r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eecebe0566883e33558e8e67beaccb29
acdd8fd09e2066ed5ecfbc3f11c4a2d61218ecc7
65e21170242bf41eb529fa422385dbe5af65a61e374e6dd5669e7e5f927948af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65E21170242BF41EB529FA422385DBE5AF65A61E374E6DD5669E7E5F927948AF"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8214
Expires: Tue, 10 Jan 2023 17:04:43 GMT
Date: Tue, 10 Jan 2023 14:47:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5144
Expires: Tue, 10 Jan 2023 16:13:33 GMT
Date: Tue, 10 Jan 2023 14:47:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 10 Jan 2023 13:48:29 GMT
content-type: application/json
age: 3560
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6475
Expires: Tue, 10 Jan 2023 16:35:44 GMT
Date: Tue, 10 Jan 2023 14:47:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aKpzTVAtMSOEPspOlKdY7jMFFSCADFvysqfTw49gxof31KvJc50c1dvVT1CnQjmUE2VEoIUM79o=
x-amz-request-id: HXFD1XSYWWS8PTA7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 10 Jan 2023 14:01:41 GMT
age: 2768
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
samarapressteam.com/Chase/e4f148ae2befa3f401fc309466a260bb/
104.21.59.61403 Forbidden 365 B URL HTTP/1.1 samarapressteam.com/Chase/e4f148ae2befa3f401fc309466a260bb/
IP 104.21.59.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6fd9dd643a0776b90decff62a8a6d38a
05ef490894c9ea1aa067f4ea7846eac981613fdd
e57a96baa5dcc9deafd2f89ca4867bf6f7a57d0e5bf47eff4b60b699bdea06c5
Analyzer Verdict Alert fortinet Phishing
GET /Chase/e4f148ae2befa3f401fc309466a260bb/ HTTP/1.1
Host: samarapressteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Tue, 10 Jan 2023 14:47:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Mar 2022 21:39:59 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrnT8yd3TFtQEnqF0jPgXc%2FXmmookfBOO3CKkInnrWUX%2BaYIyd8lPcvK95qQO07kREPWoSLvFzwWL9wAIhzxHi4s6jhaezMuo%2F2nyMH1Q0xw9J0IjCoKaXXoSMT4UO02PHFdFUZs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 787635c6cbc7fab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 10 Jan 2023 14:47:49 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsinit.directfwd.com/sk-jspark_init.php
23.36.76.163200 OK 599 B URL HTTP/1.1 cdn.jsinit.directfwd.com/sk-jspark_init.php
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
Hash e903acce9cfe62c8cc731a96c21ab266
ac691edbdaeb8c96e85378dde7629b37461d20f2
3f819781d3d5f7dfdbcd79e272c5cc56e64d121b28ebf31560554f13b4ce8b9e
Analyzer Verdict Alert fortinet Malware
GET /sk-jspark_init.php HTTP/1.1
Host: cdn.jsinit.directfwd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samarapressteam.com/
HTTP/1.1 200 OK
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 599
Date: Tue, 10 Jan 2023 14:47:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 10 Jan 2023 14:17:24 GMT
age: 1826
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a831a999b5e598b4e9f4e31e8054ca7c
9971a4a806f48777ae6d9525085d16d0c6314c51
cdffa8dd48e75baa98670f82dfac2b3948667ca32dd93f469d2cd49d3a58581c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2619
Cache-Control: max-age=154959
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 14:47:50 GMT
Etag: "63bd2aaa-1d7"
Expires: Thu, 12 Jan 2023 09:50:29 GMT
Last-Modified: Tue, 10 Jan 2023 09:06:50 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
samarapressteam.com/favicon.ico
104.21.59.61500 Internal Server Error 0 B URL HTTP/1.1 samarapressteam.com/favicon.ico
IP 104.21.59.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: samarapressteam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samarapressteam.com/Chase/e4f148ae2befa3f401fc309466a260bb/
HTTP/1.1 500 Internal Server Error
Date: Tue, 10 Jan 2023 14:47:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnBvDw%2F%2FvF2zQu1DkUVsTD%2FdqzkBV79P7%2FyP9f42lOE0UVYhLEvORnIw6Mc5Hv8SSnd%2FbB0pIEUIvKMaDRQfsH2JHN3lLCOa5PzMHtGDG0q%2FXUZPHJ%2FZ%2FxToOfwLd0yCLkMZWJES"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 787635cb8f1cfab4-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
44.241.148.153101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.241.148.153:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6Piz00NZsksPt+lRv6/V7g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: s7Vdpd7ADGVaa/hat4Aftnl+M1o=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12221
Expires: Tue, 10 Jan 2023 18:11:32 GMT
Date: Tue, 10 Jan 2023 14:47:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12221
Expires: Tue, 10 Jan 2023 18:11:32 GMT
Date: Tue, 10 Jan 2023 14:47:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12221
Expires: Tue, 10 Jan 2023 18:11:32 GMT
Date: Tue, 10 Jan 2023 14:47:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12221
Expires: Tue, 10 Jan 2023 18:11:32 GMT
Date: Tue, 10 Jan 2023 14:47:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8bd889ec-302d-44e9-a290-89266ee38381.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8bd889ec-302d-44e9-a290-89266ee38381.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db3c7aaa80c366124e52b9da9aa710e2
ac50f2b47dd387175f838d4606e33fb91fec37b1
d4e19635e7ad010d0bc8eb1c34084e9174026df4e36e9a972318b9f6b7957834
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8bd889ec-302d-44e9-a290-89266ee38381.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7981
x-amzn-requestid: aef01bcd-4752-4435-a6a8-a33c78cb7d42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ1FIFQVIAMFTmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba3553-2d2e650374cb35a322f96153;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:15:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qB9_IbgBxOPhMFxZzxb5k2c32_TW4MTYKyOCwZZ07dqnmGP7sDl9cw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 03:49:54 GMT
age: 39477
etag: "ac50f2b47dd387175f838d4606e33fb91fec37b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaa8f015-6153-411e-ba89-a5e40b12f27e.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaa8f015-6153-411e-ba89-a5e40b12f27e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1427567eaf5a33fbade40a49afb785eb
d36efd23bf0846e93cf459bc745ac65801ae7536
b865810ab68ec856e11596e68437368e8bbacf84623d2f7668a7154993a6caf1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaa8f015-6153-411e-ba89-a5e40b12f27e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14830
x-amzn-requestid: 70cae51a-4d22-40d5-a96e-5b4fd2e73aa7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efoXvFXBoAMFyYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc8764-31043df63b816c8d7055bd67;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:30:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: huF1RWdeym0JBPVZzlAFGxBzQWVQGJrjwcZQ7GKMN1TbmiqLslnE8g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 22:04:51 GMT
age: 60180
etag: "d36efd23bf0846e93cf459bc745ac65801ae7536"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99067107-51cd-49b3-acf1-6adcfb52426d.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99067107-51cd-49b3-acf1-6adcfb52426d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fd9808497597d6a5d05b998f31af317
09799d0045a418cc62825558e3dd5658350763fc
0507f6411777ad5773efa8fda81f3fd09a1543c58fd45a0b011342c947ce6f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99067107-51cd-49b3-acf1-6adcfb52426d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6201
x-amzn-requestid: ce7c5c1e-8e06-4163-88a1-0c5968263f6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ0giEiMoAMFRwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba3469-76291ed321ed2a713fed0811;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:11:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4mdJKskKGZuN0ICWOlcFuvYlHuoEHOkuZ-l6Akr2e0h7xtZQASp2Rw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 03:56:45 GMT
age: 39066
etag: "09799d0045a418cc62825558e3dd5658350763fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F231b20e9-b883-4d22-a499-0edffa21d837.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F231b20e9-b883-4d22-a499-0edffa21d837.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4753795f36012ff993f492314aa210ec
d5c8f6896fda40fc34dbc7554ce1ece173dd2d09
cbf28b1d51aae0e01fbe9228bfb1afead400ca7cc69875ffaef573f9e068a51f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F231b20e9-b883-4d22-a499-0edffa21d837.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9052
x-amzn-requestid: 51cb3d41-07e4-499a-b7a7-b4ee4963c587
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efp7aGB-oAMF-0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc89e2-7bb9960c3f0116240e5ba086;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:40:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Uj03bFs1JcsW67nDiC001HBFPRKWTas3EFwGDpU5LnGIKDINZ3mqQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 22:01:08 GMT
age: 60403
etag: "d5c8f6896fda40fc34dbc7554ce1ece173dd2d09"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22aaa4ec-a3a2-40cd-b0a6-2727e078bd89.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22aaa4ec-a3a2-40cd-b0a6-2727e078bd89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e93c4504f211614e76206db4ef758cb2
933bd495fcfd2d39ad13f1f5d0aba5a0a3a677bf
f3bde37de7ecbfbcd7c52e39178625760af7c86ffeaa6a68eb2ad1462e9a8be6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22aaa4ec-a3a2-40cd-b0a6-2727e078bd89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9743
x-amzn-requestid: d4290427-ed0d-4805-9e4e-57bf21ea8813
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efpx3FBroAMFZYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc89a5-6d54f5317723f2602860c410;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vJmVzAh1Ski2XBZKCE80TrHilq12hEHlACMbKbM_rzPQDN9AO-I9Sw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 21:58:35 GMT
age: 60556
etag: "933bd495fcfd2d39ad13f1f5d0aba5a0a3a677bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09f254d6-701e-4bd4-970b-eb04779f9224.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09f254d6-701e-4bd4-970b-eb04779f9224.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 734ff17a5e4d6aab99c66077fd8a1523
896686b45827a8d64ce3c8a4758a5ba25f61db1f
11a5dd584d35cf044b077e1deab30b1d6a35bc137cf5b54c8a0fe302b28c027f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09f254d6-701e-4bd4-970b-eb04779f9224.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11863
x-amzn-requestid: be130a0b-058e-445a-ab54-023625bb3aa9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efoYZGhHoAMFSEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc8768-7a5c69745e4a56ec1e720bda;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:30:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6CSNA2_dkIijL0HoEJCS8k8qlLxcdzGmd1G5T4SACKoOPf46QEQMrA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 22:01:53 GMT
age: 60358
etag: "896686b45827a8d64ce3c8a4758a5ba25f61db1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
scoutnewresults.com/sk-jspark.php?dn=samarapressteam.com&pid=9POBEX80W&kwrf=http%3A%2F%2Fsamarapressteam.com%2FChase%2Fe4f148ae2befa3f401fc309466a260bb%2F&reqref=
208.91.196.46200 OK 2.2 kB URL HTTP/1.1 scoutnewresults.com/sk-jspark.php?dn=samarapressteam.com&pid=9POBEX80W&kwrf=http%3A%2F%2Fsamarapressteam.com%2FChase%2Fe4f148ae2befa3f401fc309466a260bb%2F&reqref=
IP 208.91.196.46:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1528)
Hash 23cdcce889e49eaf1d299b26995161d9
cbfe72dbd4bd06e7e4626e4f852845e9dad13fd7
9b585dfb2fec2d96f303794f7374dc364f9ef528a8bccf1b706a4ffa6f393cf5
GET /sk-jspark.php?dn=samarapressteam.com&pid=9POBEX80W&kwrf=http%3A%2F%2Fsamarapressteam.com%2FChase%2Fe4f148ae2befa3f401fc309466a260bb%2F&reqref= HTTP/1.1
Host: scoutnewresults.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samarapressteam.com/
HTTP/1.1 200 OK
Date: Tue, 10 Jan 2023 14:47:50 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Expires: Mon, 22 Jul 2002 11:12:01 GMT
Cache-Control: private, no-cache
Pragma: no-cache
Content-Length: 2189
Keep-Alive: timeout=5, max=126
Connection: Keep-Alive
Content-Type: text/javascript;charset=UTF-8
sedoparking.com/frmpark/samarapressteam.com/Skenzor23/park.js
64.190.63.136200 OK 603 B URL HTTP/1.1 sedoparking.com/frmpark/samarapressteam.com/Skenzor23/park.js
IP 64.190.63.136:0
File type ASCII text, with very long lines (987)
Hash 39842791a2c7efac327899bfb44123d7
41232029571936f0b4d27f1c19e8acaa9c16d6ae
2f5a676fc6b256d2781ac6a2e1998da48b072e6c14eebb1f530bf666aee3a74f
GET /frmpark/samarapressteam.com/Skenzor23/park.js HTTP/1.1
Host: sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samarapressteam.com/
HTTP/1.1 200 OK
date: Tue, 10 Jan 2023 14:47:52 GMT
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-75cd85f887-52gwj
server: NginX
content-encoding: gzip
pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
142.250.74.2200 OK 3.1 kB URL HTTP/1.1 pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
IP 142.250.74.2:0
File type ASCII text, with very long lines (1157)
Hash 046393fd3c7a11e55fea1f5d387cdd3f
6e2b13e7a77ab56bf92899b19fb95013e7a4d5cd
ac80004cfb20d5f74162d479b8f637a43e364333068d6b728b77f27cff48f417
GET /apps/domainpark/show_afd_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samarapressteam.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Length: 3126
Date: Tue, 10 Jan 2023 14:47:52 GMT
Expires: Tue, 10 Jan 2023 14:47:52 GMT
Cache-Control: private, max-age=3600
ETag: "6083360036849444329"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e06041fffd1631ce1b63dbad57ffd663
eb5d6e4bd219550e6479ec50387c521d44137d7e
652460c549474ea053102600506c98e82ab5f72a478082f248d3ab37518ce612
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 14:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/dp/ads?output=afd_ads&client=dp-sedo89_3ph&domain_name=samarapressteam.com&afdt=create&swp=as-drid-2572988782380738&dt=1673362059133&u_tz=0&u_his=1&u_h=1024&u_w=1280&frm=0
142.250.74.164200 OK 139 B URL HTTP/2 www.google.com/dp/ads?output=afd_ads&client=dp-sedo89_3ph&domain_name=samarapressteam.com&afdt=create&swp=as-drid-2572988782380738&dt=1673362059133&u_tz=0&u_his=1&u_h=1024&u_w=1280&frm=0
IP 142.250.74.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 89fd0d6f507a198438d0cea8d9c398ee
9dee75dbe3794c72f6709c61f44fba453d30cde1
dccf9d2eb7f520822f4f805bdd3fe816d7457c618dc7a385dc7ae628cc37b430
GET /dp/ads?output=afd_ads&client=dp-sedo89_3ph&domain_name=samarapressteam.com&afdt=create&swp=as-drid-2572988782380738&dt=1673362059133&u_tz=0&u_his=1&u_h=1024&u_w=1280&frm=0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://samarapressteam.com
Connection: keep-alive
Referer: http://samarapressteam.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=ISO-8859-1
content-disposition: inline
date: Tue, 10 Jan 2023 14:47:52 GMT
expires: Tue, 10 Jan 2023 14:47:52 GMT
cache-control: private, max-age=3600
access-control-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 139
x-xss-protection: 0
set-cookie: CONSENT=PENDING+968; expires=Thu, 09-Jan-2025 14:47:52 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 352d7a7af93083f26d1bca04e478eed2
5d59416822e016ad4af1987871414d35d794b29c
423a619c9619448bcdf4bc3934c442f20db716e7bef4f64e0fba85bf33c87f72
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 14:47:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sedoparking.com/search/registrar.php?domain=samarapressteam.com&rpv=2®istrar=Skenzor23&gst=ChMIlcPAv5-9_AIVjIEqCh3dgwuWElDcHWCtFO1JlI-mY4zC9Mx4WJer7hnIaRQhU8Stf92TNGP7-OyKx1c2zfy4wWyiYupjcn16UVNeYpDVyVSS3CycO7H-SpHEaULVbbN_jFSneg&ref=
64.190.63.136200 OK 7.0 kB URL HTTP/1.1 sedoparking.com/search/registrar.php?domain=samarapressteam.com&rpv=2®istrar=Skenzor23&gst=ChMIlcPAv5-9_AIVjIEqCh3dgwuWElDcHWCtFO1JlI-mY4zC9Mx4WJer7hnIaRQhU8Stf92TNGP7-OyKx1c2zfy4wWyiYupjcn16UVNeYpDVyVSS3CycO7H-SpHEaULVbbN_jFSneg&ref=
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9588)
Hash f9bcbd473d9e186aa0820d4ba45f89c9
b902d073352975591bac266f3ece4f757b38240f
4e54769c326153b9cbee8965579877df8b1197404fa08b0fbad185d68b5ccb22
GET /search/registrar.php?domain=samarapressteam.com&rpv=2®istrar=Skenzor23&gst=ChMIlcPAv5-9_AIVjIEqCh3dgwuWElDcHWCtFO1JlI-mY4zC9Mx4WJer7hnIaRQhU8Stf92TNGP7-OyKx1c2zfy4wWyiYupjcn16UVNeYpDVyVSS3CycO7H-SpHEaULVbbN_jFSneg&ref= HTTP/1.1
Host: sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://samarapressteam.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Tue, 10 Jan 2023 14:47:53 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_jhaSY6yYvt6VMSnxF8Jp4rOAreMzf59RAN1yLZy5x7HyHkOhJb/6sWxx43Id3kIGeJZ8GigHH0ES6cDLF0R1hQ==
last-modified: Tue, 10 Jan 2023 14:47:53 GMT
x-cache-miss-from: parking-75cd85f887-tt2qg
server: NginX
content-encoding: gzip
www.google.com/adsense/domains/caf.js
142.250.74.164200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1885)
Hash 3caf7ec4dc4407dd26c23c27e2ee8441
b78a33cd365345328c1e85616ef3d86f9e52604b
243f55134830ee5256888d500b0f764452eef944911c7fb0a64a9ded6605e8d3
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sedoparking.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Tue, 10 Jan 2023 14:47:53 GMT
Expires: Tue, 10 Jan 2023 14:47:53 GMT
Cache-Control: private, max-age=3600
ETag: "14181701328128387770"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
img.sedoparking.com/templates/bg/arrows-1-colors-3.png
205.234.175.175200 OK 82 kB URL HTTP/1.1 img.sedoparking.com/templates/bg/arrows-1-colors-3.png
IP 205.234.175.175:0
File type PNG image data, 3024 x 2000, 8-bit/color RGBA, non-interlaced\012- data
Hash b68c0210cadb1e12efc4557d7e49e48e
ad24ed2b2d5d166d07fbf0680693c88fb56fcb4b
e7ff091c85669b175de49d629d7d77bd20cd08d2c16ae74deef2ab06aec5854d
GET /templates/bg/arrows-1-colors-3.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sedoparking.com/
HTTP/1.1 200 OK
Date: Tue, 10 Jan 2023 14:47:53 GMT
Content-Type: image/png
Content-Length: 82231
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Tue, 17 Jan 2023 14:47:53 GMT
X-CFHash: "b68c0210cadb1e12efc4557d7e49e48e"
X-CFF: B
Last-Modified: Wed, 22 Apr 2020 09:38:21 GMT
X-CF3: M
CF4Age: 0
x-cf-tsc: 1668185124
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: aabf0979d5f575d1c90dd78030f93281
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
sedoparking.com/search/tsc.php?200=NDA3NzQ3MjIz&21=OTEuOTAuNDIuMTU0&681=MTY3MzM2MjA3M2ZhNDRkZDI3YjM4MzhiOWFjNjUxMjM1ZmQ5ODRhYjJj&crc=50c05192805eda98fc2aa1221ac04b0bd4b599f7&cv=1
64.190.63.136200 OK 0 B URL HTTP/1.1 sedoparking.com/search/tsc.php?200=NDA3NzQ3MjIz&21=OTEuOTAuNDIuMTU0&681=MTY3MzM2MjA3M2ZhNDRkZDI3YjM4MzhiOWFjNjUxMjM1ZmQ5ODRhYjJj&crc=50c05192805eda98fc2aa1221ac04b0bd4b599f7&cv=1
IP 64.190.63.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/tsc.php?200=NDA3NzQ3MjIz&21=OTEuOTAuNDIuMTU0&681=MTY3MzM2MjA3M2ZhNDRkZDI3YjM4MzhiOWFjNjUxMjM1ZmQ5ODRhYjJj&crc=50c05192805eda98fc2aa1221ac04b0bd4b599f7&cv=1 HTTP/1.1
Host: sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sedoparking.com/search/registrar.php?domain=samarapressteam.com&rpv=2®istrar=Skenzor23&gst=ChMIlcPAv5-9_AIVjIEqCh3dgwuWElDcHWCtFO1JlI-mY4zC9Mx4WJer7hnIaRQhU8Stf92TNGP7-OyKx1c2zfy4wWyiYupjcn16UVNeYpDVyVSS3CycO7H-SpHEaULVbbN_jFSneg&ref=
HTTP/1.1 200 OK
date: Tue, 10 Jan 2023 14:47:53 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-75cd85f887-tt2qg
server: NginX
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fee45a1e316949ccf0f340b72c758350
7b4cfa42c5e10603e3332059d6097bb05ad635cd
1c6b043b6f87b34b116a7bff243caae1bf3012a37ee8ea59d218cc28c99c367d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 14:47:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f4c8ff7e9cce677ddf122f5c34fc2873
dedcdaa22d7c2fc211a2f686551d8e7d3d7cc2be
81adc43d6f344d53166d41130913eed5d71c7f5a4668cc99d987165e368512c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 14:47:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
142.250.74.97200 OK 54 kB URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
IP 142.250.74.97:0
File type ASCII text, with very long lines (1885)
Hash 8003c85784b11bdffcef91060f0cd7a3
b0abca9dd7e68e9fd8c15cb89dce8e6ca4456fd2
deaf817dd7938e621b82a803acf290d67728aee302bad05d3eaa9eb7f3357fad
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 273
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 17:18:52 GMT
expires: Tue, 10 Jan 2023 16:18:52 GMT
cache-control: public, max-age=82800
age: 77341
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2
142.250.74.97200 OK 174 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2
IP 142.250.74.97:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash aa3a2f86d22121bff6d29639ccf1a157
bb7bbcdc7c5391dd50b78233fefd3216df8b452e
867d889f103b1a4ce8d5d9dc67d027656ecb34002ca254a290e8ff7d64c8ee6d
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 17:18:52 GMT
expires: Tue, 10 Jan 2023 16:18:52 GMT
cache-control: public, max-age=82800
age: 77341
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f4c8ff7e9cce677ddf122f5c34fc2873
dedcdaa22d7c2fc211a2f686551d8e7d3d7cc2be
81adc43d6f344d53166d41130913eed5d71c7f5a4668cc99d987165e368512c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 14:47:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN