| firefox.settings.services.mozilla.com/v1/ | 54.230.111.65 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP54.230.111.65:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uvyEtRBBORDowY3fXBl-DYhIa4vGWGsvDPV5oxKKBVE8Ka3HllQaWg==
Age: 131323
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash282f6e1328452c1cb41f6a6272fff757 20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262 6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10103
Expires: Fri, 07 Oct 2022 07:04:24 GMT
Date: Fri, 07 Oct 2022 04:16:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash4ab7d8709d334de0e46dcb86aabfbff1 f221138a8ad9d0bfa3c054370dcdb363a67dc310 b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5950
Expires: Fri, 07 Oct 2022 05:55:11 GMT
Date: Fri, 07 Oct 2022 04:16:01 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SodO6TUDxpyOlQwnvt2IM0KjbpYphAzWX0AlPYYXsC3I5PRX28dF3LYZMBHLTVU4AjhNd/yZDZ/rVssqiD9QTg==
x-amz-request-id: MCBRAYSZN4T3X06H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 03:31:02 GMT
age: 2699
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| trpcc.com/?a=7447&c=1370&s1=1307-&s2=MyKJorQ | 52.70.141.34 | 302 Found | 238 B |
URL HTTP/1.1trpcc.com/?a=7447&c=1370&s1=1307-&s2=MyKJorQ IP52.70.141.34:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash084037b214a5b0a0a0d2c77ebd8cd91a 8d93963965dec09aecf7d5c500b0f5b5249404fa 51bb0a59c7f8c56579d885ae91f563becd342ddcaba8a90e77193c58a9ff751e
GET /?a=7447&c=1370&s1=1307-&s2=MyKJorQ HTTP/1.1
Host: trpcc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Fri, 07 Oct 2022 04:16:01 GMT
content-type: text/html; charset=utf-8
content-length: 238
cache-control: private
location: https://click-connect.com/?a=7447&c=1370&s1=1307-&s2=MyKJorQ&ckmguid=0c8286a8-7cd8-4d4c-a68b-8a784c6f5279
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 04:16:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 54.230.111.65 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP54.230.111.65:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 07 Oct 2022 03:29:41 GMT
Expires: Fri, 07 Oct 2022 04:14:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cOT7X5tZ0AE10QN1EBpSX1L9ZT2WYhXW_S-9rId57rZx_XhUUwKTkw==
Age: 2780
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.21.226:0
Hashcd292b20a12c0321ddc478d96df3e195 ba48b497623dfce665c0c87f42a11fd88aafc389 5f8b92a5b062507e25e403f27021b141b8b76e904ada6d2a61746c5240a59a66
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 04:16:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 11 Oct 2022 02:56:10 GMT
ETag: "ba48b497623dfce665c0c87f42a11fd88aafc389"
Last-Modified: Fri, 07 Oct 2022 02:56:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7563d1aa2c13b527-OSL
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash8be5570b9a5ca76c580da007a824b029 38840f2ac6476bdd5608121c5653e338c7ad9715 0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3779
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 04:16:02 GMT
Last-Modified: Fri, 07 Oct 2022 03:13:03 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
|
|
| click-connect.com/?a=7447&c=1370&s1=1307-&s2=MyKJorQ&ckmguid=0c8286a8-7cd8-4d4c-a68b-8a784c6f5279 | 52.70.141.34 | 302 Found | 296 B |
URL HTTP/1.1click-connect.com/?a=7447&c=1370&s1=1307-&s2=MyKJorQ&ckmguid=0c8286a8-7cd8-4d4c-a68b-8a784c6f5279 IP52.70.141.34:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash35b8dc2bbbec50052628fc2f12d07343 bfd3e964ae42701b0a23d909d68d204189566d94 09de3d8ce2868afa330601bd01382f6486b5524ea8aa60e7569eb5780926f202
GET /?a=7447&c=1370&s1=1307-&s2=MyKJorQ&ckmguid=0c8286a8-7cd8-4d4c-a68b-8a784c6f5279 HTTP/1.1
Host: click-connect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 296
Content-Type: text/html; charset=utf-8
Date: Fri, 07 Oct 2022 04:16:02 GMT
Location: http://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=21&a_aid=9e2722ab&a_bid=c6e4e785&autopw=1&autoun=1&x_o=962&x_r=36681127&x_a=7447&x_c=1307-
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=fwAJQhUZcb/n1lha+LFGTNg5+JJDdYxmDylD6BX8tZAqYB9voPacEQ==; domain=.click-connect.com; path=/; SameSite=None; secure; HttpOnly
trk=4N08lmYIVWrn1lha+LFGTNg5+JJDdYxmDylD6BX8tZAqYB9voPacEQ==; domain=.click-connect.com; expires=Mon, 07-Oct-2024 04:16:02 GMT; path=/; SameSite=None; secure; HttpOnly
c962=fwAJQhUZcb9VO3CymJ0uFoL57Nl6vRFGPc9wNUcVQu+rLz5g0fmFzQ==; domain=.click-connect.com; expires=Sun, 06-Nov-2022 04:16:01 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close
|
|
| 9e2722ab.registersafely.com/routes/9e2722ab/?ofid=21&a_aid=9e2722ab&a_bid=c6e4e785&autopw=1&autoun=1&x_o=962&x_r=36681127&x_a=7447&x_c=1307- | 163.171.128.172 | 301 Moved Permanently | 0 B |
URL HTTP/1.19e2722ab.registersafely.com/routes/9e2722ab/?ofid=21&a_aid=9e2722ab&a_bid=c6e4e785&autopw=1&autoun=1&x_o=962&x_r=36681127&x_a=7447&x_c=1307- IP163.171.128.172:0 ASN#54994 QUANTILNETWORKS
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /routes/9e2722ab/?ofid=21&a_aid=9e2722ab&a_bid=c6e4e785&autopw=1&autoun=1&x_o=962&x_r=36681127&x_a=7447&x_c=1307- HTTP/1.1
Host: 9e2722ab.registersafely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 07 Oct 2022 04:16:02 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Server: Cdn Cache Server V2.0
Location: https://9e2722ab.registersafely.com/routes/9e2722ab/?ofid=21&a_aid=9e2722ab&a_bid=c6e4e785&autopw=1&autoun=1&x_o=962&x_r=36681127&x_a=7447&x_c=1307-
X-Via: 1.0 PSdgflkfFRA1gi91:16 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 633fa802_PS-FRA-01lai110_22931-15824
Set-Cookie: HMF_CI=267df6e61dc0ec41ce3afd091b16c171c6ee6a08e7a6d7a3cc1c31af9ef6d135a6b47e7a7bc72917f717d9087b547758e9c901aaba3d4ac2fa77d06e5bc9c84976; Expires=Sun, 06-Nov-22 04:16:02 GMT; Path=/
|
|
| push.services.mozilla.com/ | 34.213.140.56 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.213.140.56:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uMgviRusE0BenxPDAv2SoA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nTXjYPBWQfGOuhUpgPy2X8mp3DQ=
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.21.226:0
Hash6f54c929984aceea0547282235f21949 23f6620637e3e3b5969da08fda682cbc0f4ae7a4 453ebcc968d307fd21f9384027a450a346e7a09bcf93b8c038aee6df80afe4d0
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 04:16:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 11 Oct 2022 03:01:42 GMT
ETag: "23f6620637e3e3b5969da08fda682cbc0f4ae7a4"
Last-Modified: Fri, 07 Oct 2022 03:01:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7563d1ae3e07b527-OSL
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8a19b6db3c0e0c2125317cebb7cc0da4 0231bd1d0abd6dadf367809598287b1c74bc1cc5 47a8f3629342f906dafa91e4c5aa121bd80a277b0e2cd972afb4642af5369778
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47A8F3629342F906DAFA91E4C5AA121BD80A277B0E2CD972AFB4642AF5369778"
Last-Modified: Thu, 06 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 07 Oct 2022 10:16:03 GMT
Date: Fri, 07 Oct 2022 04:16:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe825fc3ba1ec6c169fbc10ffef8dffb0 6bf9cffa8468b37068aebed5a43dbc911086fc84 b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10005
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 04:16:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe825fc3ba1ec6c169fbc10ffef8dffb0 6bf9cffa8468b37068aebed5a43dbc911086fc84 b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10005
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 04:16:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe825fc3ba1ec6c169fbc10ffef8dffb0 6bf9cffa8468b37068aebed5a43dbc911086fc84 b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10005
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 04:16:03 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe825fc3ba1ec6c169fbc10ffef8dffb0 6bf9cffa8468b37068aebed5a43dbc911086fc84 b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10005
Expires: Fri, 07 Oct 2022 07:02:48 GMT
Date: Fri, 07 Oct 2022 04:16:03 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf2ac0ed19ef64f2f765ce7adb2a8fa7c b6ea582befd01324dd456d59d3f610101dcf910c d324c9f67b0efc38a935195076488dd0a62f61b893706ecf40ad1f2c5550a7d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11492
x-amzn-requestid: 7ac7e364-5204-4101-87f6-89fbdf3c5cb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_GKSoAMFdkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-4ae692e2617657225c88e5fb;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: jddNzOBqcXe8oUyYEEC82u0w35f4lAdk7Xf4ruu40Ngj2eY-r1Qyww==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "b6ea582befd01324dd456d59d3f610101dcf910c"
content-type: image/jpeg
age: 23505
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp | 34.120.237.76 | 200 OK | 7.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashed3fa86bbe319c9a2f81ff625e677cb0 e3d5210207f6ff922bc28e328285059c19a523a4 5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: V3fTgH8URZ1iWMxWPy49--20mtdJvMK6XTG_aPKk68pvwCxPl8lULw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 23505
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7e30ca5022768294665070cafc9d489c c6ebf53c21206cfcf8e70279d3ae43f0170ade3a 6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: a9tOPCySPRdXpvJf239ycM7_3PJS7GcITvM52Sxic_FwYr_-n2XQHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
age: 23505
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd58f1191-b279-4341-98b0-b5853ac04100.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd58f1191-b279-4341-98b0-b5853ac04100.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash90f323a3b73cab85abdce9b6631e8d93 36e42d12a193c90fbc03a7d13a1711f24bf6f2a2 259aecd4212d5c91c4eeb930d99e28ce420af50d987e93d99974f6db1127ff28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd58f1191-b279-4341-98b0-b5853ac04100.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8351
x-amzn-requestid: 8e8e58e6-a6d5-41ef-8246-bb276b882852
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmihYGo2oAMFXYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ad5-06b81112046a7b2b3b898a3d;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: ij3kvy3mw4m1fxe_qzZi8-zbw8raIqJB21wPBd6rqmmFLDWar9C3KQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:06:09 GMT
age: 22194
etag: "36e42d12a193c90fbc03a7d13a1711f24bf6f2a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg | 34.120.237.76 | 200 OK | 6.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash06283ec49d3981b60b28731fd8a9940d 10c0d991f7ad234557792c175fdbf81e3356416a 0d8d932cd46fa377ce3dfe5fe1287ab1cd0daad0ef52a42baad2462d10e5a80f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6052
x-amzn-requestid: 6c8abd32-7499-4636-bf8a-3baaa88bf1ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi-HWOoAMFalA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-464364630dd2dbfa0d69f6f5;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: L13zNwITYkfg7x7UlAs_eVjJWRJsdxV5R7g5GHSAE8BgjN-1FB1AHQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:16 GMT
etag: "10c0d991f7ad234557792c175fdbf81e3356416a"
content-type: image/jpeg
age: 22067
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F773e2560-6c32-4224-8404-2794a40799cd.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F773e2560-6c32-4224-8404-2794a40799cd.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash39cf77bd6009d3c538455b3846680278 ad0ed304e5173bdb8f08254c2e4a5032e8fcafa5 792997f1f9a485ca57d274c7899e4f526476bf15ed564a8b74d248c4458b188f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F773e2560-6c32-4224-8404-2794a40799cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9564
x-amzn-requestid: 38d87e57-3600-4e0e-bd24-a8f857800bc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmhkGHtZIAMFz0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f494d-21b041d97b406dea36b9f35b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: DNBjRFbLHdYGd4-klRgAiRXPCq2_uOMh5LGi9udoD1c0eSVXJ6h4xw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 23505
etag: "ad0ed304e5173bdb8f08254c2e4a5032e8fcafa5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css | 152.199.19.160 | 200 OK | 20 kB |
URL HTTP/2ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css IP152.199.19.160:0
File typeASCII text, with very long lines (65371) Hash7e2bb6028f0b19917a1a2d1944fc72b1 e1837fc75ee2ddd24c6e1df6b309ea212b57e681 cc6093bd7162882fd34252fb5d3e8e7d07247e3b70fad894320bf2a960abeda5
GET /ajax/bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 9842900
cache-control: public,max-age=31536000
content-type: text/css
date: Fri, 07 Oct 2022 04:16:04 GMT
etag: "0e914f2cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (ska/F740)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19629
X-Firefox-Spdy: h2
|
|
| ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js | 152.199.19.160 | 200 OK | 9.8 kB |
URL HTTP/2ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js IP152.199.19.160:0
File typeASCII text, with very long lines (32033) Hash432ca07a1a844dbb27f9e0ab0d468be5 7fdaf858d702f84536a515c675b4028ce2eb0cfa 12732099d21835fabf83a93eec52f7cf1847cd64a0572d18917b2e13b06d5cf0
GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nglgnc.com
Connection: keep-alive
Referer: https://nglgnc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 6748709
cache-control: public,max-age=31536000
content-type: application/javascript
date: Fri, 07 Oct 2022 04:16:04 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash18e0e019cd697bb16806d8f00408a319 60ceb13c31595e6cf9bb6800657e4593a1fbd670 7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 04:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash18e0e019cd697bb16806d8f00408a319 60ceb13c31595e6cf9bb6800657e4593a1fbd670 7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 04:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash5eee2baed68ec922370bd283860860fd 7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4 7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 04:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js | 142.250.74.42 | 200 OK | 31 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP142.250.74.42:0
File typeASCII text, with very long lines (65451) Hash81182f4b684635f6bdcbdd907ee66f25 a1f2f151df72ede41397c8131bd47a3ce85575b3 be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nglgnc.com
Connection: keep-alive
Referer: https://nglgnc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 15:53:22 GMT
expires: Wed, 04 Oct 2023 15:53:22 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 217362
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| nglgnc.com/common_tpls/compactML/css/ver.css | 207.120.33.40 | 200 OK | 5.8 kB |
URL HTTP/2nglgnc.com/common_tpls/compactML/css/ver.css IP207.120.33.40:0
File typeASCII text, with very long lines (36753), with no line terminators Hasha15bb16005ffbc11893139689594af14 2736ec6697dea5ae31b0a92ae6155f431584932b e7c941df8cc642e485135eca77112c3b766583213ed6cc2603386e78496d1f76
GET /common_tpls/compactML/css/ver.css HTTP/1.1
Host: nglgnc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/user/?SID=256fe9e2671095b380d83285d4888716
Cookie: PHPSESSID=256fe9e2671095b380d83285d4888716
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:04 GMT
content-type: text/css
content-length: 5750
last-modified: Fri, 01 May 2020 20:37:16 GMT
etag: W/"5eac887c-8f91"
content-encoding: gzip
section-io-cache-id: 297475f1eaedb45091ceddea9aae638e
vary: Accept-Encoding
x-varnish: 6674250 12244069
age: 13520
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 6ffadbc2e180adb62f8599fedc530311
X-Firefox-Spdy: h2
|
|
| nglgnc.com/common_tpls/images/ajax-loader.gif | 207.120.33.40 | 200 OK | 3.2 kB |
URL HTTP/2nglgnc.com/common_tpls/images/ajax-loader.gif IP207.120.33.40:0
File typeGIF image data, version 89a, 32 x 32\012- data Hashbe1cede97289c13920048f238fd37b85 313b867d11fc0dd6bc6ca47c334bbcf18956ca76 fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
GET /common_tpls/images/ajax-loader.gif HTTP/1.1
Host: nglgnc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/user/?SID=256fe9e2671095b380d83285d4888716
Cookie: PHPSESSID=256fe9e2671095b380d83285d4888716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:04 GMT
content-type: image/gif
content-length: 3208
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
etag: "52533a73-c88"
section-io-cache-id: 8149bf1ae4dea9d90cad3bbf6767f913
x-varnish: 11400186 11069685
age: 17433
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 05718bf5f9d7d6fae04498fcc3031a2b
X-Firefox-Spdy: h2
|
|
| nglgnc.com/common_tpls/images/icons/email.png | 207.120.33.40 | 200 OK | 1.3 kB |
URL HTTP/2nglgnc.com/common_tpls/images/icons/email.png IP207.120.33.40:0
File typePNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data Hasha86d99b9176d82a211cfa29b2f0b353f 62947ddfd87e3a21869818885e4bfa4e55ad0c11 f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
GET /common_tpls/images/icons/email.png HTTP/1.1
Host: nglgnc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/user/?SID=256fe9e2671095b380d83285d4888716
Cookie: PHPSESSID=256fe9e2671095b380d83285d4888716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:04 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
section-io-cache-id: ed42e552bc4385da604f74a661d03bb2
x-varnish: 2805422 11817519
age: 13729
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: a960839e016e1d7753aa267d4b1bfdce
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-208173773-1 | 142.250.74.168 | 200 OK | 42 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-208173773-1 IP142.250.74.168:0
File typeASCII text, with very long lines (2039) Hash4862280027bbe3e4b90f9942989979c3 09d6b33bb7f52a2bde3a6e915c0dc380a70eb1ea f871a2594dd8df9ec7afc4860e97f260f602ba20736889cd0141c326bbd9d04a
GET /gtag/js?id=UA-208173773-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Oct 2022 04:16:04 GMT
expires: Fri, 07 Oct 2022 04:16:04 GMT
cache-control: private, max-age=900
last-modified: Fri, 07 Oct 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash18e0e019cd697bb16806d8f00408a319 60ceb13c31595e6cf9bb6800657e4593a1fbd670 7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 04:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash5eee2baed68ec922370bd283860860fd 7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4 7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 04:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 | 104.18.23.52 | 200 OK | 4.2 kB |
URL HTTP/2ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 IP104.18.23.52:0
File typeASCII text, with very long lines (26366) Hash7fd743485fa194e25e2a207bff6c258a 97c999d752b95ee1ed6271a29aa58109dc17281e dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nglgnc.com/
Origin: https://nglgnc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:04 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 59683
accept-ranges: bytes
server: cloudflare
cf-ray: 7563d1ba7ac6b4eb-OSL
X-Firefox-Spdy: h2
|
|
| ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 | 104.18.23.52 | 200 OK | 54 kB |
URL HTTP/2ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 IP104.18.23.52:0
File typeASCII text, with very long lines (65397) Hashdc9270247a97f75913a5d8934c24de03 ed9b0fa01b552571f99d529ed355b2ba91cfc48d 847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nglgnc.com/
Origin: https://nglgnc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:04 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 59683
accept-ranges: bytes
server: cloudflare
cf-ray: 7563d1ba7ac8b4eb-OSL
X-Firefox-Spdy: h2
|
|
| ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 | 104.18.23.52 | 200 OK | 2.6 kB |
URL HTTP/2ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 IP104.18.23.52:0
File typeASCII text, with very long lines (27832) Hasheaaabd3f60063923cd5333eb1d7a20a1 0da69706105e28896a1f6eeaa91d5bec1b82f7f1 f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nglgnc.com/
Origin: https://nglgnc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:04 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 59683
accept-ranges: bytes
server: cloudflare
cf-ray: 7563d1ba7acbb4eb-OSL
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8211da5b4c5c0230c7e6669e53a37d50 7b6eee463d28b5be576f743256f6b664e04b6f34 b343ca41cc33e618e087e104449203cd1f449ced5edcc3bc29cfaa60b0802461
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B343CA41CC33E618E087E104449203CD1F449CED5EDCC3BC29CFAA60B0802461"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21555
Expires: Fri, 07 Oct 2022 10:15:19 GMT
Date: Fri, 07 Oct 2022 04:16:04 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashaea480478c3be7392d09e8a92826542f b660fb42c8122efb07b3d1de1a8907ad1f6e1a60 ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 04:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 172.217.21.163 | 200 OK | 128 kB |
URL HTTP/2fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP172.217.21.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nglgnc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 20:36:08 GMT
expires: Fri, 06 Oct 2023 20:36:08 GMT
cache-control: public, max-age=31536000
age: 27596
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashaea480478c3be7392d09e8a92826542f b660fb42c8122efb07b3d1de1a8907ad1f6e1a60 ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 04:16:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| nglgnc.com/common_tpls/images/over18.png | 207.120.33.40 | 200 OK | 9.7 kB |
URL HTTP/2nglgnc.com/common_tpls/images/over18.png IP207.120.33.40:0
File typePNG image data, 290 x 36, 8-bit/color RGBA, non-interlaced\012- data Hash626abf4dbdecc25a56172077a2ccbb26 a5037a5d29cae871e85912af7520f8f491abaef5 8bcd807c963e0bbb9b01a5ed09cd83f32f67f36a82200e0eae4e527d3a2b68a6
GET /common_tpls/images/over18.png HTTP/1.1
Host: nglgnc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/common_tpls/compactML/css/ver.css
Cookie: PHPSESSID=256fe9e2671095b380d83285d4888716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:04 GMT
content-type: image/png
content-length: 9699
last-modified: Wed, 09 Aug 2017 20:35:56 GMT
etag: "598b722c-25e3"
section-io-cache-id: 7ab95e10cf0325686d66eede8c4454e2
x-varnish: 8743877 13013286
age: 8850
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 96d0bf650332bec9cf435de298366690
X-Firefox-Spdy: h2
|
|
| nglgnc.com/common_tpls/images/secure2.png | 207.120.33.40 | 200 OK | 16 kB |
URL HTTP/2nglgnc.com/common_tpls/images/secure2.png IP207.120.33.40:0
File typePNG image data, 290 x 48, 8-bit/color RGBA, non-interlaced\012- data Hash3935053507bb6807a404192e43a75bc7 dc9c413394bbb758d96909846ea7527fa6b08e7c cb65554735c15898c8e2b743afa443ec795b638833638af32064b4c4e5893a23
GET /common_tpls/images/secure2.png HTTP/1.1
Host: nglgnc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/common_tpls/compactML/css/ver.css
Cookie: PHPSESSID=256fe9e2671095b380d83285d4888716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:04 GMT
content-type: image/png
content-length: 16349
last-modified: Wed, 09 Aug 2017 20:35:56 GMT
etag: "598b722c-3fdd"
section-io-cache-id: 0fab2ca367266ae9fcb1ef6d4dd6f50a
x-varnish: 12540047 12243632
age: 13825
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 4083c18ec6e9e0f4be4f4cea93f1df2d
X-Firefox-Spdy: h2
|
|
| kit.fontawesome.com/b314bdf1b3.js | 104.18.23.52 | 200 OK | 4.0 kB |
URL HTTP/2kit.fontawesome.com/b314bdf1b3.js IP104.18.23.52:0
Hash1a177482ab3aeaaafc31ba7c7a9856ea 78f485c85f75b898bb9c957abdb967d891df6fe4 b78bbdfa4bd08b22cebd142aa68a833542add49da56938920a29a560a2a4b351
GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nglgnc.com
Connection: keep-alive
Referer: https://nglgnc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:04 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxqiMVPUQd8nRPdYIkyD
cf-cache-status: HIT
server: cloudflare
cf-ray: 7563d1b979ebb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 07 Oct 2022 02:41:09 GMT
expires: Fri, 07 Oct 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 5696
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| geoip.registersafely.com/?v=1 | 207.120.33.5 | 200 OK | 173 B |
URL HTTP/2geoip.registersafely.com/?v=1 IP207.120.33.5:0
Hashea85aa00dfd8de7f18ed1a46cf68ecda 8675bf44d34e55f608a3709f9043a1721554ebc5 acfc44a91504cde03fdb2a28ef4bfbb36ec13e02fd383a2dfc06c6c51f9ebb39
GET /?v=1 HTTP/1.1
Host: geoip.registersafely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:04 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-varnish: 8743874
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
content-encoding: gzip
section-io-id: fe3f7b6843bee98d3cc03890ee7c164f
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/nr-spa-1216.min.js | 151.101.86.137 | 200 OK | 18 kB |
URL HTTP/2js-agent.newrelic.com/nr-spa-1216.min.js IP151.101.86.137:0
File typeASCII text, with very long lines (32010) Hash6561a2403142205f966207d61576f1a6 1310e72f494e12ab63a4280fc1600a2c89dc9bb8 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 07 Oct 2022 04:16:05 GMT
via: 1.1 varnish
x-served-by: cache-bma1662-BMA
x-cache: HIT
x-cache-hits: 791
x-timer: S1665116165.218975,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
|
|
| bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1635&ck=1&ref=https://nglgnc.com/user/&ap=139&be=446&fe=1561&dc=1138&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1665116163590,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:1,%22rq%22:28,%22rp%22:416,%22rpe%22:416,%22dl%22:420,%22di%22:1121,%22ds%22:1136,%22de%22:1138,%22dc%22:1560,%22l%22:1560,%22le%22:1562%7D,%22navigation%22:%7B%7D%7D&fcp=1148&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken | 162.247.241.14 | 200 OK | 77 B |
URL HTTP/1.1bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1635&ck=1&ref=https://nglgnc.com/user/&ap=139&be=446&fe=1561&dc=1138&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1665116163590,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:1,%22rq%22:28,%22rp%22:416,%22rpe%22:416,%22dl%22:420,%22di%22:1121,%22ds%22:1136,%22de%22:1138,%22dc%22:1560,%22l%22:1560,%22le%22:1562%7D,%22navigation%22:%7B%7D%7D&fcp=1148&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken IP162.247.241.14:0
File typeASCII text, with no line terminators Hashf1442f5831dbbe0210da2d7a4180d6b8 2ade23c6c7a001c66f0c0a9a101ec152747b434e c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1635&ck=1&ref=https://nglgnc.com/user/&ap=139&be=446&fe=1561&dc=1138&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1665116163590,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:1,%22ce%22:1,%22rq%22:28,%22rp%22:416,%22rpe%22:416,%22dl%22:420,%22di%22:1121,%22ds%22:1136,%22de%22:1138,%22dc%22:1560,%22l%22:1560,%22le%22:1562%7D,%22navigation%22:%7B%7D%7D&fcp=1148&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 04:16:05 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7563d1c0dc79fabc-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=58546689c5c5001a; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
|
|
| bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1804&ck=1&ref=https://nglgnc.com/user/ | 162.247.241.14 | 200 OK | 24 B |
URL HTTP/1.1bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1804&ck=1&ref=https://nglgnc.com/user/ IP162.247.241.14:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashbc32ed98d624acb4008f986349a20d26 2d3df8c11d2168ce2c27e0937421d11d85016361 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1216.487a282&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1804&ck=1&ref=https://nglgnc.com/user/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 615
Origin: https://nglgnc.com
Connection: keep-alive
Referer: https://nglgnc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 04:16:05 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 7563d1c1dcd8fabc-OSL
Access-Control-Allow-Origin: https://nglgnc.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
|
|
| nglgnc.com/user/?ofid=21&a_aid=9e2722ab&a_bid=c6e4e785&autopw=1&autoun=1&x_o=962&x_r=36681127&x_a=7447&x_c=1307-&sitekey=4ea3185ec21da90d&rtr=1&rtid=1910651937 | 207.120.33.40 | 200 OK | 0 B |
URL HTTP/2nglgnc.com/user/?ofid=21&a_aid=9e2722ab&a_bid=c6e4e785&autopw=1&autoun=1&x_o=962&x_r=36681127&x_a=7447&x_c=1307-&sitekey=4ea3185ec21da90d&rtr=1&rtid=1910651937 IP207.120.33.40:0
GET /user/?ofid=21&a_aid=9e2722ab&a_bid=c6e4e785&autopw=1&autoun=1&x_o=962&x_r=36681127&x_a=7447&x_c=1307-&sitekey=4ea3185ec21da90d&rtr=1&rtid=1910651937 HTTP/1.1
Host: nglgnc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=256fe9e2671095b380d83285d4888716; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 12118757
age: 0
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: 933b2f3dad4008e8a4a76103729180f8
X-Firefox-Spdy: h2
|
|
| nglgnc.com/favicon.ico | 207.120.33.40 | 404 Not Found | 0 B |
IP207.120.33.40:0
GET /favicon.ico HTTP/1.1
Host: nglgnc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/user/?ofid=21&a_aid=9e2722ab&a_bid=c6e4e785&autopw=1&autoun=1&x_o=962&x_r=36681127&x_a=7447&x_c=1307-&sitekey=4ea3185ec21da90d&rtr=1&rtid=1910651937
Cookie: PHPSESSID=256fe9e2671095b380d83285d4888716
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 07 Oct 2022 04:16:03 GMT
content-type: text/html
vary: Accept-Encoding
x-varnish: 11400180 4801383
age: 63
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: d3f996fba4421933e92132879343eead
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.10:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 07 Oct 2022 04:16:04 GMT
date: Fri, 07 Oct 2022 04:16:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| nglgnc.com/common_tpls/js/validate_form_v2.js?jsv=26 | 207.120.33.40 | 200 OK | 0 B |
URL HTTP/2nglgnc.com/common_tpls/js/validate_form_v2.js?jsv=26 IP207.120.33.40:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /common_tpls/js/validate_form_v2.js?jsv=26 HTTP/1.1
Host: nglgnc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/user/?SID=256fe9e2671095b380d83285d4888716
Cookie: PHPSESSID=256fe9e2671095b380d83285d4888716
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 04 Oct 2022 17:00:20 GMT
etag: W/"633c66a4-5feb"
section-io-cache-id: 6bbed073e4fd84571ad225669e6d87c9
x-varnish: 6674251 11071316
age: 18085
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 1c8e4af6ee4451dd364b0265d8d7edb1
X-Firefox-Spdy: h2
|
|
| nglgnc.com/common_tpls/js/form_support.js?v=1003202201 | 207.120.33.40 | 200 OK | 0 B |
URL HTTP/2nglgnc.com/common_tpls/js/form_support.js?v=1003202201 IP207.120.33.40:0
GET /common_tpls/js/form_support.js?v=1003202201 HTTP/1.1
Host: nglgnc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/user/?SID=256fe9e2671095b380d83285d4888716
Cookie: PHPSESSID=256fe9e2671095b380d83285d4888716
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 03 Oct 2022 16:43:12 GMT
etag: W/"633b1120-6a5"
section-io-cache-id: 93d576ac9e6464b56df90a924fdba43c
x-varnish: 12254558 12658163
age: 14066
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: a5699da7f93736edf56167a970a11dbd
X-Firefox-Spdy: h2
|
|
| 9e2722ab.registersafely.com/routes/9e2722ab/?ofid=21&a_aid=9e2722ab&a_bid=c6e4e785&autopw=1&autoun=1&x_o=962&x_r=36681127&x_a=7447&x_c=1307- | 163.171.128.172 | 302 Found | 0 B |
URL HTTP/29e2722ab.registersafely.com/routes/9e2722ab/?ofid=21&a_aid=9e2722ab&a_bid=c6e4e785&autopw=1&autoun=1&x_o=962&x_r=36681127&x_a=7447&x_c=1307- IP163.171.128.172:0 ASN#54994 QUANTILNETWORKS
GET /routes/9e2722ab/?ofid=21&a_aid=9e2722ab&a_bid=c6e4e785&autopw=1&autoun=1&x_o=962&x_r=36681127&x_a=7447&x_c=1307- HTTP/1.1
Host: 9e2722ab.registersafely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 07 Oct 2022 04:16:02 GMT
content-type: text/html; charset=UTF-8
server: waf/4.31.19-2.el6
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://nglgnc.com/user/?ofid=21&a_aid=9e2722ab&a_bid=c6e4e785&autopw=1&autoun=1&x_o=962&x_r=36681127&x_a=7447&x_c=1307-&sitekey=4ea3185ec21da90d&rtr=1&rtid=1910651937
x-via: 1.1 PS-SJC-011UH181:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:16 (Cdn Cache Server V2.0)
x-ws-request-id: 633fa802_PSdgflkfFRA1vg90_35001-10687
set-cookie: PHPSESSID=b8d00451a0078f0419edafb3fc771de4; path=/; secure; SameSite=None
HMF_CI=d89d84f3b7aa38ef95b3f0b600ea7f9a1d23cce26690030c93c5d23f94ad8566ecfab111571a03c325180b4e7b98bd34abccd474e933c4cfd3b602b54fb15f6638; Expires=Sun, 06-Nov-22 04:16:02 GMT; Path=/
X-Firefox-Spdy: h2
|
|
| nglgnc.com/common_tpls/js/iframeResizer.contentWindow.min.js | 207.120.33.40 | 200 OK | 0 B |
URL HTTP/2nglgnc.com/common_tpls/js/iframeResizer.contentWindow.min.js IP207.120.33.40:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: nglgnc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/user/?SID=256fe9e2671095b380d83285d4888716
Cookie: PHPSESSID=256fe9e2671095b380d83285d4888716
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 04:16:04 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 1b3aa2b6e0282280b25ae6c92559233d
x-varnish: 11400187 12102212
age: 17474
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 2efe77d4a74a508b2926524c08b244cd
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Quicksand | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Quicksand IP142.250.74.10:0
GET /css?family=Quicksand HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nglgnc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 07 Oct 2022 04:16:04 GMT
date: Fri, 07 Oct 2022 04:16:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|