Overview

URL https://st-omer.org/5
IP77.68.64.20
ASNIONOS SE
Location United Kingdom
Report completed2022-07-06 05:32:59 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Added / Verified Severity Host Comment
2022-07-05 2 st-omer.org/5 Emirates Post
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-06 2 st-omer.org/5 Phishing
2022-07-06 2 st-omer.org/5/APP/parsley.js Phishing
2022-07-06 2 st-omer.org/5/APP/jquery.3.3.1.min.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (22)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] st-omer.org (14) 0 2019-06-28 04:32:16 UTC 2020-05-10 00:05:59 UTC 77.68.64.20 Unknown ranking
[Mnemonic Passive DNS] r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-07-05 04:59:43 UTC 23.36.76.226
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-07-06 04:19:35 UTC 151.101.86.137
[Mnemonic Passive DNS] lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbamd993f9d75e2c3469am1.e.aa.online-metrix.net (1) 0 No data No data 91.235.134.131 Domain (online-metrix.net) ranked at: 1982
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-05 12:56:13 UTC 34.120.237.76
[Mnemonic Passive DNS] lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbambc9a8d3e944f2744am1.e.aa.online-metrix.net (1) 0 No data No data 91.235.134.131 Domain (online-metrix.net) ranked at: 1982
[Mnemonic Passive DNS] stats.g.doubleclick.net (1) 96 2017-01-30 04:59:59 UTC 2022-07-05 05:00:01 UTC 173.194.222.157
[Mnemonic Passive DNS] demoaws.limelightcrm.com (1) 0 2017-04-27 11:20:45 UTC 2022-06-30 11:03:35 UTC 52.2.180.214 Domain (limelightcrm.com) ranked at: 393164
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (1) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.35
[Mnemonic Passive DNS] ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-07-05 04:59:45 UTC 142.250.74.3
[Mnemonic Passive DNS] bam.nr-data.net (5) 630 2022-05-18 16:30:58 UTC 2022-07-05 21:19:29 UTC 162.247.241.14
[Mnemonic Passive DNS] status.thawte.com (1) 5123 2017-11-27 12:33:51 UTC 2022-07-05 21:54:44 UTC 93.184.220.29
[Mnemonic Passive DNS] ssl.kaptcha.com (3) 9483 2021-04-12 23:24:38 UTC 2022-07-05 13:29:12 UTC 54.148.115.137
[Mnemonic Passive DNS] ocsp.sca1b.amazontrust.com (1) 1015 No data No data 54.230.245.118
[Mnemonic Passive DNS] h.online-metrix.net (6) 3460 2012-05-22 20:47:40 UTC 2022-04-25 10:10:03 UTC 91.235.132.130
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-05 05:12:14 UTC 54.230.111.7
[Mnemonic Passive DNS] maxcdn.bootstrapcdn.com (3) 724 2017-01-30 05:00:47 UTC 2021-03-05 11:52:46 UTC 104.18.11.207
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-07-05 22:46:12 UTC 93.184.220.29
[Mnemonic Passive DNS] fonts.gstatic.com (2) 0 2017-01-30 04:59:51 UTC 2022-07-05 04:59:30 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] ocsp.securetrust.com (6) 18792 2019-12-23 03:05:54 UTC 2022-07-06 03:59:22 UTC 23.36.79.18
[Mnemonic Passive DNS] lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbam2d725cf19310e56eam1.e.aa.online-metrix.net (1) 0 No data No data 91.235.134.131 Domain (online-metrix.net) ranked at: 1982


Recent reports on same IP/ASN/Domain

Last 9 reports on IP: 77.68.64.20

Date UQ / IDS / BL URL IP
2022-07-07 02:58:20 +0000
0 - 0 - 5 https://www.st-omer.org/5/SMSExpire.php?REF=9 (...) 77.68.64.20
2022-07-07 02:57:52 +0000
0 - 0 - 3 https://www.st-omer.org/5/SMS.php?REF=9382749 (...) 77.68.64.20
2022-07-07 02:57:22 +0000
0 - 0 - 4 www.st-omer.org/5/Payment.php 77.68.64.20
2022-07-06 22:48:20 +0000
0 - 0 - 2 https://www.st-omer.org/5/SMSExpire.php?REF=9 (...) 77.68.64.20
2022-07-06 22:47:50 +0000
0 - 0 - 5 https://www.st-omer.org/5/SMS.php?REF=9382749 (...) 77.68.64.20
2022-07-06 22:47:23 +0000
0 - 0 - 6 www.st-omer.org/5/Payment.php 77.68.64.20
2022-07-06 11:07:07 +0000
0 - 0 - 2 https://st-omer.org/5/ 77.68.64.20
2022-07-06 11:05:34 +0000
0 - 0 - 6 https://st-omer.org/5 77.68.64.20
2022-07-06 05:34:26 +0000
0 - 0 - 2 https://st-omer.org/5/ 77.68.64.20

Last 10 reports on ASN: IONOS SE

Date UQ / IDS / BL URL IP
2022-08-09 09:57:49 +0000
0 - 0 - 4 d7pru.funcionando.net/ 82.223.19.44
2022-08-09 09:25:48 +0000
0 - 0 - 5 watervalue.net/ 74.208.236.184
2022-08-09 09:20:50 +0000
0 - 0 - 2 www.tommti-systems.de/main-dateien/tools/rus_ (...) 217.160.0.109
2022-08-09 07:54:47 +0000
2 - 0 - 0 rourkelaproperty.com/ 212.227.191.17
2022-08-09 07:44:07 +0000
0 - 0 - 5 camadas.funcionando.net/ 82.223.19.44
2022-08-09 07:43:53 +0000
0 - 0 - 23 ekonomiasortzaileagara-somoseconomiacreativa. (...) 82.223.121.152
2022-08-09 06:56:15 +0000
0 - 0 - 2 dispatching-center-uspost.com/23/index1.php 74.208.236.164
2022-08-09 06:55:50 +0000
0 - 0 - 3 marquesvogt.com/back/main_hXKtlXjN118.bin 217.160.0.227
2022-08-09 06:55:48 +0000
0 - 0 - 3 marquesvogt.com/main/main_hXKtlXjN118.bin 217.160.0.227
2022-08-09 06:41:06 +0000
0 - 0 - 16 pinosortiz.com/ 82.223.19.44

Last 9 reports on domain: st-omer.org

Date UQ / IDS / BL URL IP
2022-07-07 02:58:20 +0000
0 - 0 - 5 https://www.st-omer.org/5/SMSExpire.php?REF=9 (...) 77.68.64.20
2022-07-07 02:57:52 +0000
0 - 0 - 3 https://www.st-omer.org/5/SMS.php?REF=9382749 (...) 77.68.64.20
2022-07-07 02:57:22 +0000
0 - 0 - 4 www.st-omer.org/5/Payment.php 77.68.64.20
2022-07-06 22:48:20 +0000
0 - 0 - 2 https://www.st-omer.org/5/SMSExpire.php?REF=9 (...) 77.68.64.20
2022-07-06 22:47:50 +0000
0 - 0 - 5 https://www.st-omer.org/5/SMS.php?REF=9382749 (...) 77.68.64.20
2022-07-06 22:47:23 +0000
0 - 0 - 6 www.st-omer.org/5/Payment.php 77.68.64.20
2022-07-06 11:07:07 +0000
0 - 0 - 2 https://st-omer.org/5/ 77.68.64.20
2022-07-06 11:05:34 +0000
0 - 0 - 6 https://st-omer.org/5 77.68.64.20
2022-07-06 05:34:26 +0000
0 - 0 - 2 https://st-omer.org/5/ 77.68.64.20


JavaScript

Executed Scripts (15)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (69)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 06 Jul 2022 04:56:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6d-sQub-_3xXVrhCvcX_Tlm41D6ba4kNKB2bBHnDLZytky8FyEUwiw==
Age: 2206


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /5 HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         77.68.64.20
HTTP/2 301 Moved Permanently
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:46 GMT
content-type: text/html; charset=iso-8859-1
content-length: 230
location: https://st-omer.org/5/
cache-bypass-reason: DefaultSkip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   230
Md5:    0979ca2baaed4fb3cf90257e389a483c
Sha1:   c8f3ddcd8a7144b2eab7b6a9260dc4855315a7e0
Sha256: 2671d04ada23581eda142b6bd5992c7a6b616d5acaa3b837b3d88e1b687f4bf2

Alerts:
  Blocklists:
    - openphish: Emirates Post
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5CA12512DFBE8A007255191678A4ECD570026D865AE741C0D3025D8FE1A58659"
Last-Modified: Mon, 04 Jul 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2168
Expires: Wed, 06 Jul 2022 06:08:54 GMT
Date: Wed, 06 Jul 2022 05:32:46 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Jul 2022 03:26:46 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f_qdvJqbyMn1qKJsB5d5fGVJnG3OWwXn589G-wjHTHGsDSY-kqZxLg==
age: 7561
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 05:32:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /5/APP/jquery.qtip.min.css HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/5/Payment.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:46 GMT
content-type: text/css
content-length: 2160
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "2316-5e1e2f894eaf7-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8982), with no line terminators
Size:   2160
Md5:    2d8a6b97fde839c53d72d02165dc1a6b
Sha1:   5f732d7686417fedf06d7a9184e75c798599770e
Sha256: 6d1576c69f8641b4395e875a4b73f67dc814f15d332ac7ce7af8bc3c48ee991b
                                        
                                            GET /5/APP/custom.css HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/5/Payment.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:46 GMT
content-type: text/css
content-length: 3717
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "3af4-5e1e2f894e70f-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   3717
Md5:    e7ed3d74fedfafa0db44096d6bf561b4
Sha1:   bd474ea31ec2b83c9596a40ee589f3d0e2a9d6de
Sha256: 93e427ee55ebd3ba913a3f84b605b71ab86b74d92636002e23ece5859f5caadc
                                        
                                            GET /5/APP/parsley.js HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/5/Payment.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:46 GMT
content-type: application/javascript
content-length: 12373
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "a85e-5e1e2f894f2c7-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32005), with CRLF line terminators
Size:   12373
Md5:    41ef212ddc1142710b4663ee8154fb33
Sha1:   4f6f39e2c64652d41bf4dfab1999f312a13db028
Sha256: e003deb8b3619dd0838cf124b0497e75dc3c322e53cfc1d17fde5713340592ea

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /5/APP/jquery.3.3.1.min.js HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/5/Payment.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:46 GMT
content-type: application/javascript
content-length: 30309
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "1538f-5e1e2f894eaf7-gzip"
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65450), with CRLF line terminators
Size:   30309
Md5:    5bac3d6b0ebd039c8c9385e98ffe8bfc
Sha1:   1b3644a5879e544bc637c194d6854570e3d0c48d
Sha256: 0eb895612d37395ecc393ca024cf4590fcfc5c150746a297fc3e0a7c68c7a225

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /nr-1071.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
                                        
x-amz-id-2: X4OmIxHECzh1nuls85gMw9R9M0YziqqQ3gTF1TSthkm6bJOvqq1T6qw3baP7FLqgPwwdum4c3ow=
x-amz-request-id: 44AJY2P3Q90DJKHP
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
etag: "a1a545c95f313a230157b47dca555c25"
x-amz-version-id: null
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 06 Jul 2022 05:32:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 30
x-timer: S1657085567.708814,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 9086
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23651), with no line terminators
Size:   9086
Md5:    ea7d98da6b8048d3c3905a1c8c7413f1
Sha1:   222c966ad76450aefe8c8e8575678dd7733696bc
Sha256: 1ea4b27f6a8e25490b451cd0f484bb5f7ccf7031175f28f74ee14024461eef6a
                                        
                                            GET /5/APP/icon.png HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/5/Payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:46 GMT
content-type: image/png
content-length: 2232
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "8b8-5e1e2f894e70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 200, 8-bit colormap, non-interlaced\012- data
Size:   2232
Md5:    05bc83bc8ff57ebb9439155a331a5b2c
Sha1:   6536f4ea087db4ee51822223e94f9bda7178d74b
Sha256: 3e2cbcbd5379fc3de3637925558821f74176ebfb08bf5f0ca29e10e47884c00e
                                        
                                            GET /5/APP/cards-secure.png HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/5/Payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:46 GMT
content-type: image/png
content-length: 6623
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "19df-5e1e2f894e70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 450 x 60, 8-bit colormap, non-interlaced\012- data
Size:   6623
Md5:    6bcaa5f0e608d6f26d5cef5375b9a325
Sha1:   14547e6ca8caef069a40df047d5183f7c436ee3b
Sha256: 50ac7a42c18ee0e2f3f3a2e83fa451d72b69a0cfeb0931ace3f0f6f0d424e1c1
                                        
                                            GET /5/APP/cvv.png HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/5/Payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:46 GMT
content-type: image/png
content-length: 548
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "224-5e1e2f894e70f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 116 x 74, 8-bit colormap, non-interlaced\012- data
Size:   548
Md5:    e7d042f4b98daa473b199795980e9ae7
Sha1:   67deb8d9d5f844766106af10c7b78e973ed632f0
Sha256: 2edc483bc738ee4e84219c31e674c3f5999776135682e97a332f96ed9ae6eb0c
                                        
                                            GET /5/N2/APP.png HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/5/Payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 200 OK
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:46 GMT
content-type: image/png
content-length: 28507
last-modified: Mon, 20 Jun 2022 15:43:52 GMT
etag: "6f5b-5e1e2f89521a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x335, components 3\012- data
Size:   28507
Md5:    3fcea3088f2d44f06d4f20ecddc1b176
Sha1:   61f08e144e9c30954214f6e66696981d22bbda05
Sha256: 0805c16214a65bcb27ad685f74534bca97e5728e4a4f5f8529129a013ee0ae2b
                                        
                                            GET /img/epro-s.png HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/5/Payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 404 Not Found
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:46 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 05:32:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=46958&ref=https://e-chrono7post.com/FR%3D09384209234%3DAPP/E92387423789F/WE9872340273489B/Payer.php&be=3910&fe=46940&dc=6867&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1609059668915,%22n%22:0,%22u%22:1140,%22ue%22:1141,%22f%22:1,%22dn%22:81,%22dne%22:99,%22c%22:99,%22s%22:347,%22ce%22:529,%22rq%22:535,%22rp%22:1107,%22rpe%22:1123,%22dl%22:1184,%22di%22:6864,%22ds%22:6866,%22de%22:6867,%22dc%22:46939,%22l%22:46939,%22le%22:46943%7D,%22navigation%22:%7B%22ty%22:1%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 06 Jul 2022 05:32:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7265f637ceb1b4f4-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=121187061dfded25; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   73
Md5:    814f8120cdf5a972bdb0fd5521a92a5d
Sha1:   47f7b3cd340d1fe91766ff27602e319a79bcd14c
Sha256: 5f520e553ae6a634e84b7c8c8d36908d2efa441d716834fd98c012c402b1c3c8
                                        
                                            GET /1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=1386&ref=http://localhost/Australia-Post/Payer.php&be=151&fe=1373&dc=314&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1609525736589,%22n%22:0,%22f%22:1,%22dn%22:3,%22dne%22:3,%22c%22:3,%22ce%22:3,%22rq%22:3,%22rp%22:5,%22rpe%22:7,%22dl%22:16,%22di%22:310,%22ds%22:311,%22de%22:316,%22dc%22:1373,%22l%22:1373,%22le%22:1377%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 06 Jul 2022 05:32:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7265f637d89cb51b-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=5fa9fe395edbfc61; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   73
Md5:    814f8120cdf5a972bdb0fd5521a92a5d
Sha1:   47f7b3cd340d1fe91766ff27602e319a79bcd14c
Sha256: 5f520e553ae6a634e84b7c8c8d36908d2efa441d716834fd98c012c402b1c3c8
                                        
                                            GET /1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=8910&ref=https://101player.com/fr/gateway.html&be=6281&fe=8884&dc=7583&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1604768846968,%22n%22:0,%22f%22:3478,%22dn%22:3478,%22dne%22:3478,%22c%22:3478,%22ce%22:3478,%22rq%22:3482,%22rp%22:3687,%22rpe%22:3723,%22dl%22:4198,%22di%22:7581,%22ds%22:7582,%22de%22:7582,%22dc%22:8883,%22l%22:8883,%22le%22:8895%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 06 Jul 2022 05:32:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7265f637dfed0b61-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=9d335c2efa762dc8; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   73
Md5:    814f8120cdf5a972bdb0fd5521a92a5d
Sha1:   47f7b3cd340d1fe91766ff27602e319a79bcd14c
Sha256: 5f520e553ae6a634e84b7c8c8d36908d2efa441d716834fd98c012c402b1c3c8
                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3262
Cache-Control: max-age=148592
Date: Wed, 06 Jul 2022 05:32:47 GMT
Etag: "62c4b331-1d7"
Expires: Thu, 07 Jul 2022 22:49:19 GMT
Last-Modified: Tue, 05 Jul 2022 21:54:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=2596&ref=http://localhost/Chronopost/Payer.php&be=788&fe=2569&dc=1604&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1604769189379,%22n%22:0,%22u%22:52,%22ue%22:52,%22f%22:7,%22dn%22:7,%22dne%22:7,%22c%22:7,%22ce%22:7,%22rq%22:23,%22rp%22:28,%22rpe%22:36,%22dl%22:67,%22di%22:1598,%22ds%22:1598,%22de%22:1604,%22dc%22:2568,%22l%22:2568,%22le%22:2576%7D,%22navigation%22:%7B%22ty%22:1%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7265f637de43b524-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=4c51705edc93a663; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 05:32:46 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
cdn-cache: HIT
cf-cache-status: HIT
age: 2532318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7265f637bd2fb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26548)
Size:   6346
Md5:    88d448f6c3fdb9ae2d441ca6fd1e8273
Sha1:   5682ef46bc774ae66f1dbabfc7228a10e4b64384
Sha256: cdc1115a8b4613d8b380a59547a099e0158c6373d4ea50cacfbaddb7931c1710
                                        
                                            GET /collect/sdk?m=201509 HTTP/1.1 
Host: ssl.kaptcha.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.148.115.137
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
P3p: CP=CAO PSA OUR
Pragma: no-cache
Set-Cookie: k=481939dd00e64e8fb32a1010c8bcb15c; Path=/; Expires=Tue, 04 Oct 2022 05:32:47 GMT; HttpOnly; Secure; SameSite=None
X-Correlation-Id: 49f07197-7dec-487e-af66-a8d2e56f6d84
Date: Wed, 06 Jul 2022 05:32:47 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (2275)
Size:   2456
Md5:    af05046776ad83baa64ac2c338fc7257
Sha1:   4634515f97c4b844171e5fb625d1b85dc229a0c0
Sha256: d03d8ff3fb42c322f73f14cc8a13440346308b70d75cd3b617e290f60c984f0f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/jquery.qtip.min.js HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/5/Payment.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 404 Not Found
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:47 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   15665
Md5:    fe15ba08783e4de19146856f27c0954e
Sha1:   5240b3eb694ad1c2583204c71ca1375a85f67e0c
Sha256: 5a26922405b79a20556a429af9d0134fe4e3e3bf88121d185ac25860199b5236
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5990
Cache-Control: 'max-age=158059'
Date: Wed, 06 Jul 2022 05:32:47 GMT
Last-Modified: Wed, 06 Jul 2022 03:52:57 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkW-EH7alxw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://st-omer.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16168
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 02 Jul 2022 04:41:07 GMT
expires: Sun, 02 Jul 2023 04:41:07 GMT
cache-control: public, max-age=31536000
age: 348700
last-modified: Fri, 24 Jun 2022 18:41:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16168, version 1.0\012- data
Size:   16168
Md5:    8213ad3df6322d456993217ae180d354
Sha1:   05a9b8f9988559553e415036d2cc19c9b29f6a61
Sha256: 510ce4502b0c68c2867a02142722b1f9d91ad9230fa2cc274368408b400b8d9e
                                        
                                            GET /s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alxw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://st-omer.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15168
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Jul 2022 21:13:10 GMT
expires: Wed, 05 Jul 2023 21:13:10 GMT
cache-control: public, max-age=31536000
age: 29977
last-modified: Fri, 24 Jun 2022 18:41:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15168, version 1.0\012- data
Size:   15168
Md5:    1598ebfa232c5514a99a8af0405cc9a6
Sha1:   d81db409924496627326925cffa27d465c24de3d
Sha256: 45a8badf06824c87461905a8b1871fc3ca3eb5934cee490deadad743ebf99661
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://st-omer.org
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.11.207
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 05:32:47 GMT
content-type: font/woff2
content-length: 64464
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 06/09/2022 10:24:04
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: eca752c1f15e40fb465e2beebb4fd8ea
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7265f63d6fc7b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Size:   64464
Md5:    4b5a84aaf1c9485e060c503a0ff8cadb
Sha1:   574ea2698c03ae9477db2ea3baf460ee32f1a7ea
Sha256: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
                                        
                                            GET /5/img/down-arrow.png HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/5/APP/custom.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 404 Not Found
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:47 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Wed, 06 Jul 2022 05:32:47 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/5/Payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 404 Not Found
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:47 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://st-omer.org
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.11.207
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 05:32:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5869c96cc8f19086aee625d670d741f9"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 05/12/2022 03:05:27
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 863
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 7b0ecaa2e58b2f3f91c4b7859475a667
cdn-cache: HIT
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7265f6380ba7b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32033)
Size:   10255
Md5:    765c72429b8d7738b79e2aa1e9524809
Sha1:   9f4a023b921cdc1e7a8b255906b7359d92167647
Sha256: 61e57bf7fe5b0c08515f80320d0d453a651db276ff949a13209b1eeb32da1bbb
                                        
                                            GET /img/epro-s.png HTTP/1.1 
Host: st-omer.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/5/Payment.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         77.68.64.20
HTTP/2 404 Not Found
                                        
server: nginx/1.21.6
date: Wed, 06 Jul 2022 05:32:47 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1325)
Size:   20190
Md5:    0cf1ad74778a8a1e58073800a06b1a89
Sha1:   05ba169dd67e08be7bb82eaa5f442849055b2c39
Sha256: 5633ae219617f19da4316279411be6bd87e4159665230ab8e70d129ab4266c1d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Wed, 06 Jul 2022 05:32:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Wed, 06 Jul 2022 05:32:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Wed, 06 Jul 2022 05:32:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Wed, 06 Jul 2022 05:32:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Wed, 06 Jul 2022 05:32:47 GMT
Connection: keep-alive

                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&nonce=d993f9d75e2c3469&di=yes HTTP/1.1 
Host: lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbamd993f9d75e2c3469am1.e.aa.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.134.131
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&nonce=2d725cf19310e56e&di=yes HTTP/1.1 
Host: lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbam2d725cf19310e56eam1.e.aa.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.134.131
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&m=1 HTTP/1.1 
Host: h.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.132.130
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&m=2 HTTP/1.1 
Host: h.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.132.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Set-Cookie: thx_guid=0a1c5d072ce54117b5b90ee2accd6d67; expires=Mon 05 Jul 2027 05:32:47 GMT; path=/; HttpOnly; SameSite=None; secure
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&k=1
Content-Length: 287
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   287
Md5:    dfd78312e739019e382171c9b2bd7cdd
Sha1:   80c141eb760e495cec7b33b80173cf3b97965895
Sha256: 2e099881a45ebe7cdf9b7e90e8db34b653da38539f4682c3cd58d5607959826a
                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&nonce=bc9a8d3e944f2744&di=yes HTTP/1.1 
Host: lygdph9h2k4qv7wihllsvwaqy532fcgbem3glbambc9a8d3e944f2744am1.e.aa.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.134.131
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /fp/clear1.png;CIS3SID=CDFE2011DE3AE2E09A299A2E4101940B?org_id=lygdph9h&session_id=12546631604768767941499&nonce=d993f9d75e2c3469&jf=34333426716b665f706e643f766c705d6938314274507032466b663a4c34655326736b66576663766d3d31363831303739353a3324736b645f767b78673f756d623a656b6c736326736b665d6b67793d31323d3b313239333036383f32633836363a6165316430303239323432303261383e3c386165336632313033303732313c30323238343937693d373238633566353135623467356c613736316637613b3a386635366130306435646261376d66666038386139396c61346161663737623a326437353b36663b3d6561613e6e313264653a34633860626660636c333a32693462646e6b313564353534603432306135363b32633239303062383c3434656664313b343a26736b6657716b65353330343c3832303034323232346361323b3a3a66363a3d3334656c6b37363761603b303560303130606e666763306535316e6c6134363435636036353535333a3f6731676b643032383a3232303737303162303533323b6a6064366b6263303b3a3060336235633b306639303a633e373b37383539346b6c3634353063643b663066313b636c3133333d6631267b6166703d30 HTTP/1.1 
Host: h.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.132.130
HTTP/1.1 204 204
Content-Type: image/png;charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /fp/clear1.png;CIS3SID=067F040AAF5D42A3D2A2D7C57C297934?org_id=lygdph9h&session_id=12546631604768767941499&nonce=bc9a8d3e944f2744&jf=34333626716b665f706e643f766c705d6b445a364f415a5a4b576c336667716726736b66576663766d3d3136383c37343839373b24736b645f767b78673f756d623a656b6c736326736b665d6b67793d31323d3b313239333036383f32633836363a6165316430303239323432303261383e3c386165336632313033303732313c303232383462356b3863363361373332386762653a63383a36306e3065613e6d336137313b313b663a3132353031603630313839313838353233333260356231636137303b3535603c3664363a3c323b36303231366437663130373a3a3233303638613c6c343039343135306334383832363b3060636b6363616e6b33316235363136373126736b6657716b65353330343d3832303130323b3165613932673a3866373b6a3964333a3d36636466363b60663062363b313b6760316c3066363c39393a6363633a643164656635606d3260303a353061396c303032303137376560326230606b3260643e3065346d3f61336366336434336662623b363e37603038643138313a326130383466603431373832616c3b67326d633066392e736b66723f32 HTTP/1.1 
Host: h.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.132.130
HTTP/1.1 204 204
Content-Type: image/png;charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100

                                        
                                            GET /logo.htm?m=201509&s=42965c7f13f642b78159d0eec030681b HTTP/1.1 
Host: ssl.kaptcha.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Cookie: k=481939dd00e64e8fb32a1010c8bcb15c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.148.115.137
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: da3435de-15c1-4551-91dc-da279ff01270
Date: Wed, 06 Jul 2022 05:32:47 GMT
Content-Length: 167


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   167
Md5:    e63d3c07e80a1d7a4ac25888cb0cf13c
Sha1:   80bafd547328c9f0e441a30f041f62f06def7f49
Sha256: 8099167b382728057d0a149a6a1f6475d3d05f1164c7d492ce156fb066119b0a
                                        
                                            GET /fp/clear1.png;CIS3SID=4050119CC6EF8C80ED43D0D262305D76?org_id=lygdph9h&session_id=12546631604768767941499&nonce=2d725cf19310e56e&jf=34333626716b665f706e643f766c705d3b4b587062444050734841636151767726736b66576663766d3d3136383c37343838373524736b645f767b78673f756d623a656b6c736326736b665d6b67793d31323d3b313239333036383f32633836363a6165316430303239323432303261383e3c386165336632313033303732313c30323238346231693c32376435316736303b653236343a6334356e3831633838316437346064333567346136376d3461606a6439613a3c383031303b37376263373132353d323032396166336d30646765303a3736623a613536606a3a633a3f633937316a6136383733376337303461603b3b6637643c3964666e6d3331366231673a386626736b6657716b65353330343d3832303037666664333b663032366d323b63396364623e6933323064633034663b383960326e6737366e3834656e3c32616533633b643560393761306a3733336b643164383a32333030603431343231366436303766323e6265636969393036313364346366396661313a3763616e633137693e3966353960673b6464663533636a6330673a653063392e736b66723f32 HTTP/1.1 
Host: h.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.132.130
HTTP/1.1 204 204
Content-Type: image/png;charset=UTF-8
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100

                                        
                                            GET /fp/clear.png?org_id=lygdph9h&session_id=12546631604768767941499&k=1 HTTP/1.1 
Host: h.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://st-omer.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.132.130
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 06 Jul 2022 05:32:47 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 05:32:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 06 Jul 2022 05:32:48 GMT
Etag: "62c46307-1d7"
Last-Modified: Wed, 06 Jul 2022 04:05:09 GMT
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zoXu16mnXpunGRnt7Ump1pxteXyNn2Owrj4buq9hpoivv919uYeQQA==
Age: 5259

                                        
                                            GET /logo.htm?m=201509&s=7788c6ad89e44ffdb51aa1f7b534cad1 HTTP/1.1 
Host: ssl.kaptcha.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Cookie: k=481939dd00e64e8fb32a1010c8bcb15c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.148.115.137
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0
Pragma: no-cache
X-Correlation-Id: 34a03d86-3787-4d7e-84da-e5ddb20a04ba
Date: Wed, 06 Jul 2022 05:32:48 GMT
Content-Length: 167


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   167
Md5:    e63d3c07e80a1d7a4ac25888cb0cf13c
Sha1:   80bafd547328c9f0e441a30f041f62f06def7f49
Sha256: 8099167b382728057d0a149a6a1f6475d3d05f1164c7d492ce156fb066119b0a
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-118120266-1&cid=1082460608.1657085568&jid=1384989292&gjid=1936590441&_gid=1193065743.1657085568&_u=YGBACEAABAAAAC~&z=1219512038 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://st-omer.org
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         173.194.222.157
HTTP/2 200 OK
                                        
access-control-allow-origin: https://st-omer.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 06 Jul 2022 05:32:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 05:32:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pixel.gif HTTP/1.1 
Host: demoaws.limelightcrm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssl.kaptcha.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.2.180.214
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 05:32:48 GMT
content-type: image/gif
content-length: 49
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Tue, 28 Jun 2022 18:46:12 GMT
etag: "31-5e28673550500"
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   49
Md5:    ed280a0ea3cc38f3cbbc747acfbef47d
Sha1:   6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
Sha256: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
                                        
                                            GET /1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=1779&ref=https://st-omer.org/5/Payment.php&be=1003&fe=1765&dc=1223&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1657085566441,%22n%22:0,%22u%22:77,%22ue%22:77,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:1,%22rq%22:38,%22rp%22:66,%22rpe%22:90,%22dl%22:77,%22di%22:1220,%22ds%22:1221,%22de%22:1223,%22dc%22:1763,%22l%22:1763,%22le%22:1765%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st-omer.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 06 Jul 2022 05:32:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7265f6419df7b524-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=4e996967c525588a; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   72
Md5:    107d93e382e2c9b00fbf9fb0edc65d86
Sha1:   77e750e3ebf9706f4f6dd253785602d70be17c6c
Sha256: a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5801
Expires: Wed, 06 Jul 2022 07:09:29 GMT
Date: Wed, 06 Jul 2022 05:32:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5801
Expires: Wed, 06 Jul 2022 07:09:29 GMT
Date: Wed, 06 Jul 2022 05:32:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5801
Expires: Wed, 06 Jul 2022 07:09:29 GMT
Date: Wed, 06 Jul 2022 05:32:48 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5801
Expires: Wed, 06 Jul 2022 07:09:29 GMT
Date: Wed, 06 Jul 2022 05:32:48 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb27cd33-0557-4e9f-afa8-36973b921638.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11085
x-amzn-requestid: 82a2d755-e6c4-42dd-968b-68139eb0ca38
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BHqG7yIAMFX4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4aefd-632afe61133c32b9404293aa;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:37:01 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CLeqn9TVpVeuhmnHl5NYGZrdVUMiKhGmJjB2lq_jDZYjQ9dxKHjRHQ==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:37:39 GMT
age: 28509
etag: "c2d6d0adbf9ddb01fb9e8e89398504c31720f99c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11085
Md5:    5552141e4ff21ea5cdfb3ee3cf7099a2
Sha1:   c2d6d0adbf9ddb01fb9e8e89398504c31720f99c
Sha256: 27bbe0ad182a253333e32623db676ef00298acc21c6195c0a7ca7a4c3c2b0b12
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb6c586-bb86-4a54-bd48-f2b5da763e74.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7117
x-amzn-requestid: 7cfe344b-f098-4260-bb50-6574786e6ee2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BW8HnbIAMFkrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4af5f-14a960ac060d2d120cb0ad7c;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:38:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0F6ZVkqKywgjh9Qa1DJw_-rdOLcc1tzEll0J58NeawksoIu9nY1a-g==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:50:32 GMT
age: 27737
etag: "01efbdf6b2ab79332bf6a22d36472e294732aa17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7117
Md5:    b4ead2bdcbc998a5685d65a26e40ce1a
Sha1:   01efbdf6b2ab79332bf6a22d36472e294732aa17
Sha256: 04399a91345db4f89bdbbb9ddb30db0f2a0c29654491b38bb1a30bd40c4f3e48
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17721e0b-39cb-4632-a9c9-ddc848cd0893.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11051
x-amzn-requestid: 8eff355a-9e3e-46f7-aa26-31ba70e1547d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BHqGt1oAMF32A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4aefd-59aa45de0115e4701da1f51a;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:37:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yrawr_2M2VBO4VHEE9r47YzX23qu2LQrsuWyIKU9JVB9QiJurPocrg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:37:38 GMT
age: 28511
etag: "57b1b984a10d58f1f38df18ab675f064e6926314"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11051
Md5:    5706a71e1d9a6fa4d335f2637aa792bb
Sha1:   57b1b984a10d58f1f38df18ab675f064e6926314
Sha256: 3b9a8d69b7b3d172c3be66a215d8586e241ca0241ba26e53dd0d9fe955e2982a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a269baa-7158-4db8-9b1d-e4e22ec22920.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6711
x-amzn-requestid: 5b99a31c-9224-4862-a43f-544d6fa3dbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BHsEkmIAMFg_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4aefd-571078525a01c4dc72c6ed22;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:37:01 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: M_5qYzlGkpOjdTFFURDkWp4_qVLELvsu_RGFmr6Fovkjdf5GajzcTg==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:37:38 GMT
age: 28511
etag: "b06f33b2742c3c6de4a449f4227d85e6268bafce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6711
Md5:    d82ae97bb9569fa288a23c3380a4f4ef
Sha1:   b06f33b2742c3c6de4a449f4227d85e6268bafce
Sha256: e99961f561aaa3ded5fd1c19ce10505a7d016d5d67bbbef5caebad09ba233b56
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3138a2a5-6ce8-4465-8dff-7307ebdd802f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 13276
x-amzn-requestid: dce1c67f-c737-4247-9322-64e53683db76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Uo2PPFQuIAMFWPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c0372e-34f94a46660e3da478d8dc20;Sampled=0
x-amzn-remapped-date: Sat, 02 Jul 2022 12:16:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WTUH5lb3m_h2w5SPh5Jz9uFENg_0kger2oF8BRog11H-Fi19NA3gyA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 12:51:05 GMT
age: 60104
etag: "7e5a550bbbac49269cae75ce9bb92e8fdf77b086"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13276
Md5:    95aa230a6b516a252f3815c586803c15
Sha1:   7e5a550bbbac49269cae75ce9bb92e8fdf77b086
Sha256: fc3c49de063a4e13c64e799664fa6c7ccf6e42aac5973aaf1af2b7689338f3b9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1720044-e013-44e2-84e3-3257a39ccd02.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5911
x-amzn-requestid: fe59dc2c-e538-4a53-89cc-124a1ef18ae4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0B0QFbBoAMFrYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4b01b-52093f724a31401a2104b0ea;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:41:47 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Brysm3ULEJ2s7hpQj9ss1inxXe757ZsiSZPDhX1vph8c9cc6U592ew==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:49:50 GMT
age: 27779
etag: "207e445452ff97110a4c9edd38bc8933f70fd71e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5911
Md5:    3d1458480bd23c2411fa6de7ae666502
Sha1:   207e445452ff97110a4c9edd38bc8933f70fd71e
Sha256: c29b4c3afdf7843b5f26688ed8dee581ec08c767569f3f0a99c3b22f9825a966