year.com/views/grecaptcha/img/mainstream/laptop.png
IP 88.85.69.213:0
File type PNG image data, 1436 x 1025, 8-bit/color RGBA, non-interlaced\012- data
Size 1.2 MB (1192830 bytes)
Hash 64c05ce3df8cc7e9f2d6a828a5de9bb9
193d3891f2d1e8aa3ea0efdad64c0dadc8e2ce3e
940e231d1846ab2e4091fff0840fd4e68fc04742098006d81a6cfe463f236dd5
GET /views/grecaptcha/img/mainstream/laptop.png HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/views/grecaptcha/css/mainstream.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:29 GMT
Content-Type: image/png
Content-Length: 1192830
Last-Modified: Thu, 12 Jan 2023 14:28:36 GMT
Connection: keep-alive
ETag: "63c01914-12337e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f80d752ea2c8352437e0e1320c53e58c
d27fc081e891253775947ad8340b397ad5ee96b3
c6cc51536152b06cf2d9dc52adde30cd5686119f25448629a2dc47ea3a7b4ac2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6CC51536152B06CF2D9DC52ADDE30CD5686119F25448629A2DC47EA3A7B4AC2"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8631
Expires: Sun, 29 Jan 2023 18:38:20 GMT
Date: Sun, 29 Jan 2023 16:14:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6da80b9a5e9dc1831a30ddf53594be7
018faafb3b52b972563aa02e45c9659a34f916fc
17669a0103740ccd5282aba8434752f26d936d4cd8a771bd8c8f8e63a4ee0171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17669A0103740CCD5282ABA8434752F26D936D4CD8A771BD8C8F8E63A4EE0171"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3603
Expires: Sun, 29 Jan 2023 17:14:32 GMT
Date: Sun, 29 Jan 2023 16:14:29 GMT
Connection: keep-alive
push.services.mozilla.com/
34.216.86.11101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.86.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yC2Ll6brDCEYqFTKsqhaJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3YNL/nYlBwGs+l2AAMdRO6laNag=
active-year.com/favicon.ico
88.85.69.213200 OK 19 kB URL HTTP/1.1 active-year.com/favicon.ico
IP 88.85.69.213:0
File type ASCII text, with very long lines (19321), with no line terminators
Hash b8511bc84d69b72d0194c29a3ce52968
9d7935e6aef48e623fdf1432d8847a83c44bf0ae
fbc556740a68a3c5b4dc61c37baa5c74fbb1c9fd4420811b625e557dee86fd53
GET /favicon.ico HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/l?v=_CwzkE9L
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:30 GMT
Content-Type: image/x-icon
Content-Length: 19321
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3930
Expires: Sun, 29 Jan 2023 17:20:01 GMT
Date: Sun, 29 Jan 2023 16:14:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3930
Expires: Sun, 29 Jan 2023 17:20:01 GMT
Date: Sun, 29 Jan 2023 16:14:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3930
Expires: Sun, 29 Jan 2023 17:20:01 GMT
Date: Sun, 29 Jan 2023 16:14:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6021d6a06bff2826eb341747e82484f7
a817ff1ba206234627706551820d0d9856b398de
f0ba6de8709fdb73e94dbdace635232c76b9d70dad73badaca0542d9ad49604d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11624
x-amzn-requestid: dff12902-8b83-4df1-a2c9-a2ee9565830f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIhnjEmpIAMFdlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce2fc-0216188a3154167648f7d976;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:17:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kxzVU1bNn09g_-73AY-mNvzhHo-dTyQinPkfPEqhDcKFfrTnbDpaZQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:15:07 GMT
age: 61164
etag: "a817ff1ba206234627706551820d0d9856b398de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:26:16 GMT
age: 38895
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:24:09 GMT
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
age: 39022
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
deliverytraffico.com/0b085559bbdffdb520aa77a4607ee9f9/
198.211.107.77302 Found 12 kB URL HTTP/2 deliverytraffico.com/0b085559bbdffdb520aa77a4607ee9f9/
IP 198.211.107.77:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /0b085559bbdffdb520aa77a4607ee9f9/ HTTP/1.1
Host: deliverytraffico.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 29 Jan 2023 16:14:30 GMT
content-type: text/html; charset=UTF-8
location: https://kofirusy.pro/buW.NvlwPx3-Nz0AYBXCR_1EcFzG1Hm-YJWKlLsM
access-control-allow-origin: https://active-year.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 81515
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 5a5a883e-d7d4-4fc5-925a-3a95830c504e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVguyG7BIAMFm8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d214c4-390b59a32060e41203533c58;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 05:51:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ewSsCY4u9DwRtaj00U9JCim9tYeCgHRuIQFpdHm4ttI6L02-e44iDQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:11:24 GMT
age: 61387
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
active-year.com/bdt
88.85.69.213200 OK 2 B IP 88.85.69.213:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /bdt HTTP/1.1
Host: active-year.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1470
Origin: https://active-year.com
Connection: keep-alive
Referer: https://active-year.com/l?v=_CwzkE9L
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:35 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
intrepidsock.pro/Y.m_RQ0RPS3Tp-vVbWmXVYJ_ZaDb0cydN-TfEg1hMiT_gk3lJmmnF-kpSqWrQs9_MuzvQw2xM-zzIA3BJCn_NEJFZGDH0-0JNKjLIM3_OOTPMQwRJ-nTNUJVZWD_IY9ZJanbN-JdZeDfMg9_JinjJkyla-WnQo9pNqT_ksxtOuWvV-hxZyjzZAk_MCWDZEkFN-WHII2JOKW_UM1NNO2PF-iRYSzTIU3_MWjXgY0ZN-mbIcydNeT_kgmhdiWj5-plcmUnJo5_VqHrlswtZ-Tv0wwxJyn_VAuBaCXDF-CFeGVHpIv_bKmLUM9NM-CPZQ1RbSm_lUxVQWnXl-GZZaWbVck_PeTfAgmhd-Wj5kplcmU_Jo5pRqmr9-ytbuWvFw0_PyTzAAmBc-HDQE9FMGC_ZIyJdKjL0-wNJOmPhQz_PSXTFUhVJ-mXxYwZaaT_0czdMejfU-yhJimjhkp_dmEnlokpP-WrFsjtYum_VwhxNyjzF-kBMCDDZEh_OGWHEIzJY-jLBMjNMOT_NQjRZSmTE-2VYWjXEY4_MaWbRcjdN-zfIg2h
188.72.219.36200 OK 0 B URL HTTP/2 intrepidsock.pro/Y.m_RQ0RPS3Tp-vVbWmXVYJ_ZaDb0cydN-TfEg1hMiT_gk3lJmmnF-kpSqWrQs9_MuzvQw2xM-zzIA3BJCn_NEJFZGDH0-0JNKjLIM3_OOTPMQwRJ-nTNUJVZWD_IY9ZJanbN-JdZeDfMg9_JinjJkyla-WnQo9pNqT_ksxtOuWvV-hxZyjzZAk_MCWDZEkFN-WHII2JOKW_UM1NNO2PF-iRYSzTIU3_MWjXgY0ZN-mbIcydNeT_kgmhdiWj5-plcmUnJo5_VqHrlswtZ-Tv0wwxJyn_VAuBaCXDF-CFeGVHpIv_bKmLUM9NM-CPZQ1RbSm_lUxVQWnXl-GZZaWbVck_PeTfAgmhd-Wj5kplcmU_Jo5pRqmr9-ytbuWvFw0_PyTzAAmBc-HDQE9FMGC_ZIyJdKjL0-wNJOmPhQz_PSXTFUhVJ-mXxYwZaaT_0czdMejfU-yhJimjhkp_dmEnlokpP-WrFsjtYum_VwhxNyjzF-kBMCDDZEh_OGWHEIzJY-jLBMjNMOT_NQjRZSmTE-2VYWjXEY4_MaWbRcjdN-zfIg2h
IP 188.72.219.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /Y.m_RQ0RPS3Tp-vVbWmXVYJ_ZaDb0cydN-TfEg1hMiT_gk3lJmmnF-kpSqWrQs9_MuzvQw2xM-zzIA3BJCn_NEJFZGDH0-0JNKjLIM3_OOTPMQwRJ-nTNUJVZWD_IY9ZJanbN-JdZeDfMg9_JinjJkyla-WnQo9pNqT_ksxtOuWvV-hxZyjzZAk_MCWDZEkFN-WHII2JOKW_UM1NNO2PF-iRYSzTIU3_MWjXgY0ZN-mbIcydNeT_kgmhdiWj5-plcmUnJo5_VqHrlswtZ-Tv0wwxJyn_VAuBaCXDF-CFeGVHpIv_bKmLUM9NM-CPZQ1RbSm_lUxVQWnXl-GZZaWbVck_PeTfAgmhd-Wj5kplcmU_Jo5pRqmr9-ytbuWvFw0_PyTzAAmBc-HDQE9FMGC_ZIyJdKjL0-wNJOmPhQz_PSXTFUhVJ-mXxYwZaaT_0czdMejfU-yhJimjhkp_dmEnlokpP-WrFsjtYum_VwhxNyjzF-kBMCDDZEh_OGWHEIzJY-jLBMjNMOT_NQjRZSmTE-2VYWjXEY4_MaWbRcjdN-zfIg2h HTTP/1.1
Host: intrepidsock.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 861
Origin: https://active-year.com
Connection: keep-alive
Referer: https://active-year.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 16:14:35 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-credentials: true
vary: Origin
last-modified: Sun, 29 Jan 2023 16:14:35 GMT
access-control-allow-origin: https://active-year.com
p3p: CP="CUR ADM OUR NOR STA NID"
x-content-type-options: nosniff
X-Firefox-Spdy: h2
intrepidsock.pro/aMG_EO/Pe.mQ9Ru-ZTUUlVkWP_TYIZ1aMbT-UdxeOfDgc_miYjWkRlJ-ZnDo0pzqN_DsYtzuMvj-cxmycz0Al_kCPDTEQF2-MHjIcJ5KM_zMANmOcP0-lRkSMTjU0_mWcX0YlZk-Mbzc0dmec_ngJhpiZjD-0l1mOnToE_5qZrWsFtm-NvmwQxxyZ_mAQB1CYDj-YF5GZHTIU_3KYLWMJNj-MPjQcRySO_DUQV2WYXj-IZ1aObScZ_1ebfmglhx-QjnkllUme_XoBplqPrT-AtmudvWw5_pyczUAJB5-WDmE9FuGZ_TI0JwKJLn-VNuOaPXQF_CSeTUUZVl-ZXWYQZ9aM_CcZd1ebfm-lhxiQjnkl_Gmbn3oJpt-YrXsQt9uM_CwZxwydzD-0BwCJDnEJ_2GPHTIAJm-aLHMMN9Oc_WQERmSbTH-BVpWPXTYM_yaNbTcIdm-afGglh0iS_WkQl9mYnW-NpiqZrWsE_2uMvWwQxw-NzmAEB5CY_TENFiGMHG-MJxKML2MN_mOYPTQZRi-MTTUgVxWZ_GYMZ3aMbj-Yd
188.72.219.36200 OK 0 B URL HTTP/2 intrepidsock.pro/aMG_EO/Pe.mQ9Ru-ZTUUlVkWP_TYIZ1aMbT-UdxeOfDgc_miYjWkRlJ-ZnDo0pzqN_DsYtzuMvj-cxmycz0Al_kCPDTEQF2-MHjIcJ5KM_zMANmOcP0-lRkSMTjU0_mWcX0YlZk-Mbzc0dmec_ngJhpiZjD-0l1mOnToE_5qZrWsFtm-NvmwQxxyZ_mAQB1CYDj-YF5GZHTIU_3KYLWMJNj-MPjQcRySO_DUQV2WYXj-IZ1aObScZ_1ebfmglhx-QjnkllUme_XoBplqPrT-AtmudvWw5_pyczUAJB5-WDmE9FuGZ_TI0JwKJLn-VNuOaPXQF_CSeTUUZVl-ZXWYQZ9aM_CcZd1ebfm-lhxiQjnkl_Gmbn3oJpt-YrXsQt9uM_CwZxwydzD-0BwCJDnEJ_2GPHTIAJm-aLHMMN9Oc_WQERmSbTH-BVpWPXTYM_yaNbTcIdm-afGglh0iS_WkQl9mYnW-NpiqZrWsE_2uMvWwQxw-NzmAEB5CY_TENFiGMHG-MJxKML2MN_mOYPTQZRi-MTTUgVxWZ_GYMZ3aMbj-Yd
IP 188.72.219.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /aMG_EO/Pe.mQ9Ru-ZTUUlVkWP_TYIZ1aMbT-UdxeOfDgc_miYjWkRlJ-ZnDo0pzqN_DsYtzuMvj-cxmycz0Al_kCPDTEQF2-MHjIcJ5KM_zMANmOcP0-lRkSMTjU0_mWcX0YlZk-Mbzc0dmec_ngJhpiZjD-0l1mOnToE_5qZrWsFtm-NvmwQxxyZ_mAQB1CYDj-YF5GZHTIU_3KYLWMJNj-MPjQcRySO_DUQV2WYXj-IZ1aObScZ_1ebfmglhx-QjnkllUme_XoBplqPrT-AtmudvWw5_pyczUAJB5-WDmE9FuGZ_TI0JwKJLn-VNuOaPXQF_CSeTUUZVl-ZXWYQZ9aM_CcZd1ebfm-lhxiQjnkl_Gmbn3oJpt-YrXsQt9uM_CwZxwydzD-0BwCJDnEJ_2GPHTIAJm-aLHMMN9Oc_WQERmSbTH-BVpWPXTYM_yaNbTcIdm-afGglh0iS_WkQl9mYnW-NpiqZrWsE_2uMvWwQxw-NzmAEB5CY_TENFiGMHG-MJxKML2MN_mOYPTQZRi-MTTUgVxWZ_GYMZ3aMbj-Yd HTTP/1.1
Host: intrepidsock.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3048
Origin: https://active-year.com
Connection: keep-alive
Referer: https://active-year.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 16:14:35 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-origin: https://active-year.com
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-credentials: true
vary: Origin
last-modified: Sun, 29 Jan 2023 16:14:35 GMT
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6326
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 16:14:35 GMT
Last-Modified: Sun, 29 Jan 2023 14:29:09 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
www.amazon.com/favicon.ico
54.230.217.196200 OK 2.5 kB URL HTTP/2 www.amazon.com/favicon.ico
IP 54.230.217.196:0
File type MS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash dd0f22c6687a4565d8fde536579b3de2
7883b263e10adc8ad5d6a8ebd4f1a85192260726
83e8be472d761136375ca866e882b34355e67d6f0236cb4a31897c745ad019fd
GET /favicon.ico HTTP/1.1
Host: www.amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/x-icon
content-length: 2488
server: Server
x-amz-rid: BBZA31FR07NGW0A90JFK
accept-ranges: bytes
content-encoding: gzip
last-modified: Tue, 21 Sep 2010 17:37:41 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
x-frame-options: SAMEORIGIN
date: Sun, 29 Jan 2023 16:14:09 GMT
etag: "4486-490c87c5a6340-gzip"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K8MVNRFyg09Wm3ANgAqub13TUqMcddAKvyHdAaxtmTMv-PF_giVdtw==
age: 28
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/yD/r/d4ZIVX-5C-b.ico
157.240.205.11200 OK 5.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/yD/r/d4ZIVX-5C-b.ico
IP 157.240.205.11:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash de76b0c210c815ef282d5b59de8a0567
023038e2dfd649047be4fbba79c78dd80bc4cd90
c636a92a12eb33629e6dcadc67e49651ac54e8f3b18a03c805668505f05c885a
GET /rsrc.php/yD/r/d4ZIVX-5C-b.ico HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/x-icon
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 3nawwhDIFe8oLVtZ3ooFZw==
expires: Thu, 18 Jan 2024 03:50:22 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: 0NuWGl7H8puzXhaUn12qrmgDyXAjg0cZVd1kRB/QO0Kw0YAacwem1qXnSFOBlOqqtSQRBFQjJqGq0Qs/vrHBdQ==
content-length: 5430
x-fb-trip-id: 1679558926
date: Sun, 29 Jan 2023 16:14:35 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 631ea0b9b4e3085e98b5c5498a4c9047
ec9f6e457fdd72390b9843f217821dff325c80f8
27c2771693d65c03977ca230c70271d4105cac00b7cf855d968473c6a9eec39f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 16:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 631ea0b9b4e3085e98b5c5498a4c9047
ec9f6e457fdd72390b9843f217821dff325c80f8
27c2771693d65c03977ca230c70271d4105cac00b7cf855d968473c6a9eec39f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 16:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 631ea0b9b4e3085e98b5c5498a4c9047
ec9f6e457fdd72390b9843f217821dff325c80f8
27c2771693d65c03977ca230c70271d4105cac00b7cf855d968473c6a9eec39f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 16:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 16:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/favicon.ico
142.250.74.164200 OK 1.5 kB URL HTTP/2 www.google.com/favicon.ico
IP 142.250.74.164:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 3c7dcf00b5ddece397782818b2cf9d74
fbf7d59857a3ca4d6c94f0819b58a191d76e7db2
08d60d0844bc4457bc7badb32545ad3a3d037d941c8d5f7d0de6aad1517b15a5
GET /favicon.ico HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1494
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 18:25:44 GMT
expires: Sun, 05 Feb 2023 18:25:44 GMT
cache-control: public, max-age=691200
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
content-type: image/x-icon
age: 78531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6326
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 16:14:35 GMT
Last-Modified: Sun, 29 Jan 2023 14:29:09 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsrsaovsslca2018
151.101.130.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.130.133:0
Hash f22c3f4e06001caa5c657d36bc81fa73
7e96422c2de36540ef1668ce35ff801aed710869
e93e147381baca2450b38c05e0f7e8baca526c3056a8f3c327753e58acf0cd0a
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 02 Feb 2023 16:05:46 GMT
ETag: "7e96422c2de36540ef1668ce35ff801aed710869"
Last-Modified: Sun, 29 Jan 2023 16:05:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 29 Jan 2023 16:14:35 GMT
Age: 528
X-Served-By: cache-qpg1272-QPG, cache-bma1659-BMA
X-Cache: MISS, HIT
X-Cache-Hits: 0, 8
X-Timer: S1675008876.935471,VS0,VE0
accounts.google.com/ServiceLogin?service=blogger&hl=de&passive=1209600&continue=https://www.blogger.com/favicon.ico
216.58.211.13302 Found 390 B URL HTTP/2 accounts.google.com/ServiceLogin?service=blogger&hl=de&passive=1209600&continue=https://www.blogger.com/favicon.ico
IP 216.58.211.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (375)
Hash be3eb7de6724d780397ddf936693e31d
29b7d5aadd38fa62bea97ce84bc35b54d4cc2b95
fdcc681eb603ec4a2c433d1cb9d87c9898e168cc04bb95ef94bf3da649294847
GET /ServiceLogin?service=blogger&hl=de&passive=1209600&continue=https://www.blogger.com/favicon.ico HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 16:14:35 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1091391527%3A1675008875936496&continue=https%3A%2F%2Fwww.blogger.com%2Ffavicon.ico&hl=de&passive=1209600&service=blogger&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdQjVLE243XKkZIUDsa7FA5QLWs4DuhO0K1cBm8j2eGCSglZH4X1UwTNU91kX1rXV-lWwv4tw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-ogCIzuZF4eIu9rInZjk_2w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 390
server: GSE
set-cookie: __Host-GAPS=1:VROvwNATbLL2c8cSBlicdHIdaGlEdw:YEkpXYla4nQKHsDm;Path=/;Expires=Tue, 28-Jan-2025 16:14:35 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 16:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
deliverytraffico.com/37a21b48e24ed1184aa8b073cbd7f7f6/?rid=LNTqxO2Ph3UO16zqImujIlFVR9fZtITP&host=landings-eu01.sdkl.info
198.211.107.77200 OK 428 B URL HTTP/2 deliverytraffico.com/37a21b48e24ed1184aa8b073cbd7f7f6/?rid=LNTqxO2Ph3UO16zqImujIlFVR9fZtITP&host=landings-eu01.sdkl.info
IP 198.211.107.77:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash 08e7185c84e74d42125e1d7e9efec19e
e77206161a4d916674dc633eb7f6b954279fc03c
81f2a1ebca1dda589a694549f814210eb1afff57bb924858f88ab0b13cef3ca6
GET /37a21b48e24ed1184aa8b073cbd7f7f6/?rid=LNTqxO2Ph3UO16zqImujIlFVR9fZtITP&host=landings-eu01.sdkl.info HTTP/1.1
Host: deliverytraffico.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 16:14:30 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 16:14:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.211.13302 Found 398 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.211.13:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash 0a5e6b317692821cda207b90fa403a4e
b5db80a03cfb9d1c545f8fb2c5a01f0170298934
17951ff1bc124bfbe06e85d9da3834746556dfa1dca6ce1bfcc525d4f7637b30
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 16:14:35 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1391672171%3A1675008875992934&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHep1WtJoeerHyk9mAJVRcx6eKpWx6gBksODDqAQqTcCPCJvAHyjLDvxA8JDjYtU8_W65Qxgeg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-zRu-FRNoSd8c-oN8a9FjyA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 398
server: GSE
set-cookie: __Host-GAPS=1:icO6NZLmZe1v3a7cY2g3BZs9KSgnSA:6VX0mSTTpiu0kTHY;Path=/;Expires=Tue, 28-Jan-2025 16:14:35 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mail.yandex.ru/?retpath=https://mail.yandex.ru/favicon.ico?666
77.88.21.37200 OK 19 kB URL HTTP/1.1 mail.yandex.ru/?retpath=https://mail.yandex.ru/favicon.ico?666
IP 77.88.21.37:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12342)
Hash 409d345e8ec762c6d047833127c4d822
6f715d1e59b9797fbdd6a489c44609a52dcf0531
c74e6a034d6f4a36dbd1d00cea5489f4bee9c20e50c02bde71102bcaba6e6c4c
GET /?retpath=https://mail.yandex.ru/favicon.ico?666 HTTP/1.1
Host: mail.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 16:14:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0, must-revalidate, proxy-revalidate, no-cache, no-store, private
Content-Security-Policy: default-src 'none'; script-src yastatic.net 'unsafe-eval' 'nonce-/Jr4GQbcryA2Df9JG5Pamw==' 'self' 'unsafe-inline' mc.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.ru mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz mc.webvisor.com mc.webvisor.org mc.admetrica.ru yastatic.net; style-src yastatic.net 'unsafe-inline' 'self'; font-src yastatic.net; img-src yastatic.net 'self' data: blob: mc.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.ru mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz mc.webvisor.com mc.webvisor.org mc.admetrica.ru yastatic.net downloader.disk.yandex.ru downloader.disk.yandex.net yandex.ru favicon.yandex.net avatars.mds.yandex.net *.storage.yandex.net *.disk.yandex.net; connect-src yandex.ru mc.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.ru mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz mc.webvisor.com mc.webvisor.org mc.admetrica.ru yandexmetrica.com:* 'self' api.passport.yandex.ru mail.yandex.ru; frame-src yastatic.net 'self' blob: mc.yandex.ru trust.yandex.ru; child-src 'self' blob: mc.yandex.ru; base-uri 'self'; frame-ancestors 'self' https://*.webvisor.com https://metrika.yandex.com https://metrika.yandex.ru; report-uri https://csp.yandex.net/csp?from=tuning&project=tuning&yandex_login=&yandexuid=829352771675008875;
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Set-Cookie: yandexuid=7123693581675008875; Domain=.yandex.ru; Path=/; Expires=Sat, 29 Jan 2033 16:14:35 GMT
yandexuid=829352771675008875; Domain=.yandex.ru; Path=/; Expires=Sat, 29 Jan 2033 16:14:35 GMT
_yasc=rUJjWIxIgRd6oxAzN2Pi8GHZQHk1sP35l4qesQoxSKEcTIeAa/2bySfewAg=; domain=.yandex.ru; path=/; expires=Wed, 26-Jan-2033 16:14:35 GMT; secure
i=3064dN3KGuMqXC3eIBUETleKobFGWwF6+HNezPMr3tiHfxAeZ1yft8G2Gyw+Ox56dgfkRZvhub/1a43n8Y+GGB81YCA=; Expires=Tue, 28-Jan-2025 16:14:35 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding, Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Response-With: YMail
Content-Encoding: gzip
intrepidsock.pro/aMG_EO/Pe.mQ9Ru-ZTUUlVkWP_TYIZ1aMbT-UdxeOfDgc_miYjWkRlJ-ZnDo0pzqN_DsYtzuMvj-cxmycz0Al_kCPDTEQF2-MHjIcJ5KM_zMANmOcP0-lRkSMTjU0_mWcX0YlZk-Mbzc0dmec_ngJhpiZjD-0l1mOnToE_5qZrWsFtm-NvmwQxxyZ_mAQB1CYDj-YF5GZHTIU_3KYLWMJNj-MPjQcRySO_DUQV2WYXj-IZ1aObScZ_1ebfmglhx-QjnkllUme_XoBplqPrT-AtmudvWw5_pyczUAJB5-WDmE9FuGZ_TI0JwKJLn-VNuOaPXQF_CSeTUUZVl-ZXWYQZ9aM_CcZd1ebfm-lhxiQjnkl_Gmbn3oJpt-YrXsQt9uM_CwZxwydzD-0BwCJDnEJ_2GPHTIAJm-aLHMMN9Oc_WQERmSbTH-BVpWPXTYM_yaNbTcIdm-afGglh0iS_WkQl9mYnW-NpiqZrWsE_2uMvWwQxw-NzmAEB5CY_TENFiGMHG-MJxKML2MN_mOYPTQZRi-MTTUgVxWZ_GYMZ3aMbj-Yd
188.72.219.36200 OK 0 B URL HTTP/2 intrepidsock.pro/aMG_EO/Pe.mQ9Ru-ZTUUlVkWP_TYIZ1aMbT-UdxeOfDgc_miYjWkRlJ-ZnDo0pzqN_DsYtzuMvj-cxmycz0Al_kCPDTEQF2-MHjIcJ5KM_zMANmOcP0-lRkSMTjU0_mWcX0YlZk-Mbzc0dmec_ngJhpiZjD-0l1mOnToE_5qZrWsFtm-NvmwQxxyZ_mAQB1CYDj-YF5GZHTIU_3KYLWMJNj-MPjQcRySO_DUQV2WYXj-IZ1aObScZ_1ebfmglhx-QjnkllUme_XoBplqPrT-AtmudvWw5_pyczUAJB5-WDmE9FuGZ_TI0JwKJLn-VNuOaPXQF_CSeTUUZVl-ZXWYQZ9aM_CcZd1ebfm-lhxiQjnkl_Gmbn3oJpt-YrXsQt9uM_CwZxwydzD-0BwCJDnEJ_2GPHTIAJm-aLHMMN9Oc_WQERmSbTH-BVpWPXTYM_yaNbTcIdm-afGglh0iS_WkQl9mYnW-NpiqZrWsE_2uMvWwQxw-NzmAEB5CY_TENFiGMHG-MJxKML2MN_mOYPTQZRi-MTTUgVxWZ_GYMZ3aMbj-Yd
IP 188.72.219.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /aMG_EO/Pe.mQ9Ru-ZTUUlVkWP_TYIZ1aMbT-UdxeOfDgc_miYjWkRlJ-ZnDo0pzqN_DsYtzuMvj-cxmycz0Al_kCPDTEQF2-MHjIcJ5KM_zMANmOcP0-lRkSMTjU0_mWcX0YlZk-Mbzc0dmec_ngJhpiZjD-0l1mOnToE_5qZrWsFtm-NvmwQxxyZ_mAQB1CYDj-YF5GZHTIU_3KYLWMJNj-MPjQcRySO_DUQV2WYXj-IZ1aObScZ_1ebfmglhx-QjnkllUme_XoBplqPrT-AtmudvWw5_pyczUAJB5-WDmE9FuGZ_TI0JwKJLn-VNuOaPXQF_CSeTUUZVl-ZXWYQZ9aM_CcZd1ebfm-lhxiQjnkl_Gmbn3oJpt-YrXsQt9uM_CwZxwydzD-0BwCJDnEJ_2GPHTIAJm-aLHMMN9Oc_WQERmSbTH-BVpWPXTYM_yaNbTcIdm-afGglh0iS_WkQl9mYnW-NpiqZrWsE_2uMvWwQxw-NzmAEB5CY_TENFiGMHG-MJxKML2MN_mOYPTQZRi-MTTUgVxWZ_GYMZ3aMbj-Yd HTTP/1.1
Host: intrepidsock.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 243
Origin: https://active-year.com
Connection: keep-alive
Referer: https://active-year.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 16:14:36 GMT
content-length: 0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
vary: Origin
last-modified: Sun, 29 Jan 2023 16:14:36 GMT
access-control-allow-origin: https://active-year.com
p3p: CP="CUR ADM OUR NOR STA NID"
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 103 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
Size 103 kB (102991 bytes)
Hash a35bd5990ec53c451293c007c247d42c
85fc4a767d5378d2c0769dc4cff545b491abfd40
7a380a4ec121ec03d7e2034cd9c1c62b71ad804cfadc20b565727213fd9b999b
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: ITEGJrA5DbZlBpFECS+etK2PBDowOOVZn3dH767+f2gVsdJW2lSOyurw0iDUdL9njhGRqF5IGFWXIYtH872mOw==
date: Sun, 29 Jan 2023 16:14:35 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
passport.baidu.com//v2/?login&redirect_to=https://www.baidu.com/favicon.ico
103.235.46.250301 Moved Permanently 184 B URL HTTP/1.1 passport.baidu.com//v2/?login&redirect_to=https://www.baidu.com/favicon.ico
IP 103.235.46.250:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 2b7e31ced8db56cadcc7127bfabe57c1
5b4be340df4fe663cafd5cada2945c743e711f36
66448fc8a8e49044e7619323442c4e74392249928f5f5ef0853e62b9ffe9fb82
GET //v2/?login&redirect_to=https://www.baidu.com/favicon.ico HTTP/1.1
Host: passport.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 184
Content-Type: text/html
Date: Sun, 29 Jan 2023 16:14:37 GMT
Location: https://passport.baidu.com/v2/?login&fr=old&login&redirect_to=https://www.baidu.com/favicon.ico
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: BWS
Set-Cookie: BAIDUID=665BD7FE200DC70E4067332378AFD2D1:FG=1; expires=Mon, 29-Jan-24 16:14:37 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Strict-Transport-Security: max-age=31536000
Tracecode: 42460516032656087306013000
www.baidu.com/favicon.ico
104.193.88.77200 OK 2.0 kB URL HTTP/1.1 www.baidu.com/favicon.ico
IP 104.193.88.77:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash ede797c9ba89012d95422fb103e95677
e535b448c68310487c440b79eb23bf0d8e984ee8
9e2e5b3830706fa5afb5f1fa5aff6a07e2370a05acc4a0d19c204bdfa5d18b9d
GET /favicon.ico HTTP/1.1
Host: www.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 1966
Content-Type: image/x-icon
Date: Sun, 29 Jan 2023 16:14:37 GMT
Etag: "423e-5bd257db4e500"
Last-Modified: Wed, 10 Mar 2021 02:33:24 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: Apache
Set-Cookie: BAIDUID=C4832AACF3F0CD0A728C8610EF0404B1:FG=1; expires=Mon, 29-Jan-24 16:14:37 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Vary: Accept-Encoding,User-Agent
passport.baidu.com/v2/?login&fr=old&login&redirect_to=https://www.baidu.com/favicon.ico
103.235.46.250200 OK 6.3 kB URL HTTP/1.1 passport.baidu.com/v2/?login&fr=old&login&redirect_to=https://www.baidu.com/favicon.ico
IP 103.235.46.250:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1336)
Hash b391eeda46a7c7eaea787edde6af64bd
a21a89b5a3d253b1ed7bf59a3108d70dc2c89d52
b8d3b3f2d2e322237bc63c41c5de8ccdda4e7c62580fe37f5b6bc5c301b2da04
GET /v2/?login&fr=old&login&redirect_to=https://www.baidu.com/favicon.ico HTTP/1.1
Host: passport.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Trace-ID
Connection: keep-alive
Content-Security-Policy-Report-Only: object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' wappass.baidu.com:* passport.baidu.com:* wappass.bdimg.com:* passport.bdimg.com:* ppui-static-wap.cdn.bcebos.com:* ppui-static-pc.cdn.bcebos.com:* hm.baidu.com:* fe.bdimg.com:* msg.baidu.com:* pdc.baidu.com:* img.baidu.com:* openapi.baidu.com:* res.wx.qq.com:* qqq.gtimg.cn:* s.bdstatic.com:* ufosdk.baidu.com:* qapm.baidu.com:* libs.baidu.com:* ext.baidu.com:* apps.baidu.com:* s3.pstatp.com:* tb2.bdstatic.com:* b.bdstatic.com:* msg.baidu.com:* www.baidu.com:* po.srf.baidu.com:* pan.baidu.com:* play.baidu.com:* tb1.bdstatic.com:* dup.baidustatic.com:* static.tieba.baidu.com:* gss2.bdstatic.com:* blob: baiduboxapp: bootupbaiduhd: sofire.bdstatic.com:* id6.me:* opencloud.wostore.cn:* nisbj2.10010.com:* nisbj3.10010.com:* verify.cmpassport.com:* www.cmpassport.com:* nisbj1.10010.com:* mbd.baidu.com:* dlswbr.baidu.com:* ; report-uri https://report-uri.baidu.com/report?app=passport;
Content-Type: text/html
Date: Sun, 29 Jan 2023 16:14:37 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Referrer-Policy: no-referrer-when-downgrade, strict-origin-when-cross-origin
Server: BWS
Set-Cookie: BAIDUID=665BD7FE200DC70E1DC3209C88B0B020:FG=1; expires=Mon, 29-Jan-24 16:14:37 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Strict-Transport-Security: max-age=31536000
Trace-Id: 4F236C01
Tracecode: 23821842170245149962013000
Vary: Accept-Encoding
Transfer-Encoding: chunked
intrepidsock.pro/Y.m_RQ0RPS3Tp-vVbWmXVYJ_ZaDb0cydN-TfEg1hMiT_gk3lJmmnF-kpSqWrQs9_MuzvQw2xM-zzIA3BJCn_NEJFZGDH0-0JNKjLIM3_OOTPMQwRJ-nTNUJVZWD_IY9ZJanbN-JdZeDfMg9_JinjJkyla-WnQo9pNqT_ksxtOuWvV-hxZyjzZAk_MCWDZEkFN-WHII2JOKW_UM1NNO2PF-iRYSzTIU3_MWjXgY0ZN-mbIcydNeT_kgmhdiWj5-plcmUnJo5_VqHrlswtZ-Tv0wwxJyn_VAuBaCXDF-CFeGVHpIv_bKmLUM9NM-CPZQ1RbSm_lUxVQWnXl-GZZaWbVck_PeTfAgmhd-Wj5kplcmU_Jo5pRqmr9-ytbuWvFw0_PyTzAAmBc-HDQE9FMGC_ZIyJdKjL0-wNJOmPhQz_PSXTFUhVJ-mXxYwZaaT_0czdMejfU-yhJimjhkp_dmEnlokpP-WrFsjtYum_VwhxNyjzF-kBMCDDZEh_OGWHEIzJY-jLBMjNMOT_NQjRZSmTE-2VYWjXEY4_MaWbRcjdN-zfIg2h
188.72.219.36200 OK 0 B URL HTTP/2 intrepidsock.pro/Y.m_RQ0RPS3Tp-vVbWmXVYJ_ZaDb0cydN-TfEg1hMiT_gk3lJmmnF-kpSqWrQs9_MuzvQw2xM-zzIA3BJCn_NEJFZGDH0-0JNKjLIM3_OOTPMQwRJ-nTNUJVZWD_IY9ZJanbN-JdZeDfMg9_JinjJkyla-WnQo9pNqT_ksxtOuWvV-hxZyjzZAk_MCWDZEkFN-WHII2JOKW_UM1NNO2PF-iRYSzTIU3_MWjXgY0ZN-mbIcydNeT_kgmhdiWj5-plcmUnJo5_VqHrlswtZ-Tv0wwxJyn_VAuBaCXDF-CFeGVHpIv_bKmLUM9NM-CPZQ1RbSm_lUxVQWnXl-GZZaWbVck_PeTfAgmhd-Wj5kplcmU_Jo5pRqmr9-ytbuWvFw0_PyTzAAmBc-HDQE9FMGC_ZIyJdKjL0-wNJOmPhQz_PSXTFUhVJ-mXxYwZaaT_0czdMejfU-yhJimjhkp_dmEnlokpP-WrFsjtYum_VwhxNyjzF-kBMCDDZEh_OGWHEIzJY-jLBMjNMOT_NQjRZSmTE-2VYWjXEY4_MaWbRcjdN-zfIg2h
IP 188.72.219.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /Y.m_RQ0RPS3Tp-vVbWmXVYJ_ZaDb0cydN-TfEg1hMiT_gk3lJmmnF-kpSqWrQs9_MuzvQw2xM-zzIA3BJCn_NEJFZGDH0-0JNKjLIM3_OOTPMQwRJ-nTNUJVZWD_IY9ZJanbN-JdZeDfMg9_JinjJkyla-WnQo9pNqT_ksxtOuWvV-hxZyjzZAk_MCWDZEkFN-WHII2JOKW_UM1NNO2PF-iRYSzTIU3_MWjXgY0ZN-mbIcydNeT_kgmhdiWj5-plcmUnJo5_VqHrlswtZ-Tv0wwxJyn_VAuBaCXDF-CFeGVHpIv_bKmLUM9NM-CPZQ1RbSm_lUxVQWnXl-GZZaWbVck_PeTfAgmhd-Wj5kplcmU_Jo5pRqmr9-ytbuWvFw0_PyTzAAmBc-HDQE9FMGC_ZIyJdKjL0-wNJOmPhQz_PSXTFUhVJ-mXxYwZaaT_0czdMejfU-yhJimjhkp_dmEnlokpP-WrFsjtYum_VwhxNyjzF-kBMCDDZEh_OGWHEIzJY-jLBMjNMOT_NQjRZSmTE-2VYWjXEY4_MaWbRcjdN-zfIg2h HTTP/1.1
Host: intrepidsock.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 86
Origin: https://active-year.com
Connection: keep-alive
Referer: https://active-year.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 16:14:38 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-credentials: true
vary: Origin
last-modified: Sun, 29 Jan 2023 16:14:38 GMT
access-control-allow-origin: https://active-year.com
x-content-type-options: nosniff
X-Firefox-Spdy: h2
majorcharacter.com/bS3TV-0.PV3WJXyYa_WaQb9cNdT-kfxgOhWiV_hkZljmZnk-MpWqZrksN_WuIv2wOxW-Uz1ANB2CF_iEYFzGIH3-MJjKgL0MN_mOIPyQNRT-kTmUcVnWN_yYYZza1bv-ddXeQfmgc_0iljkkPlT-Qn2oMpjqc_5sMtzuAvm-dxHyZzyAP_TCADmEeFm-9HuIZJUKl_kMPNTOIP1-MRTSUTxUO_DWcX
88.85.94.246200 OK 0 B URL HTTP/2 majorcharacter.com/bS3TV-0.PV3WJXyYa_WaQb9cNdT-kfxgOhWiV_hkZljmZnk-MpWqZrksN_WuIv2wOxW-Uz1ANB2CF_iEYFzGIH3-MJjKgL0MN_mOIPyQNRT-kTmUcVnWN_yYYZza1bv-ddXeQfmgc_0iljkkPlT-Qn2oMpjqc_5sMtzuAvm-dxHyZzyAP_TCADmEeFm-9HuIZJUKl_kMPNTOIP1-MRTSUTxUO_DWcX
IP 88.85.94.246:0
GET /bS3TV-0.PV3WJXyYa_WaQb9cNdT-kfxgOhWiV_hkZljmZnk-MpWqZrksN_WuIv2wOxW-Uz1ANB2CF_iEYFzGIH3-MJjKgL0MN_mOIPyQNRT-kTmUcVnWN_yYYZza1bv-ddXeQfmgc_0iljkkPlT-Qn2oMpjqc_5sMtzuAvm-dxHyZzyAP_TCADmEeFm-9HuIZJUKl_kMPNTOIP1-MRTSUTxUO_DWcX HTTP/1.1
Host: majorcharacter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 16:14:29 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-frame-options: DENY
referrer-policy: no-referrer
p3p: CP="CUR ADM OUR NOR STA NID"
last-modified: Sun, 29 Jan 2023 16:14:29 GMT
set-cookie: kadCCap=220790:1:1668460505;194136:1:1675008656;223642:1:1674763884;199455:1:1668245056;219652:1:1669330335;212269:1:1674802939;219484:1:1667715065;101716:1:1672946010;218665:1:1673777741;215297:1:1674141027;184246:1:1673859446;222775:1:1674305361;218693:1:1669515516;132751:1:1674904546;223255:1:1670393482;221352:1:1670163762;79610:1:1674135009;222513:1:1671568408;171526:1:1673628579;219047:1:1667194435;223454:1:1674804841;222555:1:1671433227;222582:1:1674318856;221398:1:1674769535;220335:1:1670435916; max-age=1706544869; path=/
kadACap=419323:1:1674028005;446013:1:1668228435;453839:1:1674268920;410256:1:1674039938;424443:1:1674359547;401659:1:1674332133;469907:1:1674927295;458045:1:1670528140;446716:1:1674258987;444785:1:1671894608;419295:1:1674030439;417177:1:1674123312;445735:1:1669286676;424445:1:1674948688;446531:1:1669270846;389299:1:1673726804;446720:1:1673953397;424441:1:1674948590;444748:1:1669841678;465201:1:1674236409;407100:1:1668246232;419293:1:1671780919;419321:1:1674357365;458041:1:1670526590;398832:1:1672025828;456883:1:1671781891;451139:1:1673951585;445506:1:1669286676;453850:1:1671627132;450649:1:1674026353;346329:1:1670226206;419301:1:1674188761;471728:1:1674871019;406293:1:1673859446;410252:1:1674308810;410254:1:1674926948;446714:1:1674043083;446498:1:1671420411;460384:1:1674927276;449523:1:1670210030;419299:1:1674258213;404163:1:1673226439;445081:1:1671894608;419303:1:1674299014;446718:1:1674353140;272913:1:1674460051;451147:1:1674036929;445788:1:1669918420;346327:1:1675008869;383700:1:1674900815;451724:1:1669565807;470673:1:1674289452;462327:1:1673736144;419291:1:1674985351;419297:1:1674242325;442019:1:1674878512;320498:1:1674924381;445499:1:1670164226;460522:1:1674470567;458498:1:1672536671;462319:1:1674949690;441369:1:1671297690;468607:1:1674893352;190964:1:1674135009;453831:1:1674872001;454815:1:1673736038; max-age=1706544869; path=/
kadCSCap=194136:1:1675008656; path=/
kadASCap=424441:1:1674948590;410254:1:1674926948;424445:1:1674948688;419291:1:1674985351;469907:1:1674927295;320498:1:1674924381;460384:1:1674927276;462319:1:1674949690;346327:1:1675008869; path=/
kadRPixJ=bnVsbA==; max-age=1706544869; path=/
kadUnP3=CAYQlurYngYaDQiJ25kCEAEYkLXangYaDQirgJoCEAMYlurYngYaDQjzwZkBEAEY5bbangYaDQj3lP4BEAwYtfbWngYaDQj2iP8BEAIYkKPXngYaDQi4vf8BEAEYuujWngYaDQi0yZYCEAIYrLnVngYiCggDEAYYlurYngYqDAilvigQARiQtdqeBioMCMjCKBADGJbq2J4GKgwIjL0SEAEY5bbangYqDAibuCQQARi66NaeBioMCLiOJRAOGLX21p4GKgwIq4soEAIYrLnVngY=; max-age=1706544869; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
www.hcaptcha.com/1/api.js?v=1673605188672910848
104.16.168.131200 OK 0 B URL HTTP/2 www.hcaptcha.com/1/api.js?v=1673605188672910848
IP 104.16.168.131:0
GET /1/api.js?v=1673605188672910848 HTTP/1.1
Host: www.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://active-year.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 16:14:29 GMT
content-type: application/javascript
cf-ray: 791342dabad91bfe-OSL
age: 0
cache-control: max-age=120
etag: W/"6f882143f7e3a0802a1c7633f8b11933"
last-modified: Tue, 27 Dec 2022 13:52:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: sc-LwOM9vdm0y9yoxsZOvGnlVnL8YRspsJQXQpqO_qSUFHK16WO4Tw==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1091391527%3A1675008875936496&continue=https%3A%2F%2Fwww.blogger.com%2Ffavicon.ico&hl=de&passive=1209600&service=blogger&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdQjVLE243XKkZIUDsa7FA5QLWs4DuhO0K1cBm8j2eGCSglZH4X1UwTNU91kX1rXV-lWwv4tw
216.58.211.13403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1091391527%3A1675008875936496&continue=https%3A%2F%2Fwww.blogger.com%2Ffavicon.ico&hl=de&passive=1209600&service=blogger&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdQjVLE243XKkZIUDsa7FA5QLWs4DuhO0K1cBm8j2eGCSglZH4X1UwTNU91kX1rXV-lWwv4tw
IP 216.58.211.13:0
GET /v3/signin/identifier?dsh=S1091391527%3A1675008875936496&continue=https%3A%2F%2Fwww.blogger.com%2Ffavicon.ico&hl=de&passive=1209600&service=blogger&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdQjVLE243XKkZIUDsa7FA5QLWs4DuhO0K1cBm8j2eGCSglZH4X1UwTNU91kX1rXV-lWwv4tw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 16:14:35 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-NMLxb1Haj1u7_8boK8c6aA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kofirusy.pro/buW.NvlwPx3-Nz0AYBXCR_1EcFzG1Hm-YJWKlLsM
88.85.94.228200 OK 0 B URL HTTP/2 kofirusy.pro/buW.NvlwPx3-Nz0AYBXCR_1EcFzG1Hm-YJWKlLsM
IP 88.85.94.228:0
GET /buW.NvlwPx3-Nz0AYBXCR_1EcFzG1Hm-YJWKlLsM HTTP/1.1
Host: kofirusy.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://active-year.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 16:14:30 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
www.amazon.com/ap/signin/178-4417027-1316064?_encoding=UTF8&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=10000000&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Ffavicon.ico
54.230.217.196200 OK 0 B URL HTTP/2 www.amazon.com/ap/signin/178-4417027-1316064?_encoding=UTF8&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=10000000&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Ffavicon.ico
IP 54.230.217.196:0
GET /ap/signin/178-4417027-1316064?_encoding=UTF8&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=10000000&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Ffavicon.ico HTTP/1.1
Host: www.amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
server: Server
date: Sun, 29 Jan 2023 16:14:35 GMT
x-amz-rid: E2FJKXKPR8887PKS3VD8
set-cookie: ap-fid=""; Domain=.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ap/; Secure
x-main=""; Domain=.www.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure
session-id=""; Domain=.www.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure
session-token=""; Domain=.www.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure
session-id-time=""; Domain=.www.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure
ubid-main=""; Domain=.www.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure
at-main=""; Domain=.www.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure
sess-at-main=""; Domain=.www.amazon.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; Secure
session-id=131-3873983-2529947; Domain=.amazon.com; Expires=Mon, 29-Jan-2024 16:14:35 GMT; Path=/; Secure
session-id-time=2305728875l; Domain=.amazon.com; Expires=Mon, 29-Jan-2024 16:14:35 GMT; Path=/; Secure
x-xss-protection: 1
x-content-type-options: nosniff
x-ua-compatible: IE=edge
pragma: No-cache
cache-control: max-age=0, no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jdd4iel-sC5Yu4N8rM7JVYOBp0Sk5yiaDIDqoYbrU0hOQnQ2vZ7MOA==
X-Firefox-Spdy: h2