r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4551
Expires: Tue, 28 Mar 2023 09:50:55 GMT
Date: Tue, 28 Mar 2023 08:35:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 911d74784325663a0d95b463b0e9ae9b
21e999229be584d8e42696bce71236ad5bcb9a25
f48cbe4d605e660a45267400e0add4f7bc7cd523c450376ecd8e3a7f094abf56
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F48CBE4D605E660A45267400E0ADD4F7BC7CD523C450376ECD8E3A7F094ABF56"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2303
Expires: Tue, 28 Mar 2023 09:13:28 GMT
Date: Tue, 28 Mar 2023 08:35:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 28 Mar 2023 08:28:01 GMT
content-type: application/json
age: 424
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14127
Expires: Tue, 28 Mar 2023 12:30:32 GMT
Date: Tue, 28 Mar 2023 08:35:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8alw9rVPSDh+5esc2Qt9rS4CpX51lAMbNlom6Ul8a9TTEFfMeHteQu3A80dPXPEywliNXc+8eXk=
x-amz-request-id: J6AT96HP7TY8D984
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 28 Mar 2023 08:01:58 GMT
age: 1987
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 08:35:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/kkk7EvO0XlCuzwfdfz40Q/_buildManifest.js
76.76.21.123200 OK 282 B URL HTTP/2 bewitched-key-tiger-n56l47.teleporthq.app/_next/static/kkk7EvO0XlCuzwfdfz40Q/_buildManifest.js
IP 76.76.21.123:0
File type ASCII text, with no line terminators
Hash 5848f1ba51cdb867e8ec65c92cbf37d4
09459dab18bf1cd91b0727f53510eab7c1acf178
fa9311c5f23f92d46353e7f373fecb75b8875d31012bb8c654ac037955f67426
GET /_next/static/kkk7EvO0XlCuzwfdfz40Q/_buildManifest.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 103059
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: "5848f1ba51cdb867e8ec65c92cbf37d4"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/kkk7EvO0XlCuzwfdfz40Q/_buildManifest.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::lbpcc-1679992505229-00d069231bcf
content-length: 282
X-Firefox-Spdy: h2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/kkk7EvO0XlCuzwfdfz40Q/_ssgManifest.js
76.76.21.123200 OK 77 B URL HTTP/2 bewitched-key-tiger-n56l47.teleporthq.app/_next/static/kkk7EvO0XlCuzwfdfz40Q/_ssgManifest.js
IP 76.76.21.123:0
File type ASCII text, with no line terminators
Hash b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
GET /_next/static/kkk7EvO0XlCuzwfdfz40Q/_ssgManifest.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 103101
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: "b6652df95db52feb4daf4eca35380933"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/kkk7EvO0XlCuzwfdfz40Q/_ssgManifest.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::lwqvr-1679992505229-4ab3706b3e44
content-length: 77
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 08:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
142.250.74.163200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 37780, version 1.0\012- data
Hash e1b9f0ecaaebb12c93064cd3c406f82b
f0e872352fc5af11960d0eb4fd6ed09e9e98f4ab
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bewitched-key-tiger-n56l47.teleporthq.app
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:41 GMT
expires: Sat, 23 Mar 2024 10:26:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:54:10 GMT
content-type: font/woff2
age: 338904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/webpack-7f7073168d4d40fd.js
76.76.21.123200 OK 2.1 kB URL HTTP/2 bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/webpack-7f7073168d4d40fd.js
IP 76.76.21.123:0
File type ASCII text, with very long lines (3380), with no line terminators
Hash a64dcc2be8a13bb2dc46ff73734614d7
42b516dffdb030b535b719daaede0089f0d409b4
712ed8e21b3a508f41895f11d7a70b1ca4a972be66f73166577ce96cc04c2c41
GET /_next/static/chunks/webpack-7f7073168d4d40fd.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
age: 103060
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-7f7073168d4d40fd.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"35e21f535abdb98e3eb1a218b74b5f6d"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/webpack-7f7073168d4d40fd.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::phjrd-1679992505223-baecebed884c
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 28 Mar 2023 08:17:24 GMT
age: 1061
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b5d61d9b46606add50681c75fbf20e2c
1b6d168ce95830de0e8056664f20780229d94374
2a23ac53a04e1736d1feeb38bfede4c354ee55a0ed92c7e8b0d812e588541989
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 08:35:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 28 Mar 2023 01:05:12 GMT
Expires: Tue, 04 Apr 2023 01:05:11 GMT
Etag: "1b6d168ce95830de0e8056664f20780229d94374"
Cache-Control: max-age=577205,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7aee89a84c42b4eb-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15449
Expires: Tue, 28 Mar 2023 12:52:34 GMT
Date: Tue, 28 Mar 2023 08:35:05 GMT
Connection: keep-alive
push.services.mozilla.com/
100.20.181.148101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.181.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q1pPxcp578EgoHCJccxV9w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Apn8LS8hx5vtvIppjIvS4mHn8ds=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8680
Expires: Tue, 28 Mar 2023 10:59:47 GMT
Date: Tue, 28 Mar 2023 08:35:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8680
Expires: Tue, 28 Mar 2023 10:59:47 GMT
Date: Tue, 28 Mar 2023 08:35:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8680
Expires: Tue, 28 Mar 2023 10:59:47 GMT
Date: Tue, 28 Mar 2023 08:35:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8680
Expires: Tue, 28 Mar 2023 10:59:47 GMT
Date: Tue, 28 Mar 2023 08:35:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ada29e049501b12a35b0bcc5f68e3e57
5c1ba9bffbcc9007e7f119dbb3197db34a12f8da
b45583b5845129386a456e03fbdba25305c8d6d9fb5a8f01d783816ced080629
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10744
x-amzn-requestid: d693d820-7eed-47a3-9b0b-8f43c141bd3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbogF0poAMFTAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-22ab350146e8a3a606f74c42;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: uCaEsILUx4u_fBJ7J9CgQanUW-BmV69mFvGRjZ0roFWluE_joVyVrA==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:48:21 GMT
age: 38806
etag: "5c1ba9bffbcc9007e7f119dbb3197db34a12f8da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e828b7227de7aa7a7b7c54c96e0cef9a
9a717142ab25dabf9123485ef51ed586662d2a71
0390f8771432de010cc11e11be2e2dfa7c303664858a5b066e66a628a1f3dd66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8553
x-amzn-requestid: 05cb5115-a27b-485a-89fd-670bdb5bb06f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbofHHPIAMFkQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-774bb5d725336b35088e2527;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: NcKs_URb5dFDbkEoCqy2_fjKWneX7mifmEbd5MA5unqkhiPAIH9GPg==
via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 38697
etag: "9a717142ab25dabf9123485ef51ed586662d2a71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e7f11a7b2bcf82694495805df139feed
45e59e98fb4aeb3ca44c15e3e3bb77466cffe5e6
96ba810197f578fb975bd853acbe948c8e984a7b94d172305d411d4381cf80ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36e95c63-932a-495b-b82b-9c578f43ec5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 7e76212a-4621-45ca-9212-da6957f4861f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdb5bGSiIAMFtoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220d08-507bf48c3eeba38b719de318;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:39:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: Zy7ItZQS-88zGHgnpCOzsRh6BL36AzV2MM-zUB5nCcLnaqgbJh8NxA==
via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:14:11 GMT
age: 37256
etag: "45e59e98fb4aeb3ca44c15e3e3bb77466cffe5e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/css/56292a77cc7ef41c.css
76.76.21.123200 OK 102 kB URL HTTP/2 bewitched-key-tiger-n56l47.teleporthq.app/_next/static/css/56292a77cc7ef41c.css
IP 76.76.21.123:0
File type ASCII text, with very long lines (1819), with no line terminators
Size 102 kB (102067 bytes)
Hash adbf46184b50faacf380bede3d7c3a61
b75ad65247efc8cebba8f03e02d5e27cb467faf9
b777f223a680b2d23b58dbec57c6842da8421152f0d3ef54c6f7c1df6a3e2484
Analyzer Verdict Alert openphish Facebook, Inc.
GET /_next/static/css/56292a77cc7ef41c.css HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
age: 103100
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="56292a77cc7ef41c.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"206acbbbd2d789d4717d530ca766259b"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/css/56292a77cc7ef41c.css
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::lwqvr-1679992505222-79a36cb5b2dd
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 38697
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
angelvideos2k23.xyz/newsrd2022/?api=1&lan=facebooknew&ht=2&counter0=blackmamba02
162.0.235.110200 OK 517 kB URL HTTP/2 angelvideos2k23.xyz/newsrd2022/?api=1&lan=facebooknew&ht=2&counter0=blackmamba02
IP 162.0.235.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63311)
Size 517 kB (517393 bytes)
Hash 5d9b12314636925eea8ead30e00b5070
740e643e4ff5f0dab0e248d50c02abdf3f60d915
12579a10c2e39bb51955f5a274a84cef631ead9ee140f852208cf785730d8938
GET /newsrd2022/?api=1&lan=facebooknew&ht=2&counter0=blackmamba02 HTTP/1.1
Host: angelvideos2k23.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
set-cookie: PHPSESSID=15be4a223c50f0f38f6df70149e56a6f; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: application/javascript
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Mar 2023 08:35:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
angelvideos2k23.xyz/newsrd2022/location
162.0.235.110301 Moved Permanently 707 B URL HTTP/2 angelvideos2k23.xyz/newsrd2022/location
IP 162.0.235.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /newsrd2022/location HTTP/1.1
Host: angelvideos2k23.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 707
date: Tue, 28 Mar 2023 08:35:07 GMT
server: LiteSpeed
location: https://angelvideos2k23.xyz/newsrd2022/location/
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
angelvideos2k23.xyz/newsrd2022/location/
162.0.235.110200 OK 432 B URL HTTP/2 angelvideos2k23.xyz/newsrd2022/location/
IP 162.0.235.110:0
Hash 4577a507ad7a0dd981affe01d04dab9d
02d4479a56e8bcce6e6a65e558939ab347a45212
b874b6eedd1dae378c34b0ab4c6d3080551ec014b70cda81bb55a22a5539c60b
GET /newsrd2022/location/ HTTP/1.1
Host: angelvideos2k23.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 04 Apr 2023 08:35:07 GMT
content-length: 432
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Mar 2023 08:35:07 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2
widgets.amung.us/classic/00/7.png
104.22.74.171200 OK 1.4 kB URL HTTP/2 widgets.amung.us/classic/00/7.png
IP 104.22.74.171:0
File type PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data
Hash 3c6db33967de3c728e913cf9c6a906cb
6776113231d350b425ffd0e703d61dcfdd896e7c
5e18bf693e810176c0cd9472697e0d449736b2b383b20b747d79f2562ff55a86
GET /classic/00/7.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:35:07 GMT
content-type: image/png
content-length: 1366
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
etag: "4c149ecd-556"
expires: Mon, 20 Mar 2023 08:35:21 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 777586
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aee89b4b86a0a3c-ARN
X-Firefox-Spdy: h2
widgets.amung.us/classic/00/11.png
104.22.74.171200 OK 1.3 kB URL HTTP/2 widgets.amung.us/classic/00/11.png
IP 104.22.74.171:0
File type PNG image data, 81 x 29, 8-bit colormap, non-interlaced\012- data
Hash aa4dbc18cb151262ba16d49bc9e9c44c
4a5fcef40777eab36821965779fd30fa6091af32
c963256889c290a525bce47c8a0123d7d417e79add027d00fb97e57c64ac4fb1
GET /classic/00/11.png HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:35:07 GMT
content-type: image/png
content-length: 1346
last-modified: Sun, 13 Jun 2010 09:03:09 GMT
etag: "4c149ecd-542"
expires: Wed, 08 Mar 2023 02:01:02 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 1838045
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aee89b599fb0a3c-ARN
X-Firefox-Spdy: h2
bewitched-key-tiger-n56l47.teleporthq.app/
76.76.21.123200 OK 0 B URL HTTP/2 bewitched-key-tiger-n56l47.teleporthq.app/
IP 76.76.21.123:0
GET / HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
access-control-allow-origin: *
age: 103101
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"b813abe4d4d47493369c1bb973a16f0a"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::lh4dv-1679992505057-c3576f2d06be
X-Firefox-Spdy: h2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/framework-5f4595e5518b5600.js
76.76.21.123200 OK 0 B URL HTTP/2 bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/framework-5f4595e5518b5600.js
IP 76.76.21.123:0
GET /_next/static/chunks/framework-5f4595e5518b5600.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
age: 103101
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-5f4595e5518b5600.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"623da2092ab9e81400d81fad9017f0ba"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/framework-5f4595e5518b5600.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::lh4dv-1679992505225-baabb9ece416
X-Firefox-Spdy: h2
whos.amung.us/widget/blackmamba02
104.22.74.171307 Temporary Redirect 0 B URL HTTP/2 whos.amung.us/widget/blackmamba02
IP 104.22.74.171:0
GET /widget/blackmamba02 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Tue, 28 Mar 2023 08:35:07 GMT
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/classic/00/7.png
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7aee89b3def90a3c-ARN
X-Firefox-Spdy: h2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/main-748fa114995cf5e9.js
76.76.21.123200 OK 0 B URL HTTP/2 bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/main-748fa114995cf5e9.js
IP 76.76.21.123:0
GET /_next/static/chunks/main-748fa114995cf5e9.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
age: 103101
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-748fa114995cf5e9.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"220797bfdf29e25d757e4da3865a6eb0"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/main-748fa114995cf5e9.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::v6lxl-1679992505226-74555c351467
X-Firefox-Spdy: h2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/pages/_app-23e854a7b5b991e4.js
76.76.21.123200 OK 0 B URL HTTP/2 bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/pages/_app-23e854a7b5b991e4.js
IP 76.76.21.123:0
GET /_next/static/chunks/pages/_app-23e854a7b5b991e4.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
age: 103101
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-23e854a7b5b991e4.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"de5bb968a3aab2ee719752f88cc60351"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/pages/_app-23e854a7b5b991e4.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::ldfhb-1679992505227-fc581b5497ce
X-Firefox-Spdy: h2
bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/pages/index-57801afc79eb1b6f.js
76.76.21.123200 OK 0 B URL HTTP/2 bewitched-key-tiger-n56l47.teleporthq.app/_next/static/chunks/pages/index-57801afc79eb1b6f.js
IP 76.76.21.123:0
GET /_next/static/chunks/pages/index-57801afc79eb1b6f.js HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
age: 103101
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="index-57801afc79eb1b6f.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"ad57fb7589f1a2d53b7c5aba3df0ccfa"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /_next/static/chunks/pages/index-57801afc79eb1b6f.js
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::jtk7r-1679992505232-82546bae48aa
X-Firefox-Spdy: h2
bewitched-key-tiger-n56l47.teleporthq.app/favicon.ico
76.76.21.123404 Not Found 0 B URL HTTP/2 bewitched-key-tiger-n56l47.teleporthq.app/favicon.ico
IP 76.76.21.123:0
Analyzer Verdict Alert openphish Facebook, Inc.
GET /favicon.ico HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
age: 103098
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="404"
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 08:35:05 GMT
etag: W/"7d5d882d74c84b26d6315c10b87e90ff"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /404
x-vercel-cache: HIT
x-vercel-id: arn1:arn1::lh4dv-1679992505576-5d00355705ef
X-Firefox-Spdy: h2
bewitched-key-tiger-n56l47.teleporthq.app/
76.76.21.93308 Permanent Redirect 0 B URL HTTP/1.0 bewitched-key-tiger-n56l47.teleporthq.app/
IP 76.76.21.93:0
GET / HTTP/1.1
Host: bewitched-key-tiger-n56l47.teleporthq.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.0 308 Permanent Redirect
Content-Type: text/plain
Location: https://bewitched-key-tiger-n56l47.teleporthq.app/
Refresh: 0;url=https://bewitched-key-tiger-n56l47.teleporthq.app/
server: Vercel
whos.amung.us/widget/blackmamba01
104.22.74.171307 Temporary Redirect 0 B URL HTTP/2 whos.amung.us/widget/blackmamba01
IP 104.22.74.171:0
GET /widget/blackmamba01 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Tue, 28 Mar 2023 08:35:07 GMT
content-type: text/html; charset=UTF-8
location: https://widgets.amung.us/classic/00/11.png
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7aee89b3deff0a3c-ARN
X-Firefox-Spdy: h2
get.geojs.io/v1/ip/geo.json
104.26.0.100200 OK 0 B URL HTTP/2 get.geojs.io/v1/ip/geo.json
IP 104.26.0.100:0
GET /v1/ip/geo.json HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bewitched-key-tiger-n56l47.teleporthq.app
Connection: keep-alive
Referer: https://bewitched-key-tiger-n56l47.teleporthq.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 08:35:07 GMT
content-type: application/json
x-request-id: 8d184f4286c3da40dc6702b3312d7eb7-AMS
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-geojs-location: AMS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hE%2FyQGxv%2BpJFJDdT9mIRW%2BORVumlgrB87lwUvWkGU3A%2B4r1CuXpOCpP1U0%2F3AdIeP7V1cBPyl2e3IyGiUL0i6vIde7GNKEYHATASIFrsu2x%2FsqB%2FT1FdrXARR0uUSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7aee89b26d9cb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2