471 B IP
Hash 61e323cd99aaa752c05071290ff0c0da
a9a63fd34d88a5805e49e8af103875ca870f5b40
0704f175530db70faf24f7dfa466f8618a079f8b9cd8be4cc1ae0631883bc08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Oct 2023 18:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
471 B IP
Hash 8df9299237125eac9bac8b6d5c5489a4
eb3bb312ced79b200cbfd0a59b619fd5ba522423
905f32707716b20fe15e28bb0378f82b98ee13db6048f70ae248e543d6979e72
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Oct 2023 18:39:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
200 OK 93 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap
IP
Requested by https://locconn.com/s?dqB1
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint87:BD:C2:71:54:40:3F:F2:18:79:1A:89:F5:E9:BC:63:E5:EC:57:64
ValidityMon, 09 Oct 2023 08:10:33 GMT - Mon, 01 Jan 2024 08:10:32 GMT
File type gzip compressed data, max compression\012- data
Hash f6e0df2e30b48e1a0b7b33f065598198
c5feac0d98a5d01901a566ecb3482e6eef216da9
f2395e3f3a1addf3cc813de2c20985c9ca46c9aeecd95efaab32c8a5ca98eae0
GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locconn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Oct 2023 18:39:05 GMT
date: Sun, 29 Oct 2023 18:39:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET dfdgfruitie.xyz/adserver/yzfdmoan.js
200 OK 0 B URL GET HTTP/2 dfdgfruitie.xyz/adserver/yzfdmoan.js
IP
Requested by https://locconn.com/s?dqB1
Certificate IssuerGoogle Trust Services LLC
Subjectdfdgfruitie.xyz
FingerprintE8:4B:C7:6B:06:D4:5C:DC:DF:8E:83:FE:9C:7E:80:35:D5:C9:98:48
ValidityWed, 04 Oct 2023 19:26:13 GMT - Tue, 02 Jan 2024 19:26:12 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adserver/yzfdmoan.js HTTP/1.1
Host: dfdgfruitie.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locconn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 29 Oct 2023 18:39:05 GMT
content-type: application/x-javascript
content-length: 0
last-modified: Fri, 03 Feb 2023 19:26:28 GMT
etag: "63dd5fe4-0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3879
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeG4mHHCOmw1g05WnFaOQ28R%2BztmVKSmmcgrLbZPier1ytkRqE%2FJgFo9stdBVecU63gHC0rVU6QL59nosN22ich%2Bj4r0Ru8Qn3S66hictpKvLYSYe%2FZn2p5JsvJSGsTARd0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81dd8a0b4b8cb500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET d34gjfm75zhp78.cloudfront.net/?tid=981891
200 OK 84 kB URL GET HTTP/2 d34gjfm75zhp78.cloudfront.net/?tid=981891
IP
Requested by https://locconn.com/s?dqB1
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (891)
Hash 0b02f290c059758641ab9f9a5cb43c87
25a1fd93a989914f1aee3c5488fa853f6c2803e0
e6a0590514601d3a845494e61abeefa7465ac3636132673866917939910046cc
GET /?tid=981891 HTTP/1.1
Host: d34gjfm75zhp78.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locconn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 84008
date: Sun, 29 Oct 2023 18:39:05 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HySocaLvspc_O5Of75kfJD9-1lmKJf-mfjKeZDWaynO63TO6UCvdnQ==
X-Firefox-Spdy: h2
GET ivedmanyyea.org/eGdoTURXWAs+eRsiIgomLTUgKXciPgsIBkkBWT0zKgk6NBMgNk45LRxaUXV1QF5ZazQRA1V+cV4UHCwwDRRVfGIRCQ4ieV4RVX1qTUlaY3VeElV8YgwXCSp5SUEYOTAUWll7fUBRWHlzTFFedH0
204 No Content 0 B URL GET HTTP/2 ivedmanyyea.org/eGdoTURXWAs+eRsiIgomLTUgKXciPgsIBkkBWT0zKgk6NBMgNk45LRxaUXV1QF5ZazQRA1V+cV4UHCwwDRRVfGIRCQ4ieV4RVX1qTUlaY3VeElV8YgwXCSp5SUEYOTAUWll7fUBRWHlzTFFedH0
IP
Requested by https://locconn.com/s?dqB1
Certificate IssuerLet's Encrypt
Subjectivedmanyyea.org
Fingerprint9A:EE:D6:C7:E9:FF:98:B7:22:B4:BF:FA:31:7D:B7:3A:56:51:AC:A5
ValiditySun, 22 Oct 2023 07:30:28 GMT - Sat, 20 Jan 2024 07:30:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eGdoTURXWAs+eRsiIgomLTUgKXciPgsIBkkBWT0zKgk6NBMgNk45LRxaUXV1QF5ZazQRA1V+cV4UHCwwDRRVfGIRCQ4ieV4RVX1qTUlaY3VeElV8YgwXCSp5SUEYOTAUWll7fUBRWHlzTFFedH0 HTTP/1.1
Host: ivedmanyyea.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locconn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 29 Oct 2023 18:39:06 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijAPcQEc9qRan9UCQXRLo5mVleqx1fro%2F%2B963CNetGvrTV6Xjx3cGgneSsEvanekmLSug0wkvoAf6l2n04udv9oumR3LhGOBEvI1wHjF171Fn89VMaCHOzoN5gmmn6RJrp8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81dd8a0e08a2b511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET townrusisedprivat.info/QnIzSXYjEFAkSSNPUW8DMB4ObEQEVwEPEnFGVCMQL0UGMx4yRQtnFS4dRi0QMB1dPVgsF0dsRAQnaRwGOCFfCDEIIAM6FDo3WQ9FJgJrEQIOEQEPMgszciUmKiQACC4pNnAKOwYwcC5ECQVhOjwASkYdGDJAcBoFJj5keDIOCgM5FBQgQAwfdgtkAUMUIloIPQsnB2xEBCJUDAAEIX5sRAAzcHwgEgh1EDw6BUQGJykfdiRPKzsAcBInHGUREy4BShAgEARiCB5zJAAmEAsIBxg7LigHEDRzC2EbIC8nZHA3ATplERMlNwstIBs+YicGMiEAORcgQHkfOhBfajk5NQJFGCc6G2URAgYXXg8gJ0NpfS8DP1kIJXpAcCM8FRdxEyMnQnkiLwc/FnswFhxAbxwxHV05SzBBYCQfMjxLGhc1
200 OK 1.2 kB URL GET HTTP/2 townrusisedprivat.info/QnIzSXYjEFAkSSNPUW8DMB4ObEQEVwEPEnFGVCMQL0UGMx4yRQtnFS4dRi0QMB1dPVgsF0dsRAQnaRwGOCFfCDEIIAM6FDo3WQ9FJgJrEQIOEQEPMgszciUmKiQACC4pNnAKOwYwcC5ECQVhOjwASkYdGDJAcBoFJj5keDIOCgM5FBQgQAwfdgtkAUMUIloIPQsnB2xEBCJUDAAEIX5sRAAzcHwgEgh1EDw6BUQGJykfdiRPKzsAcBInHGUREy4BShAgEARiCB5zJAAmEAsIBxg7LigHEDRzC2EbIC8nZHA3ATplERMlNwstIBs+YicGMiEAORcgQHkfOhBfajk5NQJFGCc6G2URAgYXXg8gJ0NpfS8DP1kIJXpAcCM8FRdxEyMnQnkiLwc/FnswFhxAbxwxHV05SzBBYCQfMjxLGhc1
IP
Requested by https://locconn.com/s?dqB1
Certificate IssuerAmazon
Subjecttownrusisedprivat.info
Fingerprint71:C6:FA:30:36:13:AF:25:A2:D9:0E:8D:1C:99:A3:26:2D:34:ED:D9
ValidityThu, 12 Oct 2023 00:00:00 GMT - Sat, 09 Nov 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3017), with no line terminators
Hash dfd51b5b66031a3e54f5850d0558fd58
971af46db756c385824158918a374cf75182ba38
1d41dda1a65adf6f821d5ed09a701c37b64856242075a96be62d384db37f0c45
GET /QnIzSXYjEFAkSSNPUW8DMB4ObEQEVwEPEnFGVCMQL0UGMx4yRQtnFS4dRi0QMB1dPVgsF0dsRAQnaRwGOCFfCDEIIAM6FDo3WQ9FJgJrEQIOEQEPMgszciUmKiQACC4pNnAKOwYwcC5ECQVhOjwASkYdGDJAcBoFJj5keDIOCgM5FBQgQAwfdgtkAUMUIloIPQsnB2xEBCJUDAAEIX5sRAAzcHwgEgh1EDw6BUQGJykfdiRPKzsAcBInHGUREy4BShAgEARiCB5zJAAmEAsIBxg7LigHEDRzC2EbIC8nZHA3ATplERMlNwstIBs+YicGMiEAORcgQHkfOhBfajk5NQJFGCc6G2URAgYXXg8gJ0NpfS8DP1kIJXpAcCM8FRdxEyMnQnkiLwc/FnswFhxAbxwxHV05SzBBYCQfMjxLGhc1 HTTP/1.1
Host: townrusisedprivat.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locconn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1174
date: Sun, 29 Oct 2023 18:39:05 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 797e08d987207122bff536abc6502d6c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: tVahXmX_HylemgVyqQEV5KErkPI0qitqOMKoNFetU_qvto5_8Ee5KQ==
X-Firefox-Spdy: h2
505 B URL d34gjfm75zhp78.cloudfront.net/UZUpzSlAGJR0sbxEjF3dpXXtLc2FDIAAlPhV3AXkDCCMDBCg2KwRsJB8uTnp2CSsdLW1DLx0pbVRsEi4yWH5VPiAKIU4/PgEvFSM+AC5VPzFYJxwwOQkmEm9iI39denVXelsyYVRvQAh1V3ofIz4QMlZ4YB1yRRVmUW9ACHVXegE8dVYLQnppS3pab2JVLR-YpOwpvQQxiVXtDemFVe1Z4YAMjAS82CjJWeBZUe0JkYEM/Tns
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (715), with no line terminators
Hash 28dabd0495837a4784e982073c1099ae
8d5df12d9b47d592ea43bb9b6c536aaa5af6e976
342948ea3af99f367b46753916643359fcd0498795d142ad3ca615208c7db250
GET /UZUpzSlAGJR0sbxEjF3dpXXtLc2FDIAAlPhV3AXkDCCMDBCg2KwRsJB8uTnp2CSsdLW1DLx0pbVRsEi4yWH5VPiAKIU4/PgEvFSM+AC5VPzFYJxwwOQkmEm9iI39denVXelsyYVRvQAh1V3ofIz4QMlZ4YB1yRRVmUW9ACHVXegE8dVYLQnppS3pab2JVLR-YpOwpvQQxiVXtDemFVe1Z4YAMjAS82CjJWeBZUe0JkYEM/Tns HTTP/1.1
Host: d34gjfm75zhp78.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://townrusisedprivat.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 505
date: Sun, 29 Oct 2023 18:39:06 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AeDb0bLQh3qgGSwBS3cRQS0DxU7Kba3h7v0kO0VTvGPVrfDj2r1ptw==
X-Firefox-Spdy: h2
OPTIONS onasider.top/tc
204 No Content 0 B IP
Requested by https://locconn.com/s?dqB1
Certificate IssuerLet's Encrypt
Subjectonasider.top
Fingerprint29:1E:BF:49:5C:63:2E:45:BF:52:43:BE:A9:EF:88:FF:46:A6:29:1F
ValidityThu, 14 Sep 2023 08:13:30 GMT - Wed, 13 Dec 2023 08:13:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /tc HTTP/1.1
Host: onasider.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://locconn.com/
Origin: https://locconn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 29 Oct 2023 18:39:06 GMT
set-cookie: ci=454629243266296; Max-Age=86400; Secure; SameSite=None
access-control-allow-origin: https://locconn.com
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBaIu3vtWDsYNQhAMj6bBD%2B3X6GLFyKk7lKzkp%2FX89UAI1iRk7xEJOo9ZCIegbxBmA0tJ8V2u%2BYySUKTVwGzlnTLFDBxBZFRGc1hKJxGeB3l9wBYCjsH4s%2BPPxtV5I8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81dd8a10bb561c06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
472 B IP
Hash 6f1d4de46475f213c07fc008fd07b2e0
ac024afa1bd4110e5d4350e420e56a03070c1f4f
9cac5c2e429b39de822d4bf4c8f5c8f793dd3539cb0447da6337e78af99bdcaa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Oct 2023 18:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
200 OK 7.9 kB URL GET HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
Requested by https://locconn.com/s?dqB1
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://locconn.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Oct 2023 15:18:26 GMT
expires: Fri, 25 Oct 2024 15:18:26 GMT
cache-control: public, max-age=31536000
age: 271240
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
472 B IP
Hash 6f1d4de46475f213c07fc008fd07b2e0
ac024afa1bd4110e5d4350e420e56a03070c1f4f
9cac5c2e429b39de822d4bf4c8f5c8f793dd3539cb0447da6337e78af99bdcaa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Oct 2023 18:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET ivedmanyyea.org/popunder.gif
200 OK 35 B URL GET HTTP/3 ivedmanyyea.org/popunder.gif
IP
Requested by https://locconn.com/s?dqB1
Certificate IssuerLet's Encrypt
Subjectivedmanyyea.org
Fingerprint9A:EE:D6:C7:E9:FF:98:B7:22:B4:BF:FA:31:7D:B7:3A:56:51:AC:A5
ValiditySun, 22 Oct 2023 07:30:28 GMT - Sat, 20 Jan 2024 07:30:27 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: ivedmanyyea.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locconn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 29 Oct 2023 18:39:06 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 191176
last-modified: Fri, 27 Oct 2023 13:32:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkqxNp7YTYCdRzGnT2WaHdbnw%2BCrjTAFX%2Fbjz1CSLY2jcqgHNmXo0DPo7%2B0uyxEb2iKFTU5ke4%2BYtXjijSWo5Zx5ktTD7ZBPPSBJuv1WdMYDgTZsdrmuLm%2FWVkS2%2BvXsfNc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81dd8a1009650b51-OSL
alt-svc: h3=":443"; ma=86400
GET free-leaks.com/s?dqB1
302 Found 96 kB URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subjectfree-leaks.com
Fingerprint81:1A:D1:15:C3:DC:8F:38:0B:14:86:60:92:3E:99:66:2E:EE:54:8D
ValiditySun, 08 Oct 2023 14:50:50 GMT - Sat, 06 Jan 2024 14:50:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s?dqB1 HTTP/1.1
Host: free-leaks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 29 Oct 2023 18:39:04 GMT
content-type: text/html
location: https://locconn.com/s?dqB1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXKw26k3w6EmFuJoRZj249gMheCTDZIuOoZrWfzpkG9lxeIP2cY%2BLa1OXuoGj5ri6THVd3%2B3rGwcbmUewYqFVTcYWMDCvpmXjkRhG8%2Ffm6X3ntWuLtMmuspQWUMhV%2Ft1dw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81dd8a04dc74b4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET d1wzdj81h1hubn.cloudfront.net/6ecea856563b3c1749b59fedf2c00079b47262f0db94090b3f148c8a0eacad94.png
200 OK 92 kB URL GET HTTP/2 d1wzdj81h1hubn.cloudfront.net/6ecea856563b3c1749b59fedf2c00079b47262f0db94090b3f148c8a0eacad94.png
IP
Requested by https://locconn.com/s?dqB1
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Hash ed71035b78e4f20fe84958596a6d4cff
b91033511dea4b58539640e88c7681919be2382c
0e90ca20cf823d0a13e6d187f53cfcb2b7bae9dab4862233d02611a693360231
GET /6ecea856563b3c1749b59fedf2c00079b47262f0db94090b3f148c8a0eacad94.png HTTP/1.1
Host: d1wzdj81h1hubn.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locconn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 92166
last-modified: Sat, 28 Oct 2023 06:53:20 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Oct 2023 08:45:22 GMT
etag: "ed71035b78e4f20fe84958596a6d4cff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VIDuKRLYAzPe7hYfs3qq1mwc9gKfqQrocWSKmiAaQ6u0QdVKuOY84Q==
age: 35624
X-Firefox-Spdy: h2
GET locconn.com/favicon.ico
404 Not Found 159 B IP
Requested by https://locconn.com/s?dqB1
Certificate IssuerGoogle Trust Services LLC
Subject*.locconn.com
FingerprintAE:8B:81:E3:9E:45:47:79:40:1A:01:C6:13:98:6E:7C:54:15:53:01
ValidityWed, 13 Sep 2023 08:33:25 GMT - Tue, 12 Dec 2023 08:33:24 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 047df4239d5e57f4c78db606a5859d7b
6f2a5da57c2a02837e19f8ac1158db728f3ad62c
45eda3cf633f023269cef5c11cf1c1d5dde3345afdc28610589ef3682ae5130a
GET /favicon.ico HTTP/1.1
Host: locconn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locconn.com/s?dqB1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sun, 29 Oct 2023 18:39:05 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrSnIyAEGG202ht1XDG3QbCK2hg%2F%2FlqMsOoA6d9s5W5MVjOWcgtZHi46Yp9p7T49CBZv9wJRps%2Bw8bnW5HJY7MK%2Btm6jTyk8jrqQ0L2rihm1dceicdcZQtIAMnti%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81dd8a0a6ed6b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET pogothere.xyz/asd100.bin
200 OK 102 kB IP
Requested by https://locconn.com/s?dqB1
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://locconn.com/
Origin: https://locconn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 29 Oct 2023 18:39:05 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://locconn.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 2012
last-modified: Sun, 29 Oct 2023 18:05:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIQn0%2BjHRxxCSrlEL%2BXn%2FiEB32qEFvebnmiYgytrrBiUnP%2BWXY9gx5mCmS4tOSaT4BKLaQgfj59V2UFUBnZBr8d27J7ywFIrsk5pSklrMjLeK6EWx2eN%2F%2FyTCqPkBu%2Bs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81dd8a0dcb7e1c02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET pogothere.xyz/
200 OK 27 B IP
Requested by https://locconn.com/s?dqB1
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash f1fc570654fd8eb2ba74772c2afbcd73
8459bda96e88636a61aafa9fdd59ffd7c4810115
4cd2a87521df11d09b1d9527dd73fb54d6faafa61b745c65bec8849287611b41
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://locconn.com/
Origin: https://locconn.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 29 Oct 2023 18:39:05 GMT
content-type: text/plain
set-cookie: csu=1923594885123294@1@1698604745; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://locconn.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xLPpnanPwJtaGMeCtGu8ZsQ0BNNKKL5vuDnRUOBoBLIPKxmt2MWo2cbiLIVa7NLHUM2ItavwhOb4v%2FPt3Mvb0zte8dte5Pra%2BPn7OS6j1EzrtGJvHNv9I79E7SPSeTk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81dd8a0dcb871c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
200 OK 96 kB URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subject*.locconn.com
FingerprintAE:8B:81:E3:9E:45:47:79:40:1A:01:C6:13:98:6E:7C:54:15:53:01
ValidityWed, 13 Sep 2023 08:33:25 GMT - Tue, 12 Dec 2023 08:33:24 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (61204)
Hash 9b43db72b6ee676513fd5f54123b1cf0
b083bfdde11b93a4655c5b589252d12ba1587b38
215a7d4fee116e3990c0fd6822aa7b2bd774ebefb7ab1026d5fc4ed0aa203a10
GET /s?dqB1 HTTP/1.1
Host: locconn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 29 Oct 2023 18:39:04 GMT
content-type: text/html
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS, HEAD
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJ%2FyOaVlCp21csFRP%2FHmlwJ6SQLiq9NUkiR5DsGuF1%2BiBwNAmIrnjchNVK4sAsS7FuXlxz8rgc7V8qMnr%2FY%2B052PaR8o4P9OzBBTtdMaO4jo0U3YD5BsvQ73IpmiQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81dd8a06ad6d1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap
200 OK 1.1 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Poppins:wght@300;400;500;600;700&display=swap
IP
Requested by https://locconn.com/s?dqB1
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint87:BD:C2:71:54:40:3F:F2:18:79:1A:89:F5:E9:BC:63:E5:EC:57:64
ValidityMon, 09 Oct 2023 08:10:33 GMT - Mon, 01 Jan 2024 08:10:32 GMT
File type ASCII text, with very long lines (1136), with no line terminators
Hash 20537057ea6c73337cdc77b139767f3c
353181e25b8bac755eca2151f3aeeb093758e0e0
459da25a87017ee1cad7c7006d94df13abc39aee2e69f38cde9042823188bd78
GET /css?family=Poppins:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://locconn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Oct 2023 18:39:06 GMT
date: Sun, 29 Oct 2023 18:39:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
172.67.175.150
104.21.13.114
188.114.96.1