r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16860
Expires: Sun, 25 Sep 2022 00:57:49 GMT
Date: Sat, 24 Sep 2022 20:16:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
13.224.132.44200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 13.224.132.44:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 20:05:45 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f715245c12dc1f6bdadc387db50e442c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: roLcpqPHBzntBofe1xMsF1uqdRmfaA4bPKRIYTPCc0A9BYaZ4IqoYg==
Age: 664
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
13.224.132.85200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 13.224.132.85:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9fdd5bd72604beaad36fa6d3b5b0ff10.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C2
x-amz-cf-id: O5Vg4KeFN-LrsUhC7LlC4tJJJUrQ_H4SPcI9LUxUiAnVTVeaplM8Yw==
age: 57826
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 20:16:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
13.224.132.44200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 13.224.132.44:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Expires, Alert, Content-Length, ETag, Cache-Control, Content-Type, Backoff, Pragma, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 19:20:46 GMT
Expires: Sat, 24 Sep 2022 19:53:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c5e8408e2914e204df7d18fc961818b4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: URSgfzQN3onz8m5-fL4vkdXWCJX-wkkD1Y93S9zvdYLsygHFfebWUw==
Age: 3363
dt-secure.blogspot.com/2022/09/ddating.html?u=416&m=1&sm=1
142.250.74.161301 Moved Permanently 210 B URL HTTP/1.1 dt-secure.blogspot.com/2022/09/ddating.html?u=416&m=1&sm=1
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 70e5d5bec0909f0563708b7fd51ca214
e6a47e304d68c32f0c41b52cdcf1aba69fcd6ba6
c98f62b4538a25963b2b8d2ab667a7e66ca5236b7539d621686d44181511ffbf
GET /2022/09/ddating.html?u=416&m=1&sm=1 HTTP/1.1
Host: dt-secure.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://dt-secure.blogspot.com/2022/09/ddating.html?u=416&m=1&sm=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 20:16:49 GMT
Expires: Sat, 24 Sep 2022 20:16:49 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 210
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dde08ad6d0d33c288ad70cce74175fbb
de2d638241098268be6c8fc01b748fde38f1dd96
164fa18665323f6274da69ec244a59054ac277e17c5792a04eb2907758e0e586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5951
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:49 GMT
Last-Modified: Sat, 24 Sep 2022 18:37:38 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.20.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.20.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 22W5KjCgUorpaWfd3mhlTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wHwb1PZ3ZhrwkKf1ybAvOwLrKdc=
dt-secure.blogspot.com/2022/09/ddating.html?u=416&m=1&sm=1
142.250.74.161200 OK 19 kB URL HTTP/2 dt-secure.blogspot.com/2022/09/ddating.html?u=416&m=1&sm=1
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5019)
Hash 8272b025d9cc39319f3415dd6c94eda1
62ef47cb4369f8bb4ef2499085825c384f7d5533
077ae29df0ecd1b9872127fa0d26c6afb00949bef4a3af2d5a439c7b76e420dc
GET /2022/09/ddating.html?u=416&m=1&sm=1 HTTP/1.1
Host: dt-secure.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 20:16:50 GMT
date: Sat, 24 Sep 2022 20:16:50 GMT
cache-control: private, max-age=0
last-modified: Fri, 23 Sep 2022 04:19:47 GMT
etag: W/"e6f3a72fad792489ad2002260854c840cd0d9e9438dfc377ceb0e6c3a77f3adf"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19307
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dde08ad6d0d33c288ad70cce74175fbb
de2d638241098268be6c8fc01b748fde38f1dd96
164fa18665323f6274da69ec244a59054ac277e17c5792a04eb2907758e0e586
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ea3f3bb58b14438c21639501961cde52
0a73090c46552f227dac9d1e2d1bc0aad316e684
559a8c1211e1cba53b8a89f2a06e2b57567d391df434dd71970fb54d13061661
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "559A8C1211E1CBA53B8A89F2A06E2B57567D391DF434DD71970FB54D13061661"
Last-Modified: Sat, 24 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16862
Expires: Sun, 25 Sep 2022 00:57:52 GMT
Date: Sat, 24 Sep 2022 20:16:50 GMT
Connection: keep-alive
en.nudesprofile.com/go/images/18.png?1
104.21.24.96200 OK 68 kB URL HTTP/2 en.nudesprofile.com/go/images/18.png?1
IP 104.21.24.96:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 574x596, components 3\012- data
Hash 3cce4c1548c2bd071593beae4faf2f90
a8a5742e896e1efdb6f0e49b714cbce264a56d3c
a4f9016994379c332375c57137d95df64c1e1b7730727f05ee723af0fee6c750
GET /go/images/18.png?1 HTTP/1.1
Host: en.nudesprofile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dt-secure.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 20:16:50 GMT
content-type: image/png
content-length: 67531
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "693302d00090d69cac46f57efa98e601"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoVtDzI5d6FaR5S7BrEeyqpL8Nvsd%2FHtUL1e3yN2SlXuEX7IIG7Gp3CVyvX0z%2BKdWDSXibUy56P5bo4d82314cn1QzAfc08x8Ar2po8lR8aqJnkzVmr1JxOopsrf3gf4FYy14I%2BO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 4738
accept-ranges: bytes
server: cloudflare
cf-ray: 74fe333c7ad90b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cff4f56be1b217fd676fff4644d9673
5ba2a68749b8a9a9d8a3863b18e8f896400a7660
8984cd65d1108783e8a05574eafe5471cc98f807e314ef009d104b9739413946
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cff4f56be1b217fd676fff4644d9673
5ba2a68749b8a9a9d8a3863b18e8f896400a7660
8984cd65d1108783e8a05574eafe5471cc98f807e314ef009d104b9739413946
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 64b39684d4c80b63458f11ed8b8c5d17
6abc0bd0c0318d9e7a362eb3949bfe81a48c6343
c307464d222c4a9e1206586f0ebd7155de49baa84bbce8c8d0d4ce5e122cb076
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cff4f56be1b217fd676fff4644d9673
5ba2a68749b8a9a9d8a3863b18e8f896400a7660
8984cd65d1108783e8a05574eafe5471cc98f807e314ef009d104b9739413946
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ea3f3bb58b14438c21639501961cde52
0a73090c46552f227dac9d1e2d1bc0aad316e684
559a8c1211e1cba53b8a89f2a06e2b57567d391df434dd71970fb54d13061661
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "559A8C1211E1CBA53B8A89F2A06E2B57567D391DF434DD71970FB54D13061661"
Last-Modified: Sat, 24 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16862
Expires: Sun, 25 Sep 2022 00:57:52 GMT
Date: Sat, 24 Sep 2022 20:16:50 GMT
Connection: keep-alive
en.nudesprofile.com/goll/images/573158.jpg
104.21.24.96200 OK 68 kB URL HTTP/2 en.nudesprofile.com/goll/images/573158.jpg
IP 104.21.24.96:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2048x450, components 3\012- data
Hash 811418429e5977891d4bd283499ff80f
775d9529da34f2527df3aaba7ca66c321d65ac27
ac4e15fb7f24792e43c76913070226cc98be954ad3645e55728b763313689e5d
GET /goll/images/573158.jpg HTTP/1.1
Host: en.nudesprofile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://en.nudesprofile.com/goll/style.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 20:16:50 GMT
content-type: image/jpeg
content-length: 68040
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "593461ef9d1edde98cc2332b40af0430"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLxFvJy01Poy9oxxhr8FeucgfD6xKBAOLohMXSG3juPyFeRE1BVylPDikL469lmzVywUX%2FrD3qijEyHK1s%2Fc04Bd2izETaILp9SzCLiPkVpBld5bOdmacq66pKmRHSiPOjMvuzCm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 4738
accept-ranges: bytes
server: cloudflare
cf-ray: 74fe333cab0a0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
taplink.cc/s/i/themes/573158.jpg
104.26.11.77200 OK 68 kB URL HTTP/2 taplink.cc/s/i/themes/573158.jpg
IP 104.26.11.77:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2048x450, components 3\012- data
Hash 811418429e5977891d4bd283499ff80f
775d9529da34f2527df3aaba7ca66c321d65ac27
ac4e15fb7f24792e43c76913070226cc98be954ad3645e55728b763313689e5d
Analyzer Verdict Alert quad9 Sinkholed
GET /s/i/themes/573158.jpg HTTP/1.1
Host: taplink.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://en.nudesprofile.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 20:16:50 GMT
content-type: image/jpeg
content-length: 68040
access-control-allow-origin: *
cache-control: max-age=15724800
cf-bgj: h2pri
etag: "5fa5655d-109c8"
expires: Thu, 12 Jan 2023 16:29:22 GMT
last-modified: Fri, 06 Nov 2020 15:01:49 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 6234448
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FK721cfmGBbeZDeHImro8kJyUvqZRKMffngh%2F%2FqWFZWLoptuS%2BNdl9Rk%2BIUC2aFL0eHuskXyahJdEwQUcdKXNXX3NuudbYTw%2Bjh%2B%2F0wSDH%2BXtVvvsCQF8mtayfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fe333cdb890af6-OSL
X-Firefox-Spdy: h2
taplink.cc/s/fonts/icons.woff2?76
104.26.11.77200 OK 22 kB URL HTTP/2 taplink.cc/s/fonts/icons.woff2?76
IP 104.26.11.77:0
File type Web Open Font Format (Version 2), TrueType, length 21720, version 1.0\012- data
Hash bd774f9e6aa5272ea21964eb4b95e77b
9bb0a057fe9f2026c3e16b5ec9d82d573ab5d419
953a441f29a0ab42a9f80e8b85e6141d14750d246cb95d265f5c12db57e0610c
Analyzer Verdict Alert quad9 Sinkholed
GET /s/fonts/icons.woff2?76 HTTP/1.1
Host: taplink.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://en.nudesprofile.com/
Origin: https://dt-secure.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 20:16:50 GMT
content-type: font/woff2
content-length: 21720
last-modified: Tue, 23 Aug 2022 14:05:18 GMT
etag: "6304de9e-54d8"
expires: Fri, 24 Mar 2023 17:28:54 GMT
cache-control: max-age=15724800
access-control-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: unsafe-url
cf-cache-status: HIT
age: 96476
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npsERGUEWZ%2Bgflr4OYPRjk1Htjd4UWaxCQeJSw%2FctFPR%2FzJcID9S07pkDn83COyA%2FAYKI0GVUGtBYIT%2FUW7%2Fhuu2cBFeBdPVbBZt0sZJgGTOFH7oYB0Y7FkWnhI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fe333cefa80afe-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://en.nudesprofile.com/
Origin: https://dt-secure.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 356789
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
142.250.74.163200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://en.nudesprofile.com/
Origin: https://dt-secure.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:13:12 GMT
expires: Tue, 19 Sep 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 428618
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b767927ed1410fa49937e6ebcaa9b744
28f24585b328c7feee45d9a20e876574c73d50e4
c377a89c57e5f65571b921ed35a72e683dbea5b6b0791f0196f5875e4c5f057a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C377A89C57E5F65571B921ED35A72E683DBEA5B6B0791F0196F5875E4C5F057A"
Last-Modified: Thu, 22 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16848
Expires: Sun, 25 Sep 2022 00:57:38 GMT
Date: Sat, 24 Sep 2022 20:16:50 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
view.holabombon.xyz/god/?sm=1&u=416
172.67.146.175200 OK 1.9 kB URL HTTP/2 view.holabombon.xyz/god/?sm=1&u=416
IP 172.67.146.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 924448b4633dbf5a4cbf527d02494317
9d82de7ca2ecf7444c5a710ced1440cd13994e77
35e830ae79116ffd454962ac1ad4484af0adc92f6e40eaf175b4e882768d6be9
GET /god/?sm=1&u=416 HTTP/1.1
Host: view.holabombon.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dt-secure.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 20:16:50 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOLWLOpJ4G%2FsQZ1hq8xfLsGcXJKhEOZNSd6Yy42HjuhkQyOYqdME034efR%2F5YFC4ni0vUmB4CUwFYxCguVkUPf3NucYLobdouMTX2d%2FXLX0rOX1%2F6E9CGMQTgtFro1MBb9POkCCW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74fe333d5a6db4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
view.holabombon.xyz/god/images/18.png
172.67.146.175200 OK 68 kB URL HTTP/2 view.holabombon.xyz/god/images/18.png
IP 172.67.146.175:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 574x596, components 3\012- data
Hash 3cce4c1548c2bd071593beae4faf2f90
a8a5742e896e1efdb6f0e49b714cbce264a56d3c
a4f9016994379c332375c57137d95df64c1e1b7730727f05ee723af0fee6c750
GET /god/images/18.png HTTP/1.1
Host: view.holabombon.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://view.holabombon.xyz/god/?sm=1&u=416
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 20:16:50 GMT
content-type: image/png
content-length: 67531
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "693302d00090d69cac46f57efa98e601"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Stw2GEWIw61iknrz%2BEzPYLemmr00VZQDoY44uO7ufOASO%2FWzCgI5l5VeOCvS1KE6h9CdsIqotadi3EFtjCWHnnZX3fPSFr4scPavFIk6kfVijTR%2FHBcQI8wP7Gh9vc1mm0Je25KKNbYPRHbwxiwLzDJj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 7051
accept-ranges: bytes
server: cloudflare
cf-ray: 74fe333ddb1bb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 45a62344f4c3db55a587b7da0e98ac69
bb2173da308340bdba68c44ce7046547bf5db94b
b3c7cc52be96c077ddf430411c2aca76b64cd418901ac2a7df1eff75436831de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3C7CC52BE96C077DDF430411C2ACA76B64CD418901AC2A7DF1EFF75436831DE"
Last-Modified: Fri, 23 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16863
Expires: Sun, 25 Sep 2022 00:57:53 GMT
Date: Sat, 24 Sep 2022 20:16:50 GMT
Connection: keep-alive
smartd.ageverify.org/api/traffic?campaign_id=1&user_id=416&clicks=yes
164.68.119.83200 OK 18 B URL HTTP/1.1 smartd.ageverify.org/api/traffic?campaign_id=1&user_id=416&clicks=yes
IP 164.68.119.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5a3887c04ce2e93ffb0582c8c5632c57
d8e208005abda464c308de34e5e19912f2c1140c
f26d104374a5f241baf9fdcfaa9fde1feb4ae70f71b2225fc8c92a42bc7e8885
GET /api/traffic?campaign_id=1&user_id=416&clicks=yes HTTP/1.1
Host: smartd.ageverify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://view.holabombon.xyz/
Origin: https://view.holabombon.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Sat, 24 Sep 2022 20:16:51 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 59
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5966
Expires: Sat, 24 Sep 2022 21:56:17 GMT
Date: Sat, 24 Sep 2022 20:16:51 GMT
Connection: keep-alive
adultfun.ageverify.org/15GFa8?model=anna_carenina&uid=416&external_id=416
20.113.188.243302 Found 338 B URL HTTP/1.1 adultfun.ageverify.org/15GFa8?model=anna_carenina&uid=416&external_id=416
IP 20.113.188.243:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (338), with no line terminators
Hash a7445adc50bed4abe798cd358518c2ad
5cf436b04b2e3dcddcdc7f196be829ab9cf9b9d5
1aa311c8017eacdcbe99785a0616b966296ae00a7868088a2392b0929989c4b8
GET /15GFa8?model=anna_carenina&uid=416&external_id=416 HTTP/1.1
Host: adultfun.ageverify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.23.0
Date: Sat, 24 Sep 2022 20:16:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 338
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15GFa8o=20220924201664051265115; domain=.adultfun.ageverify.org; path=/;expires=Sun, 25 Sep 2022 20:16:51 GMT; httpOnly=true;
_pc_lc_id=15GFa8; domain=.adultfun.ageverify.org; path=/;expires=Sun, 25 Sep 2022 20:16:51 GMT; httpOnly=true;
direct=1; domain=adultfun.ageverify.org; path=/;expires=Sun, 25 Sep 2022 20:16:51 GMT; httpOnly=true;
pc_curr_path=1258840; domain=adultfun.ageverify.org; path=/;expires=Sun, 25 Sep 2022 20:16:51 GMT; httpOnly=true;
pc_path=1258840; domain=adultfun.ageverify.org; path=/;expires=Sun, 25 Sep 2022 20:16:51 GMT; httpOnly=true;
pc_off=252329; domain=adultfun.ageverify.org; path=/;expires=Sun, 25 Sep 2022 20:16:51 GMT; httpOnly=true;
peerclickcid=daeee5f6702c170c6a31967c8e851747-24518-0924; domain=.adultfun.ageverify.org; path=/;expires=Sun, 25 Sep 2022 20:16:51 GMT; httpOnly=true;
_norg=1; domain=.adultfun.ageverify.org; path=/;expires=Sun, 25 Sep 2022 20:16:51 GMT; httpOnly=true;
Location: https://cdsecurecloud-dt.com/smartlink/?a=166272&sm=21232&co=215835&mt=19&s3=416&s2=daeee5f6702c170c6a31967c8e851747-24518-0924
Vary: Accept
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5966
Expires: Sat, 24 Sep 2022 21:56:17 GMT
Date: Sat, 24 Sep 2022 20:16:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:27 GMT
age: 80904
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:58:23 GMT
age: 80308
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1087dcce202bbbc8c84196bd2050662
670d89082f8da643e1196b11fb64bf71707f0e8d
f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pVtBCTCGh0DCF_1Vf9qMWttoDUQO_xSCkpdis9Gu3o4_cVEqaHngVg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:30 GMT
age: 80901
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:26 GMT
age: 80905
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HfslSWhSAKRjZr-qqajVm6bKf9jGt2pXq8N8GlXgyTwRxWqw0y-CgA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 05:14:28 GMT
age: 54143
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
Hash 0a3bd26ef3cbadb69836a9c26830b246
61844dab4a1a3a10acb8a383e4b51bb7b1726fba
3aa8ad2a6c601f1a485a90292869f4e7b13d6b6be7715f4da2fc9714d24967f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N7TwxCLUL8qnvm3YuZ6CGyJquVerc266VvZ1g8j5RxGpQXoUJwhULg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:51:16 GMT
age: 80735
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
99.86.249.93200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 99.86.249.93:0
Hash 8943ce883fa4dd2de2c35449b2a7d78f
66efb97792e44621262291c4c99ece8f6e7316d4
8c0e0b822c20998fbffa1822e9769559844da50a93ec73b5ca998c3d5c32fdef
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 20:16:51 GMT
Last-Modified: Sat, 24 Sep 2022 19:20:28 GMT
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 f715245c12dc1f6bdadc387db50e442c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: iDIfB7QtfupYEhrddmSSfQlQIY88NPWQTlRBROxQp0TKvYigKfCUYA==
Age: 3383
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1c661f1ae9ff14ca038b32d7d094303c
c14fdfd50ffb31a5803f4d49e1ca9f5d63c8693b
d82104b62bcf0703c1b7feb9c2a8fba6c04bb0708f90d6f4c39b7bdcf05e0972
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D82104B62BCF0703C1B7FEB9C2A8FBA6C04BB0708F90D6F4C39B7BDCF05E0972"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=34
Expires: Sat, 24 Sep 2022 20:17:25 GMT
Date: Sat, 24 Sep 2022 20:16:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1c661f1ae9ff14ca038b32d7d094303c
c14fdfd50ffb31a5803f4d49e1ca9f5d63c8693b
d82104b62bcf0703c1b7feb9c2a8fba6c04bb0708f90d6f4c39b7bdcf05e0972
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D82104B62BCF0703C1B7FEB9C2A8FBA6C04BB0708F90D6F4C39B7BDCF05E0972"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=34
Expires: Sat, 24 Sep 2022 20:17:25 GMT
Date: Sat, 24 Sep 2022 20:16:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1c661f1ae9ff14ca038b32d7d094303c
c14fdfd50ffb31a5803f4d49e1ca9f5d63c8693b
d82104b62bcf0703c1b7feb9c2a8fba6c04bb0708f90d6f4c39b7bdcf05e0972
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D82104B62BCF0703C1B7FEB9C2A8FBA6C04BB0708F90D6F4C39B7BDCF05E0972"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=33
Expires: Sat, 24 Sep 2022 20:17:25 GMT
Date: Sat, 24 Sep 2022 20:16:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.smrt-assets.com/assets/1144/css/main.css
23.36.76.163200 OK 2.1 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1144/css/main.css
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 977c6a0b5a9ea85f1861a0e9089a05c1
6a8155cda967fda2a16fc759deca252634aa0c78
2c1a4fed0126274ac848bade732edac2023c6389486e5c02cdc0be77548cd093
GET /assets/1144/css/main.css HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Tue, 02 Feb 2021 11:39:55 GMT
ETag: "fb41dc3d2a4826c0dd868c64bae7c77c"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: 6T72l0QFrSOjNpG37gHCrWR4JlltkKRjMcmj4QL5H4DRr0wvRi4Ylg==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 20:16:52 GMT
Content-Length: 2061
Connection: keep-alive
cdn.smrt-assets.com/prod/push-subscriber.js
23.36.76.163200 OK 4.4 kB URL HTTP/1.1 cdn.smrt-assets.com/prod/push-subscriber.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
Hash d87a44d0aa0b54e75b2eb54c76bcf152
f765110fd22c73d181d9a2ea1b20de424b3d9e35
6ec5fc6e201f4cf0ba2754f2510363cad0ea29076f9775cc25a06ff71763c0f7
GET /prod/push-subscriber.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 29 Mar 2022 15:19:51 GMT
ETag: "6b5bccad39f7057909ad0660f33cc2fa"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: 35kqMJuJ1u5RjAKtxbnFwd5U4zZZCXGXjyOLiAvqNh6C3w79fp8VLA==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 20:16:52 GMT
Content-Length: 4395
Connection: keep-alive
cdn.smrt-assets.com/assets/1144/js/jquery.min.js
23.36.76.163200 OK 30 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1144/js/jquery.min.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (32065)
Hash 2fa28552f1ee4e1382ee43930b53afb8
803670da6a35378bf4eb73acc8e72fe4feb5ca30
ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
GET /assets/1144/js/jquery.min.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Last-Modified: Tue, 02 Feb 2021 11:29:28 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: rNAVYdmHMAMpMHYv4HPJBhrAtesAUrOBckV9PxD5uVlG8zkUkRY0ng==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 20:16:52 GMT
Content-Length: 29855
Connection: keep-alive
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
142.250.74.163200 OK 8.6 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (25088)
Hash 73069e532b7039778d3a7128c997c61a
c523bbf1ac7f4e612c8ade75434c42fbca885adc
b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 20:25:09 GMT
expires: Sat, 23 Sep 2023 20:25:09 GMT
cache-control: public, max-age=31536000
age: 85903
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.smrt-assets.com/prod/push-lang-config.js
23.36.76.163200 OK 2.4 kB URL HTTP/1.1 cdn.smrt-assets.com/prod/push-lang-config.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (7658), with no line terminators
Hash 86caa25373c28e4a962df5e15f4c160f
7a992cdd21a4074c155ccc7016e7cf836a66dd85
fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11
GET /prod/push-lang-config.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT
ETag: "7152525f63649929a736f6efb78b58a5"
x-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: PlzHg_kpLQKC63Gp9E61K1OBX5ibTIl975NYZyc2dmovD1t05XIN0Q==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 20:16:52 GMT
Content-Length: 2366
Connection: keep-alive
cdn.smrt-assets.com/assets/1387/js/backoffer.js
23.36.76.163200 OK 660 B URL HTTP/1.1 cdn.smrt-assets.com/assets/1387/js/backoffer.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash e7e1dc07852a36f89e4be03aa3787316
0dc3f8e7eb943af093cf8f4600fcf0e421891025
33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388
GET /assets/1387/js/backoffer.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 660
Last-Modified: Thu, 06 May 2021 12:38:04 GMT
ETag: "e7e1dc07852a36f89e4be03aa3787316"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P2
X-Amz-Cf-Id: wMlw0DS_2cpDlmt-hXkUlzPF3cZyUBp0ipiQ_g-kkKca6KpQvvKboA==
Date: Sat, 24 Sep 2022 20:16:52 GMT
Connection: keep-alive
cdn.smrt-assets.com/assets/1144/js/translatesrules.js
23.36.76.163200 OK 9.7 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1144/js/translatesrules.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
Hash f09a391ba297c3912759882db1a9e38a
a7866e21b4febbf58a635613ec30608a9dfda386
2a734d2af14f59cdad75b60742d94cef667bb3271d2a8a2557be99796a840d3e
GET /assets/1144/js/translatesrules.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Last-Modified: Tue, 02 Feb 2021 11:29:28 GMT
ETag: "f889c7341bca7408551f0da6879237a9"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: o0JI-D14FY46mUFaOurcdIXuAiNK9FRy0hlR2hHzIjPPV_ulUFWuSA==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 20:16:52 GMT
Content-Length: 9749
Connection: keep-alive
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
142.250.74.163200 OK 10 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (35547)
Hash fa9987a23f5a9d865766e952511baa30
f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 18:29:50 GMT
expires: Tue, 19 Sep 2023 18:29:50 GMT
cache-control: public, max-age=31536000
age: 438422
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
IP 142.250.74.10:0
Hash 068f258e22f15f394ce9cd5d02555d90
ce91c3bfdd02ea34f52208583eba147641173e44
2f82a43eddc76e21fa90ec6568d59d2dac21506b19ce4fe84e92e7fa9b18afcb
GET /css?family=Montserrat:400,500,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.smrt-assets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 20:16:52 GMT
date: Sat, 24 Sep 2022 20:16:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.smrt-assets.com/assets/1144/images/17477724.png
23.36.76.163200 OK 127 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1144/images/17477724.png
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type PNG image data, 540 x 614, 8-bit colormap, non-interlaced\012- data
Size 127 kB (127399 bytes)
Hash 48b5cf504b501519436d17763f4b52bd
b3fe5b65f350ad10b103a0cbbc4e79952358803d
3def9cfd1107dc28c620d5442e44474e820f91e99011e3d9eebc5572f653b509
GET /assets/1144/images/17477724.png HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.smrt-assets.com/assets/1144/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 127399
Last-Modified: Tue, 02 Feb 2021 11:30:11 GMT
ETag: "48b5cf504b501519436d17763f4b52bd"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: oY9muSQRdUKiS1F6QjLdA1C6zzPiT-jc42BDhY7vd-qOiB1Nizbi5A==
Date: Sat, 24 Sep 2022 20:16:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 58b52380a6b5c598d1ad88e8da148137
a56206a0277aea6e8e2f7629793aba713d8edd0c
561a57c27dfa1f8651a89292428576b626e8700b9cd6b8173a0ce121aa8f9f4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX
142.250.74.72200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 1866415cd2d8f02642e9df233ed4b9bd
e3c830c96fe16713ff8ac0b3084f5aad42df6030
6729dd892d34cd3e2440fbfda4b10d9ececd6a3aa958a170cfcd124eb1d9688f
GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 20:16:52 GMT
expires: Sat, 24 Sep 2022 20:16:52 GMT
cache-control: private, max-age=900
last-modified: Sat, 24 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45796
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cdsecurecloud-dt.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:40:18 GMT
expires: Fri, 22 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 185794
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}
136.243.43.25200 OK 35 B URL HTTP/2 tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}
IP 136.243.43.25:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead} HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 20:16:52 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 826387b315f10769
set-cookie: ts_rt_3f949dfe-3372-4caa-baf0-047f88323cfa=ANmUCUOmR4kbQgQSPEjEBJwwZ8rYSVPmThmDCB9GnFixDMOA; expires=Sun, 24 Sep 2023 20:16:52 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
99.86.249.93200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 99.86.249.93:0
Hash 72ebb9bbf0f20aa154eb008e6434b33f
8ed1758c2fcfc82de2de9281c4c7e2f77910fe26
9d9abcb59d6ded3a6441b2a602bc89421b3516d06e77b820911f02c1c60a2a3b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 20:16:52 GMT
Last-Modified: Sat, 24 Sep 2022 18:48:54 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 f715245c12dc1f6bdadc387db50e442c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: lBS7arazUTrnB2AncHpHFcmRNYaDeHhsbe-6hlH8suNYjENk3kY8Mg==
Age: 5278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f81d321c15c87e7147d792d08ebb7513
47f30d4ca38e6753a393965219321b0394ebb597
390ae5f5435d3f8c8b7f1fa8d7e2a3ebf55ea5dbe98aa3528dd562df4c295753
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.smrt-content.com/prod/push-utils.js
23.36.76.130200 OK 3.6 kB URL HTTP/1.1 cdn.smrt-content.com/prod/push-utils.js
IP 23.36.76.130:0
ASN #20940 Akamai International B.V.
File type C source, ASCII text, with very long lines (1971)
Hash 66b8348a97eaecf14cc35f1326f1cf1a
0c0c17bebbd46240c30a6b1ed85ccfd3b6053bba
7b5ba9e8001cd959f85c8c76eccaf60588909154bac817afb232d7d4a98d2696
GET /prod/push-utils.js HTTP/1.1
Host: cdn.smrt-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT
ETag: "a288177a606a9686132970835b3e572c"
x-amz-meta-s3cmd-attrs: atime:1644921893/ctime:1644921893/gid:20/gname:staff/md5:a288177a606a9686132970835b3e572c/mode:33188/mtime:1644921893/uid:501/uname:nimspy
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: TmcfYbpq_e2BMUO-lKBbDZjl7EL4esTxnvZXoiV60ZaJrHN5wRZ8ig==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 20:16:52 GMT
Content-Length: 3647
Connection: keep-alive
cdn.smrt-assets.com/assets/1373/other/favicon.ico
23.36.76.163200 OK 1.2 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1373/other/favicon.ico
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 38722a803b73dd1871a3d8a19db44d2f
3379960a2c6611bfefcb39e662198d6df322e12d
314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
GET /assets/1373/other/favicon.ico HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Wed, 28 Apr 2021 11:28:55 GMT
ETag: "38722a803b73dd1871a3d8a19db44d2f"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: IAD66-C1
X-Amz-Cf-Id: JbGE-qPp-rz1sjNie-YOUT5WYN1nceHRFWqeEDCyU1T8VI4fT_WTxA==
Date: Sat, 24 Sep 2022 20:16:52 GMT
Connection: keep-alive
static.trafficjunky.com/js/mp.min.js
205.185.208.79200 OK 3.6 kB URL HTTP/2 static.trafficjunky.com/js/mp.min.js
IP 205.185.208.79:0
File type ASCII text, with very long lines (10690), with no line terminators
Hash 044c370813dc1ea880f32a5be81384e7
53b0733cfc26f2bc7e83d1da0c087d5513fcf548
2acb7fa7d04e9c94971b02b9f67140f2bcc9fb51ee361096c735e7f81518c94c
GET /js/mp.min.js HTTP/1.1
Host: static.trafficjunky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 20:16:52 GMT
etag: "1652721327"
cache-control: max-age=31536000
content-encoding: gzip
content-length: 3628
content-type: application/javascript
last-modified: Mon, 16 May 2022 17:15:27 GMT
accept-ranges: bytes
x-hw: 1664050612.dop013.sk1.t,1664050612.cds261.sk1.hn,1664050612.cds003.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 24 Sep 2022 18:41:09 GMT
expires: Sat, 24 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 5743
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
99.86.249.93200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 99.86.249.93:0
Hash c8d21685668d697aefd2f960f35fcab4
e3b05bf20a8afd8d8f653bd41355e907dcf929bb
2eb09ae6e7f93aaa597c046ee381199ac78877c76bc5b0e263c789c7be2745a7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 20:16:52 GMT
Last-Modified: Sat, 24 Sep 2022 18:38:08 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 f715245c12dc1f6bdadc387db50e442c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR3-C2
X-Amz-Cf-Id: 8LrPlaBYJGoLl3TyDjreRUToYtD49OumkX-cOrFmeq3gWA6v6G3kog==
Age: 5924
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash adda021dbebf2fd9a7c04255f531295c
e2f4f37927ea85830664bba8c026659a63591c30
daa953f9a7c6ce81267afb9e90aebe445371d0fef6a7a6b27f788255bdeaf6eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:52 GMT
Last-Modified: Sat, 24 Sep 2022 18:31:09 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 312
guard.cdtbox.rocks/color?x=1&forScheme=aHR0cHM6Ly9jZHNlY3VyZWNsb3VkLWR0LmNvbS9zbWFydGxpbmsvP2E9MTY2MjcyJnNtPTIxMjMyJmNvPTIxNTgzNSZtdD0xOSZzMz00MTYmczI9ZGFlZWU1ZjY3MDJjMTcwYzZhMzE5NjdjOGU4NTE3NDctMjQ1MTgtMDkyNA==
34.193.131.238204 No Content 0 B URL HTTP/2 guard.cdtbox.rocks/color?x=1&forScheme=aHR0cHM6Ly9jZHNlY3VyZWNsb3VkLWR0LmNvbS9zbWFydGxpbmsvP2E9MTY2MjcyJnNtPTIxMjMyJmNvPTIxNTgzNSZtdD0xOSZzMz00MTYmczI9ZGFlZWU1ZjY3MDJjMTcwYzZhMzE5NjdjOGU4NTE3NDctMjQ1MTgtMDkyNA==
IP 34.193.131.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /color?x=1&forScheme=aHR0cHM6Ly9jZHNlY3VyZWNsb3VkLWR0LmNvbS9zbWFydGxpbmsvP2E9MTY2MjcyJnNtPTIxMjMyJmNvPTIxNTgzNSZtdD0xOSZzMz00MTYmczI9ZGFlZWU1ZjY3MDJjMTcwYzZhMzE5NjdjOGU4NTE3NDctMjQ1MTgtMDkyNA== HTTP/1.1
Host: guard.cdtbox.rocks
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdsecurecloud-dt.com
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 24 Sep 2022 20:16:52 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ctrack.trafficjunky.net/ctrack?action=list&type=add&id=0&context=dating&cookiename=date1&maxcookiecount=52000
66.254.114.89200 OK 35 B URL HTTP/1.1 ctrack.trafficjunky.net/ctrack?action=list&type=add&id=0&context=dating&cookiename=date1&maxcookiecount=52000
IP 66.254.114.89:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /ctrack?action=list&type=add&id=0&context=dating&cookiename=date1&maxcookiecount=52000 HTTP/1.1
Host: ctrack.trafficjunky.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty
date: Sat, 24 Sep 2022 20:16:52 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=03e5610b977c4b8ba2f44366780e17bc; Path=/; Domain=trafficjunky.net; Expires=Mon, 24 Oct 2022 20:16:52 GMT; Secure; SameSite=None
tj_UUID_v2=03e5610b-977c-4b8b-a2f4-4366780e17bc; Path=/; Domain=trafficjunky.net; Expires=Mon, 24 Oct 2022 20:16:52 GMT; Secure; SameSite=None
82d79cf1ec688fdab74622b4b7a369a7=0; Path=/; Domain=trafficjunky.net; Expires=Mon, 02 Aug 2032 20:16:52 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
x-request-id: 632F65B4-42FE725901BBB308-18BB0677
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-179148962-2&cid=669105705.1664050611&jid=277544536&gjid=1515014217&_gid=368821004.1664050611&_u=YADAAEAAAAAAAC~&z=625161245
64.233.162.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-179148962-2&cid=669105705.1664050611&jid=277544536&gjid=1515014217&_gid=368821004.1664050611&_u=YADAAEAAAAAAAC~&z=625161245
IP 64.233.162.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-179148962-2&cid=669105705.1664050611&jid=277544536&gjid=1515014217&_gid=368821004.1664050611&_u=YADAAEAAAAAAAC~&z=625161245 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cdsecurecloud-dt.com
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://cdsecurecloud-dt.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 24 Sep 2022 20:16:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd8e3570655a88b47a20fb93af0fc0c5
6ebbd655af47cbe0788f5ea6a7d9cd457bda2f33
12bc57afd44ddf43fc3802ecc23e743660b146acff0958093fcea30e96b02f6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRPS8FB>m=2oe9l0&_p=527267301&cid=669105705.1664050611&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664050611&sct=1&seg=0&dl=https%3A%2F%2Fcdsecurecloud-dt.com%2Fsmartlink%2F%3Fa%3D166272%26sm%3D21232%26co%3D215835%26mt%3D19%26s3%3D416%26s2%3Ddaeee5f6702c170c6a31967c8e851747-24518-0924&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRPS8FB>m=2oe9l0&_p=527267301&cid=669105705.1664050611&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664050611&sct=1&seg=0&dl=https%3A%2F%2Fcdsecurecloud-dt.com%2Fsmartlink%2F%3Fa%3D166272%26sm%3D21232%26co%3D215835%26mt%3D19%26s3%3D416%26s2%3Ddaeee5f6702c170c6a31967c8e851747-24518-0924&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-C3EPRPS8FB>m=2oe9l0&_p=527267301&cid=669105705.1664050611&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664050611&sct=1&seg=0&dl=https%3A%2F%2Fcdsecurecloud-dt.com%2Fsmartlink%2F%3Fa%3D166272%26sm%3D21232%26co%3D215835%26mt%3D19%26s3%3D416%26s2%3Ddaeee5f6702c170c6a31967c8e851747-24518-0924&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cdsecurecloud-dt.com
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cdsecurecloud-dt.com
date: Sat, 24 Sep 2022 20:16:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 20:16:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
142.250.74.163200 OK 8.6 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (25088)
Hash 73069e532b7039778d3a7128c997c61a
c523bbf1ac7f4e612c8ade75434c42fbca885adc
b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 20:25:09 GMT
expires: Sat, 23 Sep 2023 20:25:09 GMT
cache-control: public, max-age=31536000
age: 85905
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdsecurecloud-dt.com/service-worker.js
54.154.242.215200 OK 16 kB URL HTTP/2 cdsecurecloud-dt.com/service-worker.js
IP 54.154.242.215:0
File type Java source, ASCII text, with very long lines (35547)
Hash 3b7d54e2fcb76988b7391e08b3bef8da
381cc5a39449508e4e384c96507d73e3a256e634
cebab1ffaa9a0baafe842cdb6cd171cb91aa6e4ab85e5e537321862de7abab89
Analyzer Verdict Alert fortinet Malware
GET /service-worker.js HTTP/1.1
Host: cdsecurecloud-dt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5cp3rcqfIzzVRIErN6Uvgus=; gdm_visit_freq_v2_1_001=q5Mb5aCYwpqN/hizNLtIbvfQDZ52WoCSZJ2sWjoZVQ8rtcO8p7m03mJ1YgNphV7R; gdm_uid_v2_1_001=OEn12CGo85p1FgBFRlIW0j8Cdx+Og1SWzw69VZ8UyR+aT9JNKeCY/b+9CxPbA9ux; v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5cp3rcqfIzzVRIErN6Uvgus=; gdm_visit_freq_v1_1_001=q5Mb5aCYwpqN/hizNLtIbvfQDZ52WoCSZJ2sWjoZVQ8rtcO8p7m03mJ1YgNphV7R; gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; gdm_uid_v1_1_001=OEn12CGo85p1FgBFRlIW0j8Cdx+Og1SWzw69VZ8UyR+aT9JNKeCY/b+9CxPbA9ux; _ga_C3EPRPS8FB=GS1.1.1664050611.1.0.1664050611.0.0.0; _ga=GA1.2.669105705.1664050611; mp_u=1289476200.4093834639.1664050611.1664050611.1664050611.1664050611.1; _gid=GA1.2.368821004.1664050611; _gat_UA-179148962-2=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Cache-Control: max-age=0
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 20:16:53 GMT
content-type: text/javascript;charset=utf-8
server: nginx
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin: *, *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a4b36e1bf29c9c82f069cdd3c50874c
d2180d40ceb16924a87a41aad90dedb0bb912085
aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:25 GMT
age: 80373
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
en.nudesprofile.com/goll/style.css
104.21.24.96200 OK 0 B URL HTTP/2 en.nudesprofile.com/goll/style.css
IP 104.21.24.96:0
GET /goll/style.css HTTP/1.1
Host: en.nudesprofile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dt-secure.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 20:16:50 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-bgj: minify
cf-polished: origSize=22236
etag: W/"d32d7965ad66ac0af0c727b287cfd91f"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVjIT4smEiLQkjjeeMQoL5rASCZpuku2Bzeejdf6AwEmBnjWKE%2BBzMFwy7HSbRUThfshnI6Ikio67gMG%2FlhlXa6lgnIQkVI5mv44TdrhP1Ph4Dn0tR%2Fx1%2FLALIET0vogV4taqucs"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4738
server: cloudflare
cf-ray: 74fe333c7ad80b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdsecurecloud-dt.com/smartlink/?a=166272&sm=21232&co=215835&mt=19&s3=416&s2=daeee5f6702c170c6a31967c8e851747-24518-0924
54.154.242.215200 OK 0 B URL HTTP/2 cdsecurecloud-dt.com/smartlink/?a=166272&sm=21232&co=215835&mt=19&s3=416&s2=daeee5f6702c170c6a31967c8e851747-24518-0924
IP 54.154.242.215:0
GET /smartlink/?a=166272&sm=21232&co=215835&mt=19&s3=416&s2=daeee5f6702c170c6a31967c8e851747-24518-0924 HTTP/1.1
Host: cdsecurecloud-dt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 20:16:51 GMT
content-type: text/html;charset=utf-8
server: nginx
vary: Accept-Encoding, Accept-Encoding
set-cookie: gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.cdsecurecloud-dt.com; Expires=Fri, 23-Dec-2022 20:16:50 GMT; Path=/; Secure; SameSite=None
v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5cp3rcqfIzzVRIErN6Uvgus=; Domain=.cdsecurecloud-dt.com; Expires=Fri, 23-Dec-2022 20:16:50 GMT; Path=/; Secure; SameSite=None
gdm_visit_freq_v2_1_001=q5Mb5aCYwpqN/hizNLtIbvfQDZ52WoCSZJ2sWjoZVQ8rtcO8p7m03mJ1YgNphV7R; Domain=.cdsecurecloud-dt.com; Expires=Fri, 23-Dec-2022 20:16:50 GMT; Path=/; Secure; SameSite=None
gdm_uid_v2_1_001=OEn12CGo85p1FgBFRlIW0j8Cdx+Og1SWzw69VZ8UyR+aT9JNKeCY/b+9CxPbA9ux; Domain=.cdsecurecloud-dt.com; Expires=Fri, 23-Dec-2022 20:16:50 GMT; Path=/; Secure; SameSite=None
v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5cp3rcqfIzzVRIErN6Uvgus=; Domain=.cdsecurecloud-dt.com; Expires=Fri, 23-Dec-2022 20:16:51 GMT; Path=/
gdm_visit_freq_v1_1_001=q5Mb5aCYwpqN/hizNLtIbvfQDZ52WoCSZJ2sWjoZVQ8rtcO8p7m03mJ1YgNphV7R; Domain=.cdsecurecloud-dt.com; Expires=Fri, 23-Dec-2022 20:16:50 GMT; Path=/
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.cdsecurecloud-dt.com; Expires=Fri, 23-Dec-2022 20:16:50 GMT; Path=/
gdm_uid_v1_1_001=OEn12CGo85p1FgBFRlIW0j8Cdx+Og1SWzw69VZ8UyR+aT9JNKeCY/b+9CxPbA9ux; Domain=.cdsecurecloud-dt.com; Expires=Fri, 23-Dec-2022 20:16:51 GMT; Path=/
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding: gzip
X-Firefox-Spdy: h2
cdsecurecloud-dt.com/service-worker.js
54.154.242.215200 OK 0 B URL HTTP/2 cdsecurecloud-dt.com/service-worker.js
IP 54.154.242.215:0
Analyzer Verdict Alert fortinet Malware
GET /service-worker.js HTTP/1.1
Host: cdsecurecloud-dt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5cp3rcqfIzzVRIErN6Uvgus=; gdm_visit_freq_v2_1_001=q5Mb5aCYwpqN/hizNLtIbvfQDZ52WoCSZJ2sWjoZVQ8rtcO8p7m03mJ1YgNphV7R; gdm_uid_v2_1_001=OEn12CGo85p1FgBFRlIW0j8Cdx+Og1SWzw69VZ8UyR+aT9JNKeCY/b+9CxPbA9ux; v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5cp3rcqfIzzVRIErN6Uvgus=; gdm_visit_freq_v1_1_001=q5Mb5aCYwpqN/hizNLtIbvfQDZ52WoCSZJ2sWjoZVQ8rtcO8p7m03mJ1YgNphV7R; gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; gdm_uid_v1_1_001=OEn12CGo85p1FgBFRlIW0j8Cdx+Og1SWzw69VZ8UyR+aT9JNKeCY/b+9CxPbA9ux
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 20:16:52 GMT
content-type: text/javascript;charset=utf-8
server: nginx
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin: *, *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding: gzip
X-Firefox-Spdy: h2
statisticresearch.com/user-segments/?pid=TH
3.212.86.82200 OK 0 B URL HTTP/2 statisticresearch.com/user-segments/?pid=TH
IP 3.212.86.82:0
GET /user-segments/?pid=TH HTTP/1.1
Host: statisticresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdsecurecloud-dt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 20:16:52 GMT
server: nginx
X-Firefox-Spdy: h2