Overview

URL fs2.softwaredownloadupdates.com/osp9/4215837-aida64extreme170.zip
IP64.225.91.73
ASNDIGITALOCEAN-ASN
Location United States
Report completed2022-10-04 01:21:06 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 fs2.softwaredownloadupdates.com/osp9/4215837-aida64extreme170.zip Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (24)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS example.org (1) 2333 2012-08-07 17:20:46 UTC 2022-10-03 10:14:43 UTC 93.184.216.34
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.110
mnemonic passive DNS getpocket.cdn.mozilla.net (1) 1369 2017-08-31 07:41:15 UTC 2022-10-03 13:35:17 UTC 34.120.5.221
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-10-03 09:28:27 UTC 104.17.24.14
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-03 14:02:45 UTC 34.120.237.76
mnemonic passive DNS ww2.softwaredownloadupdates.com (4) 0 2022-06-26 00:34:41 UTC 2022-06-26 11:11:32 UTC 64.190.63.136 Unknown ranking
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-10-03 19:40:13 UTC 172.217.21.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS flirtyhoookup.com (1) 0 2020-03-26 11:26:33 UTC 2022-10-03 02:13:55 UTC 104.21.52.165 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239
mnemonic passive DNS e1.o.lencr.org (1) 6159 2021-08-20 07:36:30 UTC 2022-10-03 09:30:40 UTC 23.36.77.32
mnemonic passive DNS domaincntrol.com (1) 274993 2018-01-06 22:46:59 UTC 2022-10-03 16:28:34 UTC 172.67.68.176
mnemonic passive DNS q3.quotes.com (2) 0 2022-09-22 21:17:58 UTC 2022-10-02 17:01:40 UTC 178.162.151.164 Domain (quotes.com) ranked at: 251442
mnemonic passive DNS fs2.softwaredownloadupdates.com (2) 0 2013-12-28 09:11:09 UTC 2022-10-04 01:20:11 UTC 64.225.91.73 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-03 20:32:42 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 52.41.252.32
mnemonic passive DNS img.sedoparking.com (1) 54200 2013-04-22 22:23:29 UTC 2022-10-03 17:23:46 UTC 205.234.175.175
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-03 17:32:53 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-03 17:23:50 UTC 143.204.55.35
mnemonic passive DNS xml.sedodna.com (1) 278378 2020-10-22 08:18:03 UTC 2022-10-03 21:54:40 UTC 173.239.53.32
mnemonic passive DNS irene-eux.com (2) 0 2022-09-21 16:06:22 UTC 2022-10-03 16:27:20 UTC 35.174.150.83 Unknown ranking
mnemonic passive DNS cartining-specute.com (1) 0 2021-01-31 23:37:43 UTC 2022-10-03 02:13:55 UTC 18.197.36.77 Unknown ranking
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-10-03 09:28:27 UTC 69.16.175.42
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 64.225.91.73

Date UQ / IDS / BL URL IP
2022-12-05 08:59:45 +0000
0 - 0 - 4 proudmuslim.tech/ 64.225.91.73
2022-12-05 05:18:31 +0000
0 - 0 - 7 mkkuei4kdsz.com/234/810.html 64.225.91.73
2022-12-05 04:30:30 +0000
0 - 0 - 7 mkkuei4kdsz.com/454/514.html 64.225.91.73
2022-12-05 04:29:58 +0000
0 - 0 - 10 mkkuei4kdsz.com/49/131.html 64.225.91.73
2022-12-05 01:52:56 +0000
0 - 0 - 8 mkkuei4kdsz.com/656/534.html 64.225.91.73

Last 5 reports on ASN: DIGITALOCEAN-ASN

Date UQ / IDS / BL URL IP
2022-12-05 10:53:21 +0000
41 - 0 - 0 oa-encrypt.com/84ac7bf0355aa0a3f5c8d1ec029614 (...) 137.184.88.165
2022-12-05 10:49:46 +0000
0 - 0 - 63 great-garagedoors.com/ 167.172.112.216
2022-12-05 10:47:22 +0000
4 - 0 - 0 boost-android.club/v5.php 167.71.34.115
2022-12-05 10:38:30 +0000
41 - 0 - 0 oa-encrypt.com/aeecd8410d74538042bfb1806765f7 (...) 137.184.88.165
2022-12-05 10:38:27 +0000
41 - 0 - 0 oa-encrypt.com/dc8f2054878f7add55a13e7f49adff (...) 137.184.88.165

Last 5 reports on domain: softwaredownloadupdates.com

Date UQ / IDS / BL URL IP
2022-11-30 18:21:18 +0000
0 - 0 - 2 fs2.softwaredownloadupdates.com/ou1/may2011/r (...) 64.225.91.73
2022-11-29 02:06:48 +0000
0 - 0 - 2 fs2.softwaredownloadupdates.com/ou1/May2011/R (...) 64.225.91.73
2022-10-27 03:37:26 +0000
0 - 0 - 1 fs2.softwaredownloadupdates.com/o1/909559-tbi (...) 64.225.91.73
2022-10-05 20:14:05 +0000
0 - 0 - 1 fs2.softwaredownloadupdates.com/osp9/4215837- (...) 64.225.91.73
2022-10-04 01:21:06 +0000
0 - 0 - 1 fs2.softwaredownloadupdates.com/osp9/4215837- (...) 64.225.91.73

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-04 22:23:11 +0000
0 - 0 - 1 wqwqw.782ab.wq.wy5532.com/ 172.93.103.100
2022-11-30 19:34:41 +0000
0 - 0 - 1 iuyuy.50812.pt.wy5532.com/ 199.115.115.118
2022-11-29 17:37:41 +0000
0 - 0 - 1 edcvr9641.rh.wy5532.com/ 185.107.56.200
2022-11-27 14:03:02 +0000
0 - 0 - 1 lepeffee.wy5532.com/ 81.171.22.7
2022-11-26 11:02:48 +0000
0 - 0 - 1 khjghg.202b5.lj.wy5532.com/ 207.244.67.218


JavaScript

Executed Scripts (11)


Executed Evals (19)

#1 JavaScript::Eval (size: 36, repeated: 1) - SHA256: 01c41e932bc9a6e9718861f97ad6fdb35bd4f2b699d11c479abb9788c1d52958

                                        Boolean(document.hasStorageAccess())
                                    

#2 JavaScript::Eval (size: 28, repeated: 1) - SHA256: a4f48a08d01416c2784a28ba62c656e9e732761d75534f41f69892d61280fc6a

                                        Boolean(crypto.randomUUID())
                                    

#3 JavaScript::Eval (size: 42, repeated: 1) - SHA256: 420ef951a9f49fcb514fde5a2d4bd07a98cf609fba23fcdc2fc660cb2cb10524

                                        CSSCounterStyleRule.negative === undefined
                                    

#4 JavaScript::Eval (size: 142, repeated: 1) - SHA256: 7c22b44f3ca365ec28b11ce4432231eea6de7569658bded3ac6c7b8644c51fd2

                                        let canvas2 = document.getElementById('__fhMyCanvas2');
let gl2 = canvas2.getContext('webgl');
gl2.getExtension('WEBGL_draw_buffers') !== null
                                    

#5 JavaScript::Eval (size: 92, repeated: 1) - SHA256: acb4db590b2797dcc50197ea1bad6bdfa76883bff09fd8ea23f0f21ae1fa0b60

                                        window.getComputedStyle(document.getElementById('__fhTestBlock')).color === 'rgb(255, 0, 0)'
                                    

#6 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 2d6f98223aee606d4b6ff2b57a1c847225406aa1380becd205bb685b3adf5871

                                        'aspect-ratio' in document.body.style
                                    

#7 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 92a69774ed25091a7d27f3692984ca2cf78cea3e730543b9d3a867ca3701fc5d

                                        'accent-color' in document.body.style
                                    

#8 JavaScript::Eval (size: 67, repeated: 1) - SHA256: 361a831d09ef76b907d6a416524915baec50c238905852e548fe0f2221a4620a

                                        typeof document.getElementById('__fhMyDialog').close === 'function'
                                    

#9 JavaScript::Eval (size: 90, repeated: 1) - SHA256: 6c62e1035d91781258fef8d30617f55b5692ba56617087082c68069ddd95b168

                                        window.getComputedStyle(document.getElementById('__fhTestBlock2')).flexBasis === 'content'
                                    

#10 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 2daeb3ad53fdaffdb2055a20bab28c77ea1cc1111862db83ac5e074d63a3e381

                                        Boolean(structuredClone)
                                    

#11 JavaScript::Eval (size: 33, repeated: 1) - SHA256: f543f9b1beb8bb051d13da0f873ab6801661e63d8b16b88b1af69ff098fb07c6

                                        'tab-size' in document.body.style
                                    

#12 JavaScript::Eval (size: 158, repeated: 1) - SHA256: 5fd2b7ac06f14aa445293ae600a6650f7a44e5f0b1e100e2b864221aee71fd26

                                        let abortController = new AbortController();
let signal2 = abortController.signal;
abortController.abort('test2');
typeof signal2.throwIfAborted == 'function'
                                    

#13 JavaScript::Eval (size: 25, repeated: 1) - SHA256: c0fee6b934b08df7fd5858201cc0c4127a85dc7d0c8fd8eb83d58cfcc1cac18a

                                        new Uint8Array([1]).at(0)
                                    

#14 JavaScript::Eval (size: 57, repeated: 1) - SHA256: 93afe750f893331c7709e79b3b40b7122d4119cde3263346bdd3ad822216c2d7

                                        navigator.locks !== null && navigator.locks !== undefined
                                    

#15 JavaScript::Eval (size: 51, repeated: 1) - SHA256: 3906813149363f1ecb7fe2c95126d12999e7ddd966cfb00a50e446ea4423818a

                                        ShadowRoot.prototype.hasOwnProperty('onslotchange')
                                    

#16 JavaScript::Eval (size: 73, repeated: 1) - SHA256: 4339a0c1f2bef4619c2d2f4f3c90d08e012bcf418288c88da1ac89faccf36ec9

                                        typeof document.getElementById('__fhDateInput').showPicker === 'function'
                                    

#17 JavaScript::Eval (size: 44, repeated: 1) - SHA256: ef0cec074a1308361ef6b1a50fb53163d7dea6f35bfa7eaaa33d6f5cd853b4ba

                                        XRAnchorSet.prototype.hasOwnProperty('size')
                                    

#18 JavaScript::Eval (size: 38, repeated: 1) - SHA256: fe43b3c21a3b344dc633abee619610ebdbb8f1467c8a3ed3874c7c81f2ef5a86

                                        typeof self.reportError === 'function'
                                    

#19 JavaScript::Eval (size: 34, repeated: 1) - SHA256: 1793bf3a5d4ab2080846499c0d7bf8b754b9a0f515ae7685f09ab7b6f0e743a2

                                        Boolean(FileSystemDirectoryHandle)
                                    

Executed Writes (0)



HTTP Transactions (43)


Request Response
                                        
                                            GET /osp9/4215837-aida64extreme170.zip HTTP/1.1 
Host: fs2.softwaredownloadupdates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         64.225.91.73
HTTP/1.1 200 OK
content-type: text/html
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 04 Oct 2022 01:20:55 GMT
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   329
Md5:    ecbcb8bae64098de3e587487b474f8b8
Sha1:   e275409fb40ea27c3826af493f70faf147d0f995
Sha256: 2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB128AEC099DBF1919EE5D965221E904AD3A2162583683CEC44518640B505447"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7519
Expires: Tue, 04 Oct 2022 03:26:14 GMT
Date: Tue, 04 Oct 2022 01:20:55 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "193A67E9A2C60A2EF38C995DA0910B30108E9BCF4CA50D450F6CC5E1F73A1F35"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6789
Expires: Tue, 04 Oct 2022 03:14:04 GMT
Date: Tue, 04 Oct 2022 01:20:55 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: anuPHNm1DgNo9wjZJSbMewDLmVnioWqsWR6DwL5diVZs94eQwTV54Q==
age: 71548
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 
Host: getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.5.221
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: i__GJmC2wqNRNu2M88LvzF_WQf18Qwb3_zF2_zLLnm4_xnICdcx7tw==
content-encoding: gzip
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 01:20:26 GMT
age: 259
content-length: 40763
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   40763
Md5:    d532a43899566e933087f817237487df
Sha1:   3ff632ad1599f0fb2282c6a71d878f3803416c63
Sha256: 2ae6901dfb28c513aca2448258047fe74b84c9b64de09626db93ac6a564f4f2c
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 01:20:56 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 00:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ynNZfZV27KfYCQyiU87jvAmpEfRDoStFGqof78J_nM_JbrM7kUXpHQ==
Age: 2032


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fs2.softwaredownloadupdates.com
Connection: keep-alive
Referer: http://fs2.softwaredownloadupdates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 01:20:56 GMT
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10290160
expires: Sun, 24 Sep 2023 01:20:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZbw%2FhlMuB%2Bh2wP872Q%2FvD8QcCFLCUfRQvVcsdhkUuzNqyB8XO7GXdGOKLY29PYZIvbWonUsrd4I0aZDbxLgqbBJENCFfU1VoQF9LKxh692BNZBj8u2zidqGvnXMPexZwQ4Ng103"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 754a190f1e491c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   27958
Md5:    4b5f47439b640180cc3450f7de05d0d8
Sha1:   5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
Sha256: 1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "BF3173E8D8BB269ECC1B74C4661A535460AA3A3959CB143715830513D282A2FD"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7737
Expires: Tue, 04 Oct 2022 03:29:53 GMT
Date: Tue, 04 Oct 2022 01:20:56 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: fs2.softwaredownloadupdates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fs2.softwaredownloadupdates.com/osp9/4215837-aida64extreme170.zip

                                         
                                         64.225.91.73
HTTP/1.1 200 OK
content-type: text/html
                                        
server: nginx/1.18.0 (Ubuntu)
date: Tue, 04 Oct 2022 01:20:56 GMT
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   329
Md5:    ecbcb8bae64098de3e587487b474f8b8
Sha1:   e275409fb40ea27c3826af493f70faf147d0f995
Sha256: 2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 00:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 01:09:06 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Wx3QQKBNjDXaKP8TuiJyHk5AbiThHFs7z_kdbDmkyoBbg3Gk4F6HJw==
Age: 3083


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /?orighost=http://fs2.softwaredownloadupdates.com/osp9/4215837-aida64extreme170.zip HTTP/1.1 
Host: domaincntrol.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fs2.softwaredownloadupdates.com
Connection: keep-alive
Referer: http://fs2.softwaredownloadupdates.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.68.176
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Tue, 04 Oct 2022 01:20:56 GMT
content-length: 40
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZdlg6wSU2n9KQC52JD61p5umSmLqzdYZ0J91owgbzJt6HOZHKV7Q0gK0GBNtc9ksBwQYl35nIiytjOyNl2P17WbOab3VcScprSaGW422lRh%2FnJuAYZf0T1od0Ab69vvWWI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754a19101f35b511-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    e1375ba440c21131c9fd003351bc9fa2
Sha1:   584e0493fa8526c49919e02f99220063e8d24105
Sha256: 199de8efbb4d611a4f558b8a09401e648157efc1cd3e5bec1fc36bf136d78813
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4305
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 01:20:56 GMT
Last-Modified: Tue, 04 Oct 2022 00:09:11 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c283rtyo8T/JF63bwqFOlg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.41.252.32
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3fwKlIJ+RNIRD4Nzma+1zhGVfog=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6219
Expires: Tue, 04 Oct 2022 03:04:37 GMT
Date: Tue, 04 Oct 2022 01:20:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6219
Expires: Tue, 04 Oct 2022 03:04:37 GMT
Date: Tue, 04 Oct 2022 01:20:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6219
Expires: Tue, 04 Oct 2022 03:04:37 GMT
Date: Tue, 04 Oct 2022 01:20:58 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 12304
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f385d19-576b-44dc-833a-4146626070e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12252
x-amzn-requestid: 41962b0e-db82-4872-9a9c-7bf2d5a0fb13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGLWIAMFpbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-708b71f71a538c1112b60863;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rJoxxp0Qi2vpD-vBjYeMl49oj1i8rXaBR_J6idOWyg1Enk-ZSX-g8Q==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:34:30 GMT
age: 9988
etag: "0aba06667d4cb108fddaf2c54c4ae628f56018e3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12252
Md5:    23ba112cb712c07d19994e82fbaa17c0
Sha1:   0aba06667d4cb108fddaf2c54c4ae628f56018e3
Sha256: f8095524c5ade5bb5e12a6a5d23e34eab6dd61acf658664f83a0c39821fd3a33
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9855
x-amzn-requestid: 15f15a2e-0028-40ac-be8f-8e20c37fd27e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGX7oAMFgDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-5fe693f30c91e4c82c8accb1;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ngoNHOX6fFTGa1Y_-yFOFUYYYqiLJCQOq3NISbmc3gX21YO0TLxx0w==
via: 1.1 b637bd7696854d7acbf96132dcf53200.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 23:37:00 GMT
etag: "a36475a0ec7d7b92593cadd4aa99ca38550f1cd1"
age: 6238
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9855
Md5:    7b7345414898d451d930431b46d4bd00
Sha1:   a36475a0ec7d7b92593cadd4aa99ca38550f1cd1
Sha256: 79b541c69c78df0e4a4c26438431fd6b52754b589d80e929a4203063712a540c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 10299
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 12252
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 74287
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET / HTTP/1.1 
Host: ww2.softwaredownloadupdates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fs2.softwaredownloadupdates.com/
Upgrade-Insecure-Requests: 1

                                         
                                         64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 01:20:58 GMT
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_FRCCOYNO7xuCCjFlB9CUfKLxL+UIs1tILicyzHHCWMeVC2/S6+pQZbAhZfo+Y9WQKXSZhu9WCz7mEJLYxk7KzQ==
last-modified: Tue, 04 Oct 2022 01:20:57 GMT
x-cache-miss-from: parking-7f9f948885-4c8jt
server: NginX
content-encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (748)
Size:   1390
Md5:    9dc23f00e7e719629f10a47e37c28bf2
Sha1:   d53780aa698f76dca5418c6920a7d943f4b91380
Sha256: c50a594d442b87ecb91917d11d2fa20271d439e5ee7ba5e1339087409c0cbfa1
                                        
                                            GET /images/js_preloader.gif HTTP/1.1 
Host: img.sedoparking.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.softwaredownloadupdates.com/

                                         
                                         205.234.175.175
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 04 Oct 2022 01:20:58 GMT
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Tue, 11 Oct 2022 01:20:58 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: e16d1f967def8bc112cf6efbc9318cde
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16\012- data
Size:   4254
Md5:    90c93102a88c2ab94bff1575b7a6e86e
Sha1:   56d71bf13de464534643db9d127629a0a3bf677a
Sha256: 5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
                                        
                                            GET /search/tsc.php?200=NDE1Mjg2NTYy&21=OTEuOTAuNDIuMTU0&681=MTY2NDg0NjQ1OGIxMDRkNWJmYTY5ODUwYmU3YjYzZTE4MmNhOTU1MDVj&crc=8a4d711ebeef709445ac48c7f310083d5188ad58&cv=1 HTTP/1.1 
Host: ww2.softwaredownloadupdates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.softwaredownloadupdates.com/

                                         
                                         64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 01:20:58 GMT
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-7f9f948885-4c8jt
server: NginX

                                        
                                            GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DP95bn%2AWacB4_0&v=MzdjMjJmM2ZkNzk5MmU5NmQwNGQ4OTYzODFmNjA4MWQJMQl3dzIuc29mdHdhcmVkb3dubG9hZHVwZGF0ZXMuY29tNjMzYjhhNzkxMjA0NjYuMzIzODMwMDYJd3cyLnNvZnR3YXJlZG93bmxvYWR1cGRhdGVzLmNvbTYzM2I4YTc5MTIwN2MzLjYwMTg2MTM2CTE2NjQ4NDY0NTgJYWRfNjNfMA==&l=OAllY2I2ZTNhM2M5MzZhOWM3M2RmNzY5NDEzODFlYmY0NwkwCTM1CTAJZTdhNTMzNTc3NmRjYjU1YjY0YzRlNjMwZjVlMGY2MmYJNDE1Mjg2NTYyCXNvZnR3YXJlZG93bmxvYWR1cGRhdGVzCTAJNjMJNgkyCTE2NjQ4NDY0NTgJMC4wMDAyODYJTgkwCTEJMTUxMgkxMjA1CTk1NzQ5MjUwCTkxLjkwLjQyLjE1NAkw HTTP/1.1 
Host: ww2.softwaredownloadupdates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.softwaredownloadupdates.com/
Upgrade-Insecure-Requests: 1

                                         
                                         64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 01:20:58 GMT
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 04 Oct 2022 01:20:58 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DP95bn%2AWacB4_0&v=MzdjMjJmM2ZkNzk5MmU5NmQwNGQ4OTYzODFmNjA4MWQJMQl3dzIuc29mdHdhcmVkb3dubG9hZHVwZGF0ZXMuY29tNjMzYjhhNzkxMjA0NjYuMzIzODMwMDYJd3cyLnNvZnR3YXJlZG93bmxvYWR1cGRhdGVzLmNvbTYzM2I4YTc5MTIwN2MzLjYwMTg2MTM2CTE2NjQ4NDY0NTgJYWRfNjNfMA==&l=OAllY2I2ZTNhM2M5MzZhOWM3M2RmNzY5NDEzODFlYmY0NwkwCTM1CTAJZTdhNTMzNTc3NmRjYjU1YjY0YzRlNjMwZjVlMGY2MmYJNDE1Mjg2NTYyCXNvZnR3YXJlZG93bmxvYWR1cGRhdGVzCTAJNjMJNgkyCTE2NjQ4NDY0NTgJMC4wMDAyODYJTgkwCTEJMTUxMgkxMjA1CTk1NzQ5MjUwCTkxLjkwLjQyLjE1NAkw
x-cache-miss-from: parking-7f9f948885-p8cxg
server: NginX

                                        
                                            GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DP95bn%2AWacB4_0&v=MzdjMjJmM2ZkNzk5MmU5NmQwNGQ4OTYzODFmNjA4MWQJMQl3dzIuc29mdHdhcmVkb3dubG9hZHVwZGF0ZXMuY29tNjMzYjhhNzkxMjA0NjYuMzIzODMwMDYJd3cyLnNvZnR3YXJlZG93bmxvYWR1cGRhdGVzLmNvbTYzM2I4YTc5MTIwN2MzLjYwMTg2MTM2CTE2NjQ4NDY0NTgJYWRfNjNfMA==&l=OAllY2I2ZTNhM2M5MzZhOWM3M2RmNzY5NDEzODFlYmY0NwkwCTM1CTAJZTdhNTMzNTc3NmRjYjU1YjY0YzRlNjMwZjVlMGY2MmYJNDE1Mjg2NTYyCXNvZnR3YXJlZG93bmxvYWR1cGRhdGVzCTAJNjMJNgkyCTE2NjQ4NDY0NTgJMC4wMDAyODYJTgkwCTEJMTUxMgkxMjA1CTk1NzQ5MjUwCTkxLjkwLjQyLjE1NAkw HTTP/1.1 
Host: ww2.softwaredownloadupdates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.softwaredownloadupdates.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Tue, 04 Oct 2022 01:20:58 GMT
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Tue, 04 Oct 2022 01:20:58 GMT
location: http://xml.sedodna.com/click?i=P95bn*WacB4_0
x-cache-miss-from: parking-7f9f948885-4zk47
server: NginX


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   311
Md5:    74dcf05fd3b67b407224bc2e6dfab1fe
Sha1:   a5036ff95779a959211a9bee848f9530e59f5911
Sha256: d3796affbcfb9aa2c743462742ded0960dbfac90e550f98d095d2a9742f19f0c
                                        
                                            GET /click?i=P95bn*WacB4_0 HTTP/1.1 
Host: xml.sedodna.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.softwaredownloadupdates.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         173.239.53.32
HTTP/1.1 302 Found
                                        
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: http://q3.quotes.com/cc6cfc56-4382-11ed-bcdd-2534567911a8
Pragma: no-cache

                                        
                                            GET /cc6cfc56-4382-11ed-bcdd-2534567911a8 HTTP/1.1 
Host: q3.quotes.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.softwaredownloadupdates.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         178.162.151.164
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 170
date: Tue, 04 Oct 2022 01:20:58 GMT
server: nginx


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size:   170
Md5:    8003fb5ecd9cf190c0e15bd131665889
Sha1:   8c2cb62b7f53129ad0b05b2a964d21ff4d0f25fb
Sha256: a2659917eea61b8b05bf6f211ec4884c653e4a159bf8d34ffecbea1b232b8331
                                        
                                            GET /cc6cfc56-4382-11ed-bcdd-2534567911a8?hr=1 HTTP/1.1 
Host: q3.quotes.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         178.162.151.164
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 04 Oct 2022 01:20:58 GMT
location: http://irene-eux.com/zcvisitor/cc7f07cb-4382-11ed-b395-0a7fa9556d9f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=e5256c80-2de1-11ed-8859-0a918cbcbb97
server: nginx


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            GET /zcvisitor/cc7f07cb-4382-11ed-b395-0a7fa9556d9f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=e5256c80-2de1-11ed-8859-0a918cbcbb97 HTTP/1.1 
Host: irene-eux.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         35.174.150.83
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 01:20:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: DgZjmNUX


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   996
Md5:    fc4dfad3035252cb39cdbbeb86214388
Sha1:   ffd13101d8e0cde1cacee9b1800167a39cac79f7
Sha256: 786045bc4d772d1013afa83b10ee33f2c11c8c224813e3aea2359a8013ab6a33
                                        
                                            GET /zcredirect?visitid=cc7f07cb-4382-11ed-b395-0a7fa9556d9f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1 
Host: irene-eux.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://irene-eux.com/zcvisitor/cc7f07cb-4382-11ed-b395-0a7fa9556d9f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=e5256c80-2de1-11ed-8859-0a918cbcbb97
Upgrade-Insecure-Requests: 1

                                         
                                         35.174.150.83
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Tue, 04 Oct 2022 01:20:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: JXhPadbS


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (353)
Size:   792
Md5:    1be686252b22fb385b784739fcc1ee95
Sha1:   182d841dbae626e0e477722309288101bbd8a629
Sha256: 8d11dd48819bc2c37b8f48cb484830e2c9729ad4631b0ef133d380d1494e850f
                                        
                                            GET /zp-redirect?target=https%3A%2F%2Fflirtyhoookup.com%2F%3Futm_source%3DgvC7WyUoREtV%26s1%3D719fbd40-273d-47b8-882f-683d1074b172%26s2%3Dw5ik4ite471ru9gjiteahpba&caid=7410aac1-b9a3-4a71-8226-0a525667d56d&zpid=cc7f07cb-4382-11ed-b395-0a7fa9556d9f&cid=w5ik4ite471ru9gjiteahpba&rt=R HTTP/1.1 
Host: cartining-specute.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://irene-eux.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         18.197.36.77
HTTP/2 302 Found
                                        
server: nginx
date: Tue, 04 Oct 2022 01:20:59 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://flirtyhoookup.com/?utm_source=gvC7WyUoREtV&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w5ik4ite471ru9gjiteahpba
pragma: no-cache
set-cookie: cc-v4=cVzK76j%2FRcSPvEgfBc9US%2Bm1VvDVMB2%2BzImFMsHyZ3OnAW6cgBZxJM%2FJi62NW2PlfFjhgxz%2FMdMD2BoArvAfVeSFlq97Jl3rbs5SD76k4wdePxEEa5zqSEUcSZcX8%2BC5Tob9nLeI12ZbuJpIB07lAw%3D%3D; Max-Age=31536000; Expires=Wed, 04-Oct-2023 01:20:59 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /jquery-3.3.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flirtyhoookup.com
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 01:20:59 GMT
content-encoding: gzip
content-length: 30288
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664846459.dop014.sk1.t,1664846459.cds223.sk1.hn,1664846459.cds072.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30288
Md5:    d549b312f7a7d228b4ec229a6547dfdc
Sha1:   0766794582ad530ec0f8c2595f741086afffa312
Sha256: f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 01:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 01:21:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 01:21:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flirtyhoookup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.217.21.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 06:06:20 GMT
expires: Fri, 29 Sep 2023 06:06:20 GMT
cache-control: public, max-age=31536000
age: 414880
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Size:   12708
Md5:    b4a68b1e743ee317eaaf0bbadd131571
Sha1:   f24f7823d4e3830c7cfa5bcb33733d2897c00f13
Sha256: ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 01:21:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /media.ext HTTP/1.1 
Host: example.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.184.216.34
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
accept-ranges: bytes
age: 565327
cache-control: max-age=604800
date: Tue, 04 Oct 2022 01:21:00 GMT
expires: Tue, 11 Oct 2022 01:21:00 GMT
last-modified: Tue, 27 Sep 2022 12:18:53 GMT
server: ECS (nyb/1D25)
vary: Accept-Encoding
x-cache: 404-HIT
content-length: 1256
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1256
Md5:    84238dfc8092e5d9c0dac8ef93371a07
Sha1:   4a3ce8ee11e091dd7923f4d8c6e5b5e41ec7c047
Sha256: ea8fac7c65fb589b0d53560f5251f74f9e9b243478dcb6b3ea79b5e36449c8d9
                                        
                                            GET /?utm_source=gvC7WyUoREtV&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=w5ik4ite471ru9gjiteahpba HTTP/1.1 
Host: flirtyhoookup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://irene-eux.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.21.52.165
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 04 Oct 2022 01:20:59 GMT
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
cross-origin-window-policy: deny
set-cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTMxNTQ4bQAAAApLRGVQanJZTkJwbQAAAANoaWRtAAAAJEJ2VWtzcmFFVHpNQUhHcktVbUtxeHFyeFFlRXdnSHpwcFVPeW0AAAACaGxkAANuaWxtAAAABXN1Yl8xbQAAACQ3MTlmYmQ0MC0yNzNkLTQ3YjgtODgyZi02ODNkMTA3NGIxNzJtAAAABXN1Yl8ybQAAABh3NWlrNGl0ZTQ3MXJ1OWdqaXRlYWhwYmFtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMak9oQXJ5b2p4YWNW.86VNXLZdl1ULkkUmisC2RUMB6ksBszeRfQdzSNCO4E4; path=/; expires=Wed, 04 Oct 2023 01:20:59 GMT; max-age=31536000
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJZOH4ZyryRrJvADG6h0FlMeWVjae63uOnEb7j3C%2BXKh8vMS48vg1KDvcoVTZEqNJf3YzOEoVH9mlV%2FGg0mZy0LjUM%2BaNC1rECjAFKi%2Fk5wjn%2FdNgd3NlT634GQRGKZ9ztt%2Fmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754a19252a480b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Montserrat&subset=latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 01:20:59 GMT
date: Tue, 04 Oct 2022 01:20:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---