r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5799
Expires: Thu, 06 Oct 2022 21:50:44 GMT
Date: Thu, 06 Oct 2022 20:14:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.65200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TmS0QSUS6jDhm5PehOPqtY6T-oCE4ckec8Z6H33jJ0NT71r1zQIOYw==
Age: 102407
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11349
Expires: Thu, 06 Oct 2022 23:23:14 GMT
Date: Thu, 06 Oct 2022 20:14:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: E1QZH3YrWd0hr2fsFpczk68lHPioDrA1J3BkPbJhYtzga6gL/EYZ30YMAoC8/7afoB9sjz60UPQ=
x-amz-request-id: R3YEYHCVJE4V40MG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 19:58:52 GMT
age: 913
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 20:14:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
reurl.cc/oQExpM
35.185.130.121301 Moved Permanently 178 B IP 35.185.130.121:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
GET /oQExpM HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 06 Oct 2022 20:14:05 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://reurl.cc/oQExpM
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.65200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 19:29:41 GMT
Expires: Thu, 06 Oct 2022 20:07:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: txRZxOzEu_oSJRQ1-EQ3-Sgnu4OmvtTOn_dLkgo4i6G1U6AxUaG3zQ==
Age: 2665
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2895
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 20:14:06 GMT
Last-Modified: Thu, 06 Oct 2022 19:25:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3f0e6335dee17803a24ac789b8ea8541
aca4fb3fa1259922b06d4c5e73e4c431a4412a15
d049af438506d37c606af56abf83f096d26a2577f827bbb2282bb63bd929e5ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D049AF438506D37C606AF56ABF83F096D26A2577F827BBB2282BB63BD929E5CE"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12868
Expires: Thu, 06 Oct 2022 23:48:34 GMT
Date: Thu, 06 Oct 2022 20:14:06 GMT
Connection: keep-alive
push.services.mozilla.com/
44.228.207.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.228.207.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ibDr53c+6/T4jZAhAb9djQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XmwOsJAiG+pQzK0ByVA+QEjD35s=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6034
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 20:14:07 GMT
Last-Modified: Thu, 06 Oct 2022 18:33:33 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: hI7I3HpisigiAA0rQIxZJ1e/edPEFSXDklLiw8lNZBeNLUpGMv/IsCi2XALEl1BHnZ1O5UvlvEWqfUcs20DwaQ==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 20:14:07 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 20:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 06 Oct 2022 18:41:09 GMT
expires: Thu, 06 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 5578
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6034
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 20:14:07 GMT
Last-Modified: Thu, 06 Oct 2022 18:33:33 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 20:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j98&a=1358013551&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FoQExpM&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=48104895&gjid=1795335708&cid=24718256.1665087247&tid=UA-102456694-1&_gid=1888438502.1665087247&_r=1&_slc=1&z=1095499206
142.250.74.174200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1358013551&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FoQExpM&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=48104895&gjid=1795335708&cid=24718256.1665087247&tid=UA-102456694-1&_gid=1888438502.1665087247&_r=1&_slc=1&z=1095499206
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=1358013551&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FoQExpM&ul=en-us&de=UTF-8&dt=URL%20Shortener%20-%20reurl&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=48104895&gjid=1795335708&cid=24718256.1665087247&tid=UA-102456694-1&_gid=1888438502.1665087247&_r=1&_slc=1&z=1095499206 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://reurl.cc
date: Thu, 06 Oct 2022 20:14:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 20:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-102456694-1&cid=24718256.1665087247&jid=48104895&gjid=1795335708&_gid=1888438502.1665087247&_u=IEBAAEAAAAAAACAAI~&z=141007566
173.194.73.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-102456694-1&cid=24718256.1665087247&jid=48104895&gjid=1795335708&_gid=1888438502.1665087247&_u=IEBAAEAAAAAAACAAI~&z=141007566
IP 173.194.73.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-102456694-1&cid=24718256.1665087247&jid=48104895&gjid=1795335708&_gid=1888438502.1665087247&_u=IEBAAEAAAAAAACAAI~&z=141007566 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://reurl.cc
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://reurl.cc
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Oct 2022 20:14:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
reurl.cc/javascripts/ga.js
35.185.130.121200 OK 1.4 kB URL HTTP/2 reurl.cc/javascripts/ga.js
IP 35.185.130.121:0
Hash 51da9dface825215ca4930fbe6a32695
abd7ff347faeb8ad17b92331a7743a28eba07cce
e6511043a6ce88b67436022e15ec06f45cff23908076506b5c780a5a3f18b884
GET /javascripts/ga.js HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/oQExpM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 06 Oct 2022 20:14:06 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
etag: W/"63356adf-17e"
expires: Fri, 06 Oct 2023 20:14:06 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 20:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 20:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 20:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=24718256.1665087247&jid=48104895&_u=IEBAAEAAAAAAACAAI~&z=539919887
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=24718256.1665087247&jid=48104895&_u=IEBAAEAAAAAAACAAI~&z=539919887
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=24718256.1665087247&jid=48104895&_u=IEBAAEAAAAAAACAAI~&z=539919887 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 20:14:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=24718256.1665087247&jid=48104895&_u=IEBAAEAAAAAAACAAI~&z=539919887
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=24718256.1665087247&jid=48104895&_u=IEBAAEAAAAAAACAAI~&z=539919887
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=24718256.1665087247&jid=48104895&_u=IEBAAEAAAAAAACAAI~&z=539919887 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 20:14:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 20:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 20:14:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FoQExpM&rl=&if=false&ts=1665087247779&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1665087247779.1907579076&it=1665087247159&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FoQExpM&rl=&if=false&ts=1665087247779&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1665087247779.1907579076&it=1665087247159&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FoQExpM&rl=&if=false&ts=1665087247779&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1665087247779.1907579076&it=1665087247159&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 06 Oct 2022 20:14:07 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19544
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 20:14:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19544
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 20:14:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70ea26af79226e9ff06d6198e2c019dc
ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57
f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 04:27:43 GMT
age: 56784
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: f2f15f43-6054-40f5-943a-530671e772dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZjF3aIAMFW9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-5e2253791a927c8c40a0ff0d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: xRuMce_9OkP3R2DqHjZI34GwkDezdfGKsgntCMTZG2c6SJUcyv0Ckg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:56:40 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 80247
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbba56f647bf5989ca51863632bbebfc
26694f34166345ee5693653e0101db6b910e68ba
ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4140
x-amzn-requestid: 13fcd792-1fcc-44b5-aa9e-d2773a60fe77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uHrbIAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-5b5f5d781b9d651b68c04f2e;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wfnbRpTKni8hbAmJXO9vdisV6ZPoRP-eBb3wP4RzPS7MlXvp7282dw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 81446
etag: "26694f34166345ee5693653e0101db6b910e68ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: TlEKsCdhNhlKmA2Yhz8FarEUG18gQZMKGRD6SnzCnUMiKyGS9-UeOQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:38:04 GMT
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
age: 81363
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 488ec5b4267ccb1cdc4e6e08556f7f3b
42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88
d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3430
x-amzn-requestid: 9b3b52d6-08b4-4893-962b-3dfe67e2f11d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjTijF0vIAMFq3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dffa9-0a128734418b6c4d6375e2ac;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 22:05:29 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iRuujAZLL_0mf5_-FhMXpuWwHy-jidhBkFuBIZLo0tLlJArZgFEcbA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 16:10:55 GMT
age: 14592
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3lKuGlFCBN2wEsp9-Oa3ysQg62py090H30jy6_bR02Ufs0KGPrVC4w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 81446
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
umai.pw/lyDPzu
172.67.207.246301 Moved Permanently 0 B IP 172.67.207.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lyDPzu HTTP/1.1
Host: umai.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 06 Oct 2022 20:14:08 GMT
content-length: 0
location: https://59hh.short.gy/fyUMwP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTqHrHmVhKMdMADgZ2cckydlRhJ21GG%2Bkf%2FZDu9L4MJTwK%2F%2B01RGIQMXMyha2m%2BIjyFjyAb3PXM37MidO0FOCs1dfQc1L2oK7MrKZHnon7mZ4OOZYWR4jpNC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75610fc37a691bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 793cc1742a0c203450f29f2c9dd5e158
6bbb1c832b4e9898d36b3e08bae1cd1beaf17ec4
1035ed6daad0dc6395b99a8187dbaab0bac3ac1df61911b8111a9e5300a801d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1035ED6DAAD0DC6395B99A8187DBAAB0BAC3AC1DF61911B8111A9E5300A801D4"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9713
Expires: Thu, 06 Oct 2022 22:56:01 GMT
Date: Thu, 06 Oct 2022 20:14:08 GMT
Connection: keep-alive
59hh.short.gy/fyUMwP
52.59.165.42302 Found 0 B IP 52.59.165.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fyUMwP HTTP/1.1
Host: 59hh.short.gy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reurl.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
connection: close
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
x-powered-by: Short.io link shortener
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
location: http://seguridadoutlooklive01.c1.biz/
content-length: 0
Date: Thu, 06 Oct 2022 20:14:08 GMT
seguridadoutlooklive01.c1.biz/
185.176.43.98200 OK 4.0 kB URL HTTP/1.1 seguridadoutlooklive01.c1.biz/
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash eaf2179bfefe83abc6ab0068ca99e8c9
9927c0c524adbbe3f1fba980032506dfd2cef027
c2adc03eb3f08633c9669aa1e96f77b5b585b00ed2e657d0e6cb74d5ddebae80
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: seguridadoutlooklive01.c1.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 20:14:08 GMT
Server: Apache
Last-Modified: Wed, 28 Sep 2022 12:21:41 GMT
ETag: "f70-5e9bbcd9fb3c1"
Accept-Ranges: bytes
Content-Length: 3952
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
seguridadoutlooklive01.c1.biz/css/main.css
185.176.43.98200 OK 8.3 kB URL HTTP/1.1 seguridadoutlooklive01.c1.biz/css/main.css
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
Hash d355ef7a50302e7467cfcf147e5ddc14
90519c977077c164b629339c53bf2a9511441b00
6a5df0cd8b93f51a5b9d1c7ab94f2d80642b346748de7091e70c89dd124a53d9
Analyzer Verdict Alert quad9 Sinkholed
GET /css/main.css HTTP/1.1
Host: seguridadoutlooklive01.c1.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://seguridadoutlooklive01.c1.biz/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 20:14:08 GMT
Server: Apache
Last-Modified: Wed, 28 Sep 2022 12:21:55 GMT
ETag: "2045-5e9bbce6e0189"
Accept-Ranges: bytes
Content-Length: 8261
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
seguridadoutlooklive01.c1.biz/css/util.css
185.176.43.98200 OK 84 kB URL HTTP/1.1 seguridadoutlooklive01.c1.biz/css/util.css
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
Hash 2a176b51d784f50dff6aba8fbfcffa54
e3e196a6b1018bef9a39eef966fc606d18f9d202
837494f2b4a3de7bceb87d79e841ae48b96f81082a2421858e06b1d5d1e117f8
Analyzer Verdict Alert quad9 Sinkholed
GET /css/util.css HTTP/1.1
Host: seguridadoutlooklive01.c1.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://seguridadoutlooklive01.c1.biz/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 20:14:08 GMT
Server: Apache
Last-Modified: Wed, 28 Sep 2022 12:21:56 GMT
ETag: "1476d-5e9bbce83d39c"
Accept-Ranges: bytes
Content-Length: 83821
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
seguridadoutlooklive01.c1.biz/fonts/iconic/css/material-design-iconic-font.min.css
185.176.43.98200 OK 71 kB URL HTTP/1.1 seguridadoutlooklive01.c1.biz/fonts/iconic/css/material-design-iconic-font.min.css
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6417b9acbf75f8ea07919e5ce68fa9e6
b2255ec5b233766d700557c290bbf2cf30d2e450
ff6876dc3b47466f41465449224a303229b2d460fe56b5d81e8f98dff644c966
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/iconic/css/material-design-iconic-font.min.css HTTP/1.1
Host: seguridadoutlooklive01.c1.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://seguridadoutlooklive01.c1.biz/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 20:14:08 GMT
Server: Apache
Last-Modified: Wed, 28 Sep 2022 12:22:24 GMT
ETag: "114af-5e9bbd031ad56"
Accept-Ranges: bytes
Content-Length: 70831
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
seguridadoutlooklive01.c1.biz/fonts/poppins/Poppins-Medium.html
185.176.43.98200 OK 144 kB URL HTTP/1.1 seguridadoutlooklive01.c1.biz/fonts/poppins/Poppins-Medium.html
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type TrueType Font data, digitally signed, 15 tables, 1st "DSIG", 47616 names, type 34816 string\012- data
Size 144 kB (143513 bytes)
Hash 49f5f0ab769ca493274262665850e87e
eceeccb9a2c4996aaf5f3cf9458bacabc885182c
84b677edf6fee7fed18fa2ab1f423cdafa39e66667de07e801f7b000b78d4c7d
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/poppins/Poppins-Medium.html HTTP/1.1
Host: seguridadoutlooklive01.c1.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://seguridadoutlooklive01.c1.biz/css/main.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 20:14:08 GMT
Server: Apache
Last-Modified: Wed, 28 Sep 2022 12:22:12 GMT
ETag: "23099-5e9bbcf7ab844"
Accept-Ranges: bytes
Content-Length: 143513
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
seguridadoutlooklive01.c1.biz/fonts/iconic/fonts/Material-Design-Iconic-Fontd1f1.html?v=2.2.0
185.176.43.98200 OK 38 kB URL HTTP/1.1 seguridadoutlooklive01.c1.biz/fonts/iconic/fonts/Material-Design-Iconic-Fontd1f1.html?v=2.2.0
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type Web Open Font Format (Version 2), TrueType, length 38384, version 1.0\012- data
Hash 9e4b3d0b178fe9fedaeea1f263f6eaff
9684341f55fc1a51a837eec2ff0275eed12c7fad
0d3d20c0fa51dd0141a5c987d9a33d00ebb83fa14f1a902538ab5d86f74d3615
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/iconic/fonts/Material-Design-Iconic-Fontd1f1.html?v=2.2.0 HTTP/1.1
Host: seguridadoutlooklive01.c1.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://seguridadoutlooklive01.c1.biz/fonts/iconic/css/material-design-iconic-font.min.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 20:14:08 GMT
Server: Apache
Last-Modified: Wed, 28 Sep 2022 12:22:46 GMT
ETag: "95ef-5e9bbd18187fc"
Accept-Ranges: bytes
Content-Length: 38383
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
seguridadoutlooklive01.c1.biz/images/fond.png
185.176.43.98200 OK 1.2 MB URL HTTP/1.1 seguridadoutlooklive01.c1.biz/images/fond.png
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type PNG image data, 1879 x 901, 8-bit/color RGBA, non-interlaced\012- data
Size 1.2 MB (1205554 bytes)
Hash 4539ab73de5fc23616f62981785be8b3
fe9799af6f96a9a8e6aa62673751c6fbf242e0c2
90b87983a346c4968b798fa8259d113a0533ba604ba8dd1c1667501d3f71602d
Analyzer Verdict Alert quad9 Sinkholed
GET /images/fond.png HTTP/1.1
Host: seguridadoutlooklive01.c1.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://seguridadoutlooklive01.c1.biz/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 20:14:08 GMT
Server: Apache
Last-Modified: Wed, 28 Sep 2022 12:22:54 GMT
ETag: "126532-5e9bbd1f29a00"
Accept-Ranges: bytes
Content-Length: 1205554
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
seguridadoutlooklive01.c1.biz/fonts/poppins/Poppins-Regular.html
185.176.43.98200 OK 145 kB URL HTTP/1.1 seguridadoutlooklive01.c1.biz/fonts/poppins/Poppins-Regular.html
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type TrueType Font data, digitally signed, 15 tables, 1st "DSIG", 13 names, Microsoft, language 0x409, Copyright 2014-2017 Indian Type Foundry (info@indiantypefoundry.com)PoppinsRegular3.010;ITFO;Pop\012- data
Size 145 kB (145312 bytes)
Hash 731a28a413d642522667a2de8681ff35
440dc8992517a306d66e55cb0afed0cfe9b971b5
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/poppins/Poppins-Regular.html HTTP/1.1
Host: seguridadoutlooklive01.c1.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://seguridadoutlooklive01.c1.biz/css/main.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 20:14:08 GMT
Server: Apache
Last-Modified: Wed, 28 Sep 2022 12:22:13 GMT
ETag: "237a0-5e9bbcf89103b"
Accept-Ranges: bytes
Content-Length: 145312
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
seguridadoutlooklive01.c1.biz/fonts/iconic/fonts/Material-Design-Iconic-Fontd1f1-2.html?v=2.2.0
185.176.43.98200 OK 50 kB URL HTTP/1.1 seguridadoutlooklive01.c1.biz/fonts/iconic/fonts/Material-Design-Iconic-Fontd1f1-2.html?v=2.2.0
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type Web Open Font Format, TrueType, length 50312, version 1.0\012- data
Hash d2a55d331bdd1a7ea97a8a1fbb3c569c
f8575ba5b551d1c2077f2003dd272c08e0bf9168
7c74c136895350e927bf69fe9fcb9f33fe9fae6340709d6ec4f8cb838a9470a3
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/iconic/fonts/Material-Design-Iconic-Fontd1f1-2.html?v=2.2.0 HTTP/1.1
Host: seguridadoutlooklive01.c1.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://seguridadoutlooklive01.c1.biz/fonts/iconic/css/material-design-iconic-font.min.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 20:14:08 GMT
Server: Apache
Last-Modified: Wed, 28 Sep 2022 12:22:38 GMT
ETag: "c488-5e9bbd10615a8"
Accept-Ranges: bytes
Content-Length: 50312
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
seguridadoutlooklive01.c1.biz/favicon.ico
185.176.43.98404 Not Found 109 B URL HTTP/1.1 seguridadoutlooklive01.c1.biz/favicon.ico
IP 185.176.43.98:0
ASN #44476 Zetta Hosting Solutions LLC.
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 85143048876b86a915624b8d8989c3c0
785fdb9491cc1e81092ffe73c33b525cc116165b
ffa3bcf329ed085c6d4c0c79ce6d98ac589b92ecdd3471eda4a602d8045a5f13
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: seguridadoutlooklive01.c1.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://seguridadoutlooklive01.c1.biz/
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 20:14:09 GMT
Server: Apache
Last-Modified: Tue, 18 Feb 2014 12:50:39 GMT
ETag: "6d-4f2adb81cc5c0"
Accept-Ranges: bytes
Content-Length: 109
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
reurl.cc/oQExpM
35.185.130.121200 OK 0 B IP 35.185.130.121:0
GET /oQExpM HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 06 Oct 2022 20:14:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
target: https://umai.pw/lyDPzu
content-encoding: gzip
X-Firefox-Spdy: h2
reurl.cc/javascripts/pixel.js
35.185.130.121200 OK 0 B URL HTTP/2 reurl.cc/javascripts/pixel.js
IP 35.185.130.121:0
GET /javascripts/pixel.js HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/oQExpM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 06 Oct 2022 20:14:06 GMT
content-type: application/javascript
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
vary: Accept-Encoding
etag: W/"61100f5a-1d6"
expires: Fri, 06 Oct 2023 20:14:06 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
reurl.cc/javascripts/redirect.js
35.185.130.121200 OK 0 B URL HTTP/2 reurl.cc/javascripts/redirect.js
IP 35.185.130.121:0
GET /javascripts/redirect.js HTTP/1.1
Host: reurl.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reurl.cc/oQExpM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 06 Oct 2022 20:14:06 GMT
content-type: application/javascript
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
etag: W/"63356adf-c0"
expires: Fri, 06 Oct 2023 20:14:06 GMT
cache-control: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2