clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
104.21.2.191200 OK 3.1 kB URL HTTP/1.1 clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
IP 104.21.2.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13526), with no line terminators
Hash 2ebf4aff66f0af311a55242c072fcb30
17886bb2149177b1b51e419ef73382d3fb57f1eb
fe8a59f3485c0381974dd72f267609d0c41f4e1f0f5279940774bb1d200a6d85
GET /?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BP1qQj7rZfqO8x6SwZ%2B5%2FixSU9vxux6K31jZADh5QFb41JZc%2FXddLYfKUDdg%2Fm0P8TzsxGwtusoOmPt%2BXedge0RDWcpf4DC4sZr6JY2VdnaRn5onHnaCwEZb%2BfcFhCPcATnKBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774f6c40de5ab523-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2351
Expires: Mon, 05 Dec 2022 20:49:13 GMT
Date: Mon, 05 Dec 2022 20:10:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 485
Cache-Control: max-age=138562
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:10:02 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:39:24 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 19:18:30 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3092
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7837
Expires: Mon, 05 Dec 2022 22:20:39 GMT
Date: Mon, 05 Dec 2022 20:10:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xr+JALK+yy7zwu1xRDxhCUr76y20PMUavGdOTL2S7qWdfPBND2HOcph9R3kPerxvdmjxR9xpitB7ZdI2aZPZDQ==
x-amz-request-id: C55EFEKQ201FSAHS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 19:48:38 GMT
age: 1284
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 20:10:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
clean-blocker.com/assets/css/clb-home.8cff48ec21ce327e2868.css
104.21.2.191200 OK 2.4 kB URL HTTP/1.1 clean-blocker.com/assets/css/clb-home.8cff48ec21ce327e2868.css
IP 104.21.2.191:0
File type ASCII text, with very long lines (10378)
Hash 33e6736267b95fb4085a45db656230a9
4afa6c08c27a7b6046d119915280b859ce338461
4cec7455efe4e13feafd121d7e29e45b8f341d2438d3a57f2d8499969aa48482
GET /assets/css/clb-home.8cff48ec21ce327e2868.css HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: text/css; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c43caecb523-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIJxodRyvX%2BBl0ZCxaIeqnnhZuCUwasOYvBkLDEG9Iq3YxVMEYHs%2FrH9%2FCje2Z%2FSM%2BL3lrMC6%2BJSMK9TMB29au8UHl2PwyD82SYS1YaSzqAIOX7qYcbp9LTtCsBp%2BTgQ6P2aoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/js/vendors.f767109d6b92982db992.js
104.21.2.191200 OK 33 kB URL HTTP/1.1 clean-blocker.com/assets/js/vendors.f767109d6b92982db992.js
IP 104.21.2.191:0
File type Unicode text, UTF-8 text, with very long lines (65448)
Hash 21ef8c24a2bfe872b37d9c0884eede6c
4a5aa86377091dbf3bf906c4ec107f002046b398
64587de8bed141e939b6d0d8aa2e1b406e3afe5838a301f946c4bcdaa430c130
Analyzer Verdict Alert fortinet Malware
GET /assets/js/vendors.f767109d6b92982db992.js HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c440b44b523-OSL
Age: 81653
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJUoZbtkmE0ldPYAA%2BGNYP3SKO7uOpsVJhb3itt9Q94Jp9MeG7DOWpTad%2Flj2h5ChA%2FlY7DqTEwf5aCQ8bVoj5K7nvddSppljH9ciubWG%2F22qm0MjQMV6NQKxYbbcI0o%2FSZkQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/js/runtime.8c6c5b164346b79aab2e.js
104.21.2.191200 OK 923 B URL HTTP/1.1 clean-blocker.com/assets/js/runtime.8c6c5b164346b79aab2e.js
IP 104.21.2.191:0
File type ASCII text, with very long lines (1710), with no line terminators
Hash dd7206ec3cb984a37c4f74734b151e2a
10c83c2d9f51b5b242214cb1f3efa59fe37ec43b
7bf3ef60931f9965b6db9f05d986b2c2b5be13f631f62eeec2348f150cfa48c9
Analyzer Verdict Alert fortinet Malware
GET /assets/js/runtime.8c6c5b164346b79aab2e.js HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c440a43b4fa-OSL
Age: 78698
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igT4bt8MsrV1zy%2FyjlRqSYS%2BUtx%2BS7dNWQVGrcaKu2cF44V%2Fh7RCwV97mmA8a35sOTtKv4ZP4SSI26WNTygWLlZDOl3NaU1QTVtBTfn6qcaAp2UlJ0%2FkSXuhafuY%2By9HDlyG7A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:10:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clean-blocker.com/assets/js/home.07d2858b1f1f189d9495.js
104.21.2.191200 OK 6.5 kB URL HTTP/1.1 clean-blocker.com/assets/js/home.07d2858b1f1f189d9495.js
IP 104.21.2.191:0
File type ASCII text, with very long lines (19303), with no line terminators
Hash 13f353f5f6bc652c8a6c4e8ae20a7632
5291b8dd80044ad8c993d80b844d5f20f954f62c
6c5445fcb7b49ef3f39c448bc11e33771e1708d87abbfd3bfef9106c41772cf1
Analyzer Verdict Alert fortinet Malware
GET /assets/js/home.07d2858b1f1f189d9495.js HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c440ebdb50f-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzDeB9VDY%2FIuLN6f5m2nDQ5e7WqeyadMaKxLWWWIP9oS6kLXfgfLzFj4WcxqyOhWQqs3YVAq3WMxXWz5TYtor%2BxZ6pyzhXWqNw3ysKd13TtlCN4KHSHbCqvqV%2Beh461%2FxbbDjA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/cd0945a03cdbd1115580dd2cc504ebe0.svg
104.21.2.191200 OK 327 B URL HTTP/1.1 clean-blocker.com/assets/media/cd0945a03cdbd1115580dd2cc504ebe0.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (448)
Hash 12cb788b67c7156614ff83200822eb69
8dcdc57ea4627b92b38be24e479b0489428520a7
f7875c91d00c85606c9150bf83315c5f64cf3042be19eec57454550912ac4f2b
Analyzer Verdict Alert fortinet Malware
GET /assets/media/cd0945a03cdbd1115580dd2cc504ebe0.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c449f87b50f-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBxoOxL4s%2FzVPKBpj8AbelYXQ3G2YNM2JjhwZtYFq%2B7k%2BkM9eQRzJDJcM7UHNhpueiz1ZfUafCmgdmjnRhzNYuLEZ6CpHG0gyXbHKE5%2BQqZd5xTkI3%2FykhJ1jPA9LfdjLpTItw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/52da1e13678a70cea24d2a564eda53d0.svg
104.21.2.191200 OK 1.5 kB URL HTTP/1.1 clean-blocker.com/assets/media/52da1e13678a70cea24d2a564eda53d0.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (342)
Hash ed25ed59e6ab7bd175e3484ad231b113
b8e20c971f797ef190d58362a8dac5c9877d1c42
90992d88694f81c754436b52725c4f4ab06c1a5f271a6caac12fc009816aa158
Analyzer Verdict Alert fortinet Malware
GET /assets/media/52da1e13678a70cea24d2a564eda53d0.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c449c26b523-OSL
Age: 150719
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hq1dQESZzG5tEUX4jWmSmMr2jyTYt2aGdvUOk851HjbUPY7mRTmYFXnoQu4FAM06EVxKNl%2BL4i1%2BwgiOwzS2R0PNNevU2JfFybCfLLVqXwBRXL6m0o8lN%2FHfcumVX27g4KHFoA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/c22f21860f39beec5243b1c257ef7c1b.svg
104.21.2.191200 OK 1.7 kB URL HTTP/1.1 clean-blocker.com/assets/media/c22f21860f39beec5243b1c257ef7c1b.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (849)
Hash 3074f727c53762a5bdb43c51145b4f1b
aca608c7df40df52c04965209caf5a231f73c38e
a34152e93057579614e097f45833a7b59f20ab33039e9b50bc81ec0d436758eb
Analyzer Verdict Alert fortinet Malware
GET /assets/media/c22f21860f39beec5243b1c257ef7c1b.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c449c28b523-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8L56%2BDw4P9m8H5FEDhBxNdTSVCVPL88M5JkgPeiNnF35jfdd3MvbUMA99gWpnVKoV79uC9wbAumE939XwiDgmmSro%2Bfnlft%2BFJexnOmhUxfJ36dztSo9K%2BNqDg3F8e%2Fa%2FzQzIw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/52fa9dd45d69517d74a5e4cfb24e424f.svg
104.21.2.191200 OK 331 B URL HTTP/1.1 clean-blocker.com/assets/media/52fa9dd45d69517d74a5e4cfb24e424f.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (448)
Hash 2bbaae166f08c6a2a0b182170921c513
17a5a798c3a049d98dce796f172f3117a4d8c330
a806a310cad950b7df11ec2031d386caa4defc2339268d94c43a15ef40975549
Analyzer Verdict Alert fortinet Malware
GET /assets/media/52fa9dd45d69517d74a5e4cfb24e424f.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c449f91b521-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcrWR%2B9wVVgQuRcyqOM6hx5WW%2B222mgx07eFpfJdCWQkv1OT38DNgCdKWpcyuTFSncLRfwzg1T5K1yKdEqat2ftmjrPHKEbjwyvXfH3E0rE4YCAd6B%2F9kUYh96hh96Tl3D%2BY7g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/6c1cf31887f2b1e5f64137349becf5a5.svg
104.21.2.191200 OK 55 kB URL HTTP/1.1 clean-blocker.com/assets/media/6c1cf31887f2b1e5f64137349becf5a5.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10789)
Hash 86d4caaf751cdc216bbb987e24ede8ba
73946d861b407ea7a48993b353fc9786e1a2ed06
791d5a629207e129bd3c37ee6f4b1ada73ca7dfdf4a6ad5f78766ac3a9b60cd2
Analyzer Verdict Alert fortinet Malware
GET /assets/media/6c1cf31887f2b1e5f64137349becf5a5.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c449e211c16-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptf%2Bqbt4jTBOOSbEwH73xTu20Y5P5rXlkgnuX%2BwCQx37hMYQ9n3ON4Y6STJm9mdymA2Eax0rbb25QorXiWpl9zJNzDFc0j74pm8%2FEAUcuE8mNKm7GYZijpMR8ffNUiEcadaIrg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/423e7ce1069da1a17606b46ba5c991a4.svg
104.21.2.191200 OK 5.5 kB URL HTTP/1.1 clean-blocker.com/assets/media/423e7ce1069da1a17606b46ba5c991a4.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1584)
Hash ce4c888904b61f78bef205de7b598108
e5a3caa2c21ef973df412279bdc61581af4a4e8d
8ab1fdb510611866004c9dc48bd331b3329aadfcc669b98818fe5587facf7797
Analyzer Verdict Alert fortinet Malware
GET /assets/media/423e7ce1069da1a17606b46ba5c991a4.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c44bfb9b50f-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55CfHgL3DViNm%2FUNHi2lMvp7PHzMGjjFJp%2FsQtvAvBRULSSmIFZT0dmRju0b9gkn2L2%2FM0JuZarLR2TZkg0ulTPsvm5rfiI%2BSSSEJ2NnDf%2FcXq%2FfhYUSztQS7fGlBKG2oG3VxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:10:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clean-blocker.com/assets/media/1947805bdd55f898fc126eba2e11b714.svg
104.21.2.191200 OK 7.2 kB URL HTTP/1.1 clean-blocker.com/assets/media/1947805bdd55f898fc126eba2e11b714.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2638)
Hash d6ec8e29d7750926b130ce341bbfcbce
ee0a03e2c149b6bcf7f07c20711bfeaa586a1666
6027a4631bbef0d746577f35ab4556ace57abc2ac3b4e9424f3f07731462b152
Analyzer Verdict Alert fortinet Malware
GET /assets/media/1947805bdd55f898fc126eba2e11b714.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c44cfd6b521-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eKEuy8syFPykV0GFr1yRUbqpHjUrNa749g1uVH5CCEvmYwohsnH2rWB6ZB%2BGiqO44AUOYIUKK4%2FM3v%2F20%2FqcOSzkz2V%2BLWcqsbKjuwYfao42XIexP0VZw0xizoOnTfuQbdWkVg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/3e0e0b368dabf43f66ee1650adbaff0a.svg
104.21.2.191200 OK 31 kB URL HTTP/1.1 clean-blocker.com/assets/media/3e0e0b368dabf43f66ee1650adbaff0a.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (410)
Hash 1c1a187d8463bc3b78953f6b1d7d8ad9
740588b37a701419a4849a7244fd5e50c5469dc3
14195c843b7808f6641a76dedf1bee8c14e9cfae4bbddab785a151d02ce0ac8d
Analyzer Verdict Alert fortinet Malware
GET /assets/media/3e0e0b368dabf43f66ee1650adbaff0a.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c44de5e1c16-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tupXP6EiTciQ%2BXS7TaVXRgvdaVv3%2FF77eV%2BPpu0WWcBgT4kBtFyfdrnu2MousbfG8rPld5tJQ0cAOPPrYCsMPvYl8Jg3OZ68hnKdjUL2TQnEUS%2FtZwxp1s5lbgp3qRH94d0Yww%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/03546ebc536fc7ec867b99e0b64e2362.svg
104.21.2.191200 OK 59 kB URL HTTP/1.1 clean-blocker.com/assets/media/03546ebc536fc7ec867b99e0b64e2362.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (723)
Hash 216a6f32f08c3450bb4bab805e0b190e
3a29d6e8ebd0eaf91a48878303caa335019ece08
b75113c8f3152906a65d4239c821a421dfcd084f4239147ef35ad4ccb922255f
Analyzer Verdict Alert fortinet Malware
GET /assets/media/03546ebc536fc7ec867b99e0b64e2362.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c44cc59b523-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vq5ztzg9k0ipm38NLdCSCUcHk0HRs%2F2Gya4bElcqqD9Zbv4lHWtGeeUweyk5IoZA5pLGf3KWJDtK9X8XlJEgSMUU4bAzFe2l4U6yPE%2BFbZRGhVA%2FKoWqFDYqpSKQkca1rEmlOA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/a74f5837f919993a20445400cd37db10.svg
104.21.2.191200 OK 457 kB URL HTTP/1.1 clean-blocker.com/assets/media/a74f5837f919993a20445400cd37db10.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Size 457 kB (457008 bytes)
Hash c9eab9771302c2ef93f6d102b80f7279
e3d9d119fd63c65c69436ec380101969916575ab
58763a2b93871451428bfbfcc801bafa911e83be3c9e195d85b94a63fec2b19e
Analyzer Verdict Alert fortinet Malware
GET /assets/media/a74f5837f919993a20445400cd37db10.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c449b17b4fa-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2grmVNG%2B4Lm9MdOlTmjqrthNEhOyxBuG%2F6siqq4mg15ckxXwPvEqxr5aeGw908uK2wylM5dp5jWwByffi78qdfY5E%2FHcrujlESrkVK3LYseZ1DJLrjTZiJEZedeaDsiWPZNVtw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/e7e5bb527c9db0e3e6097a90d3c8f61a.svg
104.21.2.191200 OK 332 B URL HTTP/1.1 clean-blocker.com/assets/media/e7e5bb527c9db0e3e6097a90d3c8f61a.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (448)
Hash 58d22ac4dee29988991a171998c236ce
f6cd18b5eb4513517f235438bb906395775dd788
e709cc63b3c5b71eaa4f833afb90b61b34151bef36d4237a9aee9e1134490d32
Analyzer Verdict Alert fortinet Malware
GET /assets/media/e7e5bb527c9db0e3e6097a90d3c8f61a.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c44e805b521-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ksVt8giZhMi0Jj7kF8rv5UnxqdxKsyBPbz4j0v8nBXrvyyr3PUXjSrUdsyXiueZrkFFdN8kWaTefP%2BeBRJigkpFM%2FmTJfVW0qem0nZePRMnwkRwR3U1DltkezYRE2SsXb4zzA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/8154225bb18536056bd5cf2120ce18cb.svg
104.21.2.191200 OK 15 kB URL HTTP/1.1 clean-blocker.com/assets/media/8154225bb18536056bd5cf2120ce18cb.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1143)
Hash cc55edafb6bc8d653628dc58d96ce9ac
80e7850afaa9779511aab8c64c088c491896b8fe
a7ed12a959a9cc72af0c4925fff031635a3b3d2b3a518ad2c18ed7527984902e
Analyzer Verdict Alert fortinet Malware
GET /assets/media/8154225bb18536056bd5cf2120ce18cb.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c44cc5cb523-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJW1Ljvo6XMfxecFZlW00FLYVgw8mgxb0xFmPo8kpicAuMnZ4nC8No1jeiajN2RNSBZM9Rmp5i5BfLaTBuatDCvbMdMI2rPM2kc%2FCdfmYX1Bb6xSao90V59exdSYf8XJ9pJUmw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/8307e595119c411bf493008fcb9f2655.svg
104.21.2.191200 OK 3.5 kB URL HTTP/1.1 clean-blocker.com/assets/media/8307e595119c411bf493008fcb9f2655.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1284)
Hash 12c21c9271ff88badd0a8343624f159a
a39684431daf8e84a2826c11adc99f4381c01f64
5d0abf0305e9fc1a52bc8efed9bf7ab67b757adf29d7f7a6a2b2a45238b2f4ce
Analyzer Verdict Alert fortinet Malware
GET /assets/media/8307e595119c411bf493008fcb9f2655.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c451855b50f-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ydBp3p88SL3HmJLElfvUHTbYtQNMxuE1WJDX5msonieK0idAsFlwayaGrBoBGpsraZmh73yiqGVWIRLFQMmOpbsHwr80Z%2B3ADdlNAMMDIq4fsPjnX2KSpSc9Q6PkVP%2Fqki7FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/d188cd15c797aec5137fd43234518334.svg
104.21.2.191200 OK 21 kB URL HTTP/1.1 clean-blocker.com/assets/media/d188cd15c797aec5137fd43234518334.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (46035)
Hash b6a3ab3fe3a606daea1f8879a3e03450
67bf7159138d549de7dff384edd787846b009030
7ef851ad2dc7353e58dc7bbee75afb75909bf571f7ccb958c4c522eab96acfd2
Analyzer Verdict Alert fortinet Malware
GET /assets/media/d188cd15c797aec5137fd43234518334.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c451ea71c16-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sVpRexif0WfNH0ZMHW7lYGbkW8%2Bajc8vSBtdcATluwxHlYXR45RvKKUASNnxbzKuCAbverBcrdeuon2JW5hc%2F5ZBNhQrKITbDF6BBpWcosMcSJ5b5zLC%2BOV3xM87ZE6CnJ3UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/7a3ef1cef8fc4080c4f1d2ca0b5f244f.svg
104.21.2.191200 OK 1.1 kB URL HTTP/1.1 clean-blocker.com/assets/media/7a3ef1cef8fc4080c4f1d2ca0b5f244f.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2207)
Hash f7fc20b7d184ab81e15a0fb7249f0749
a2f2fd2f62a7a4abf7d240ed4a878aaa68baeeca
9b493e8b1a45e1c9f0872f8b645fc3a56ad0741e74c171ebece772abc3508b89
Analyzer Verdict Alert fortinet Malware
GET /assets/media/7a3ef1cef8fc4080c4f1d2ca0b5f244f.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c454c58b4fa-OSL
Age: 94100
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqZ%2B8Phv7pR2crfRyui5i67DMKfQVFXe5n7EPIz7hAgAnhD6OhseemIUM5Je629aroNyma42GGNSkX6w7XKZljpOrJgpRo0R%2BuiDFtrNQNFy0%2FvXh%2BUQxBeiKLu1KpDdSj%2BqwA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/0ba9dfb74626980f0b5e7cff728a9b27.svg
104.21.2.191200 OK 332 B URL HTTP/1.1 clean-blocker.com/assets/media/0ba9dfb74626980f0b5e7cff728a9b27.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (448)
Hash 2a8f695cdcfb3c7abf4794a8eb34a67c
73d4d02f6fa687cd51be1a9c93f0f5870ff56bf9
0adfc00f89a8b8195f3bfde0554a392dda6ff58f9ce49a036861eb23e2eb95a4
Analyzer Verdict Alert fortinet Malware
GET /assets/media/0ba9dfb74626980f0b5e7cff728a9b27.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c454d5ab523-OSL
Age: 88531
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBFG7L3YkqsbV7lfpWy8RP%2Bk8qcTGeoZ4cZwkzuXETI5SCcEXlThGnoJ2n2n7Ab1DfYcMxb4U5q%2Fq7SUKbdm4SZIQOEX8dFIXmvb2rLvL1pR%2B%2B12J8K99HgZHIOZrJncm38vNg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:10:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clean-blocker.com/assets/media/1537dfbb47b2f6cd17edee0ecb7a23d9.svg
104.21.2.191200 OK 2.8 kB URL HTTP/1.1 clean-blocker.com/assets/media/1537dfbb47b2f6cd17edee0ecb7a23d9.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4845)
Hash 881cf858fe8cea9856b433188756be69
9d8dc1aad2cd5c90e47e4b0508ed11e6df15b51d
802c73143b22da5b3546e216e9edee1f74b5e688a37abe6d65be7baae5ff1566
Analyzer Verdict Alert fortinet Malware
GET /assets/media/1537dfbb47b2f6cd17edee0ecb7a23d9.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c4578cbb521-OSL
Age: 172735
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4TGJr2kthnWEU%2BzjusDfh8D547ZN1X%2FkFtyRkcuOa8SgHsMhFm7rQfsdzDd6NBbrttQOv6Y%2BOOO9GOPKXBkzMIt9eoUMpjvhksWpIgfxaf5T2Emw5w9tPut0Svha0xGXkU8Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/d4a0454d43c1552af824649682a1c22b.svg
104.21.2.191200 OK 647 B URL HTTP/1.1 clean-blocker.com/assets/media/d4a0454d43c1552af824649682a1c22b.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (336)
Hash ce833aabe67c011d3d1be3122b67d210
a67ae18485aca14c9ad875dd7e86152c00066a90
1ad0c95fd840a2ed6f22c8b70954f28014121570f1835401702f80e8e03f3e13
Analyzer Verdict Alert fortinet Malware
GET /assets/media/d4a0454d43c1552af824649682a1c22b.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c457da5b523-OSL
Age: 150719
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhLdK2DzwUEo1f%2BAj0A8BhTHLZBo9dsZRLto9y31A%2B%2FnPeuRdtnovJ7KzqfZh6fotSBIT0xCPsM4BhsnMTx2dYeMIbDQ5Wqh30xCNgJmB5mqpnh85djAwCUjEqocB2sdknq5mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clean-blocker.com/assets/media/5691f06dbe9a4f438b7b4c713a834177.svg
104.21.2.191200 OK 586 B URL HTTP/1.1 clean-blocker.com/assets/media/5691f06dbe9a4f438b7b4c713a834177.svg
IP 104.21.2.191:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (936)
Hash 627a44757e6ade07487c4b376de2115f
f61f94ce3d344e269449d361f0ef438f0ad136f7
7b62f0b36ac067cda7cd174c72672b0c6f73d380efd5f445e7c220c0950f4402
Analyzer Verdict Alert fortinet Malware
GET /assets/media/5691f06dbe9a4f438b7b4c713a834177.svg HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c457f431c16-OSL
Age: 94100
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krp%2FzRSXARP1Znqvv5MgpH2dZ%2Ft%2BsVeeFi4K3LyqDPKIVHhYEJyFkDef%2B%2BIDQBzIRUl%2FO%2F2Nz%2B%2Fxc%2Fvk3asUYGkSFsx6Jbn57xbkU4iRyxgFyhR8ftC5L8Wo6vlGyoDhyaJr2w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:10:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:10:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISc36j.woff2
142.250.74.35200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISc36j.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 20364, version 1.0\012- data
Hash 0de6b557071176e7a82239a7ee11306b
b85c796676d5d08baa1bcc0957a80b5e3a3ddf47
3e9d07ebb7ea3f8e5c5568fa3b4e81d5b93aacfd93cc05192a30c0438039d349
GET /s/exo/v20/4UaOrEtFpBISc36j.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://clean-blocker.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20364
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 01:52:47 GMT
expires: Mon, 04 Dec 2023 01:52:47 GMT
cache-control: public, max-age=31536000
age: 152235
last-modified: Mon, 11 Jul 2022 19:24:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
clean-blocker.com/assets/images/clb.ico
104.21.2.191200 OK 3.1 kB URL HTTP/1.1 clean-blocker.com/assets/images/clb.ico
IP 104.21.2.191:0
File type MS Windows icon resource - 1 icon, 49x48, 32 bits/pixel\012- data
Hash 8c146d0015beffd9cd5b566a06bdd0be
2bb3236c7f80fe9e9d8822b415ee1a7e4a74c6cb
337be695f9839f699e6f994ce526e388dabb5fa322975b05990c08aea11703ed
Analyzer Verdict Alert fortinet Malware
GET /assets/images/clb.ico HTTP/1.1
Host: clean-blocker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clean-blocker.com/?scenario=promo5s&step2=direct&trackingdomain=t.solaranalytics.org&source_id=e6773e24-cd6f-4dcb-a1f9-72b3990ec835&cep=SCvPU25V29vh6QUgWZDE0t1LL4GiTCd1Kvv1zNp4TJjSv7aFrfpq7WPxnnuCi9noAT0VJ6w0I8B9BJWwQTGMAiuAPWb6Ywy4Pm3GWUCIWLFbsSfNMYhzS93ec2RtL7tI3VTwzZULRWsXI_5OD6eLmjygugIsNB3CObver1tNlj06WeUdntwkt7M_8375SCjnfcd5GzwFRq78WdRlRD1py0FI4-FqprQN-grqY8KlkTYkYf1EVKPVBmydk9-tm-ZCX6sS7Qv6m7es6MThXCba3sOXvDbPSfzc0k-j_fqHrHtKEOGHJ5_7ZUk9O2g8l1at07-WQGvT5QTgmAG15ZeAWjlto9QF5S5aRVv9IG_TCebUQk-8nSJZCHymmPTo4vDw3R4DWlUWxPFfbrhoXAM0ovP4Uup5kjks3lcXks1iGl8&lptoken=16807030272f277183ee
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 20:10:02 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774f6c45dd1cb4fa-OSL
Age: 81351
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfCHbKBP8aN08isg1%2FBcFRxdUKYRyQ76NfYaKjHf2NLN1DvSSb%2FLMdJA8jOelZ2pIFybEikpbiycwspB5zgXB18uoUfO3cKDBDxUae284j3fEVVcqlhx4XG46Wt1aDpO4hNt3A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:10:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 19:11:19 GMT
cache-control: public,max-age=3600
age: 3523
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 469
Cache-Control: max-age=133479
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 20:10:02 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:14:41 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.201.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.201.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e5dKobR/3Sq1ZVm7u4jA7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uSYZ0msPbgUrBI4oMUqy/IXqKIY=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11349
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 20:10:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11349
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 20:10:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11349
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 20:10:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 11:06:22 GMT
age: 32622
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 80759
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: joWP2kLWVD0lEy2rMV4Fjm3mJh3mzsPyTWiHDVZZNMy5s_WPViKtCw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
age: 80495
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mn_L-TMV_ypQZFmolIRm4r5dyj5PpN12jrtafcP9HEkALUPfSzJ38w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:54 GMT
age: 62650
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 80420
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 80845
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Exo:wght@100;300;400;500;600;700;900&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Exo:wght@100;300;400;500;600;700;900&display=swap
IP 142.250.74.74:0
GET /css2?family=Exo:wght@100;300;400;500;600;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://clean-blocker.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 20:10:02 GMT
date: Mon, 05 Dec 2022 20:10:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto&display=swap
IP 142.250.74.74:0
GET /css2?family=Roboto&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://clean-blocker.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 20:10:02 GMT
date: Mon, 05 Dec 2022 20:10:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2