go.trklinkcm.com/rd.html?go=https://slutsaga.com/2?pub_id=34828&cid=38_34828_7474_75f86875c6cdefbb53facb080b944a3f&source=tf
172.255.248.105200 OK 255 B URL HTTP/1.1 go.trklinkcm.com/rd.html?go=https://slutsaga.com/2?pub_id=34828&cid=38_34828_7474_75f86875c6cdefbb53facb080b944a3f&source=tf
IP 172.255.248.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 997bfcab4e7a51023ff8da026ed4374a
35d15ad133e52c1b9dea0b3696a8719521387a9e
070d804ff334e0de872b9ac4c28c1bc578a043771099d2e9556782974ed560a3
GET /rd.html?go=https://slutsaga.com/2?pub_id=34828&cid=38_34828_7474_75f86875c6cdefbb53facb080b944a3f&source=tf HTTP/1.1
Host: go.trklinkcm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 19 Jan 2023 11:05:58 GMT
Content-Type: text/html
Last-Modified: Fri, 13 Aug 2021 14:56:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61168831-149"
Cache-Control: no-store, no-cache
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 37284a837312d6586460a3b86bbe7bd0
6ac0847abd48eb8607597218aaa2cb2d434c012b
6a0e11bb042555d72b397ae0cc3d5e242d3a3fe04418e28ffd222decca7d16ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A0E11BB042555D72B397AE0CC3D5E242D3A3FE04418E28FFD222DECCA7D16CA"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3559
Expires: Thu, 19 Jan 2023 12:05:17 GMT
Date: Thu, 19 Jan 2023 11:05:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc07d664b5dadee6f9120d54904dfa57
df75a55b0b2019684a6c512bee528c51a2c4a756
14a1bd6315a3256468edafedfd1c02a6ba147914c0f01e8504e7d8cc67781c34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14A1BD6315A3256468EDAFEDFD1C02A6BA147914C0F01E8504E7D8CC67781C34"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6474
Expires: Thu, 19 Jan 2023 12:53:52 GMT
Date: Thu, 19 Jan 2023 11:05:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 19 Jan 2023 10:49:27 GMT
content-type: application/json
age: 991
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7772
Expires: Thu, 19 Jan 2023 13:15:30 GMT
Date: Thu, 19 Jan 2023 11:05:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Pn5VSWft+lUdZ7F4FYQ69RbIemjdXs6F4mzv4sjTENn+kVqvfd6GB9Eg7KTbrO1tJiytms7KFZg=
x-amz-request-id: 3QTDEE2EYY6K93VY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 19 Jan 2023 10:45:51 GMT
age: 1207
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 11:05:58 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
go.trklinkcm.com/favicon.ico
172.255.248.105404 Not Found 123 B URL HTTP/1.1 go.trklinkcm.com/favicon.ico
IP 172.255.248.105:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c728bf241d9141b8d3100ae5140e09c5
07f0da1bdfadd0354b090781f1e3264ac22b6c39
34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a
GET /favicon.ico HTTP/1.1
Host: go.trklinkcm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://go.trklinkcm.com/rd.html?go=https://slutsaga.com/2?pub_id=34828&cid=38_34828_7474_75f86875c6cdefbb53facb080b944a3f&source=tf
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 19 Jan 2023 11:05:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 97b5e1b96eefaf68de6eaac74486539a
73abb3318ea9259c055c78c5c35a060e2c8a1fda
b43bdc3a711d3a8009485772147a9309433e43fe1afef061b12c620c73263917
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B43BDC3A711D3A8009485772147A9309433E43FE1AFEF061B12C620C73263917"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11338
Expires: Thu, 19 Jan 2023 14:14:57 GMT
Date: Thu, 19 Jan 2023 11:05:59 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 97b5e1b96eefaf68de6eaac74486539a
73abb3318ea9259c055c78c5c35a060e2c8a1fda
b43bdc3a711d3a8009485772147a9309433e43fe1afef061b12c620c73263917
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B43BDC3A711D3A8009485772147A9309433E43FE1AFEF061B12C620C73263917"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11338
Expires: Thu, 19 Jan 2023 14:14:57 GMT
Date: Thu, 19 Jan 2023 11:05:59 GMT
Connection: keep-alive
slutsaga.com/2/?pub_id=34828
104.21.52.132301 Moved Permanently 0 B URL HTTP/1.1 slutsaga.com/2/?pub_id=34828
IP 104.21.52.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2/?pub_id=34828 HTTP/1.1
Host: slutsaga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://go.trklinkcm.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 19 Jan 2023 11:05:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 19 Jan 2023 12:05:59 GMT
Location: https://slutsaga.com/2/?pub_id=34828
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFp8rDbqzhpoddC0BAACMsDhloxFp2YuLpeH1fP2w9VV2BLA3MHpcH%2B0Y5Y5c%2Fq%2FY1%2B4%2B%2BKirD5aGCt%2FpHGqUG5EmdN5yEkw1lp8uZ1Ua04KJV7csTmrYhA3XzRxDZM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78bf193188310b3d-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 607bf9684e4803d817fdd1120427dcdd
886fa77396c792751868f05806793937a4f11be6
d17df5470015b9c3be3fc1e9c8fa5f2b732231eed453b689e94897f6f1da3911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 11:05:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 6.0 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
Hash 694a2cc66b0bf789dedba679be919e69
3f5a7efc715a76e012af853a1428fd650faafd31
4de660b8dffbfd29ebd2adbf262cf9da9ef8afaec6c84e9b6eb7d06dc6092f16
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 19 Jan 2023 10:17:26 GMT
age: 2913
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 607bf9684e4803d817fdd1120427dcdd
886fa77396c792751868f05806793937a4f11be6
d17df5470015b9c3be3fc1e9c8fa5f2b732231eed453b689e94897f6f1da3911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 11:05:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 11:05:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dce4a8be753d4a93db03ffca50421c43
068040a8f69777484e545c0053ad54f273710797
7e6dddef8a4a5502c9715f8c20dcb75e132ecc875f13459a967c9e235e9ce3e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1272
Cache-Control: max-age=166918
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 11:05:59 GMT
Etag: "63c90825-1d7"
Expires: Sat, 21 Jan 2023 09:27:57 GMT
Last-Modified: Thu, 19 Jan 2023 09:06:45 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
142.250.74.35200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://slutsaga.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 07:32:15 GMT
expires: Mon, 15 Jan 2024 07:32:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
age: 358424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 11:05:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.43.234.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.234.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oPqMrYXXFubhGDz61V1H7w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fSKO3XOUxved7CuqNxxvz/733yQ=
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 8b86578db9e72879cbfeff8cad38d8c8
908366ab2aa28ea98fcfd3c099c90c338765d540
5e22f985ac3645655d0d5f4eec69b6b60f8228fdc2707e366a264bde5707f03e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88270
Date: Thu, 19 Jan 2023 11:06:00 GMT
Etag: "63c7cfff-1d7"
Expires: Fri, 20 Jan 2023 11:37:10 GMT
Last-Modified: Wed, 18 Jan 2023 10:54:55 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B_zfk-73SK2-tuhrvW2r16UjWBNjUirZS_jry1YHJV9qCsvGMtUbOw==
Age: 2535
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash b37298e9246dc5ebdc0ebf9604dcaebc
8648e8eb0792b2e9c62a66cf7fa095ff028933c4
5976c4435b66ef72f7a09bde241b61c7d03e2f5a52c74c70c06e799e5af69e74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=126027
Date: Thu, 19 Jan 2023 11:06:00 GMT
Etag: "63c8557b-1d7"
Expires: Fri, 20 Jan 2023 22:06:27 GMT
Last-Modified: Wed, 18 Jan 2023 20:24:27 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6zdU_ATjhjBzba8shlWxJsBgGzUQzSn-ZK-xNdV7PlAbbG7334tuvw==
Age: 6120
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6429
Expires: Thu, 19 Jan 2023 12:53:10 GMT
Date: Thu, 19 Jan 2023 11:06:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6429
Expires: Thu, 19 Jan 2023 12:53:10 GMT
Date: Thu, 19 Jan 2023 11:06:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6429
Expires: Thu, 19 Jan 2023 12:53:10 GMT
Date: Thu, 19 Jan 2023 11:06:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6429
Expires: Thu, 19 Jan 2023 12:53:10 GMT
Date: Thu, 19 Jan 2023 11:06:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6429
Expires: Thu, 19 Jan 2023 12:53:10 GMT
Date: Thu, 19 Jan 2023 11:06:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa0293b1-658b-40be-8f58-7c880a4f5b00.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa0293b1-658b-40be-8f58-7c880a4f5b00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b6cb560c00346a6c1d1862cfd25e5d92
0df06ee873767cda7b2f109caa5f3e0aab1ddc0a
1ee5d9792f084907b8837f818b7971c97eacff3b3e0cc83586220508c8755adf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa0293b1-658b-40be-8f58-7c880a4f5b00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 90da1a22-2980-4582-b757-b7beb79cfbe4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6q9SHmAIAMFRxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c75854-46a9bdeb5f46a93508e8d94e;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 02:24:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _D1sGt_d3uR5yvgtW4szUzy6kp7UhFCXxnuAIVsss_yswxw0Cvpm7g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 08:47:26 GMT
age: 8315
etag: "0df06ee873767cda7b2f109caa5f3e0aab1ddc0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b8f931fb5afe958e67fce9e1822dac4
5732887999b819f6facc6f4608a407b5a09adf75
3c6c787e700f8139ec0eeaad93923f647f9efa5ce60120fc0aab52fa9588efaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5005
x-amzn-requestid: 647dd62e-6b47-4298-9457-c7f37e653e0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e5qLKEX6IAMFX0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c6f0ad-3dc1396c1b3662fa4ec5f1fa;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 19:02:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oi7K1Z45sral6ne0AsNTVD5vGc4WbZ7acJoq--4NFhN_f2z-xq7pWQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:55:43 GMT
etag: "5732887999b819f6facc6f4608a407b5a09adf75"
content-type: image/jpeg
age: 47418
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 511bbd0c410838e4a978d471d361d876
706be1b2636ad65bf5fe78ef7301af472c015275
e124c1ba6059fb613d0ab8f7ad37f4524323e7bbde851f78e9e5727c7d20f19f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9916
x-amzn-requestid: 42bb326d-889c-4b91-b989-47c1fd650afa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e96pVF61oAMF76g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8a4a1-2f33e6be45e298a7120d1119;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 02:02:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 68BfqCCeDzqQURstD87lSuWaXjwrqVQnXX8ws6EeFfQtbu_ad9JEgw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 02:14:04 GMT
age: 31917
etag: "706be1b2636ad65bf5fe78ef7301af472c015275"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
rapidrtr.com/cr.php?cid=842&ACT=68155&TRK=34828.null.null
44.231.180.243302 Found 7.4 kB URL HTTP/2 rapidrtr.com/cr.php?cid=842&ACT=68155&TRK=34828.null.null
IP 44.231.180.243:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26fa7bd40b5c3a3b5a6f95e7fca843b9
d8064f74f1e40bf6be4ea8ab4e319db22026c462
3e7744acf3e7ace6931c28cb5a5d3d7a77d9b97855b864c5c774368f2d0719c1
GET /cr.php?cid=842&ACT=68155&TRK=34828.null.null HTTP/1.1
Host: rapidrtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slutsaga.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 19 Jan 2023 11:06:00 GMT
content-type: text/html; charset=UTF-8
location: https://www.landqck.com/ep.php/prmagms:74332/68155:34828.null.null.Mi7S011939960.6957
set-cookie: AWSALB=nltyJWqgjwkJF55M5wRUr2IMYqTqsbgE2x7a4q1Rt2vMc2Eg2Az2LGazxapR2efvN5NEu+vilXr+vQyBmlEYB2TBSzAfRWUa21b1xrvPfJ92yeXzjQtCvLlSIlpx; Expires=Thu, 26 Jan 2023 11:06:00 GMT; Path=/
AWSALBCORS=nltyJWqgjwkJF55M5wRUr2IMYqTqsbgE2x7a4q1Rt2vMc2Eg2Az2LGazxapR2efvN5NEu+vilXr+vQyBmlEYB2TBSzAfRWUa21b1xrvPfJ92yeXzjQtCvLlSIlpx; Expires=Thu, 26 Jan 2023 11:06:00 GMT; Path=/; SameSite=None; Secure
hskp=Mi7S011939960%2C; expires=Thu, 02-Feb-2023 11:06:00 GMT; Max-Age=1209600
skip=-1674126360%2C2111; expires=Thu, 19-Jan-2023 11:16:00 GMT; Max-Age=600
842_2111_0=1674126360; expires=Fri, 20-Jan-2023 11:06:00 GMT; Max-Age=86400
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1b47910c4f71976f73a884bcae6f9bc
26c0d42fddb2a02d9878c34a76874710c92a9d30
9c5ce4945939b126cd36202f5afb8009ce790a792270ec31cc22099e4cd12a24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3861
x-amzn-requestid: c8fbb2e1-9ec6-42c0-8030-9be785e8913e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9TegFNEoAMFwqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c865f6-04a9e7db684e88ed69e1bd43;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0vlLtF3fPmIBiYrKVY8qBwVvS7PMn3OTGpu6C0umuCqXdzYxsF-xgQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:53:12 GMT
age: 47569
etag: "26c0d42fddb2a02d9878c34a76874710c92a9d30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b015242ebdda9cc22cfe6741d2e926f1
76072223007cd11c6f7b9fda8f01818ab0fea740
b7a72c737cac91c83c39718de999bc6ff0ec4ede63342e86407190d95e60d9a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6908
x-amzn-requestid: 5f0a0b3b-1d4c-450e-bcd5-481bda79f4e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eq1qQHwYIAMF-IQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1030e-62d053e35c8ab2374fd2fe35;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 07:06:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1eiEXaC2jHawVVHg6KAlFvdV7ZMpXdCaN8o36sbYL9WwPvXejGobKA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 17:36:56 GMT
age: 62945
etag: "76072223007cd11c6f7b9fda8f01818ab0fea740"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 452c10583afb11ae55fb793f15638f33
74acf812ebce888d357ec5b3c194c14338ce07d2
d322646fb0c48b82a830e80f5cb57eb22a1918343c9bfef6abd6a952d10777e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D322646FB0C48B82A830E80F5CB57EB22A1918343C9BFEF6ABD6A952D10777E4"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=404
Expires: Thu, 19 Jan 2023 11:12:45 GMT
Date: Thu, 19 Jan 2023 11:06:01 GMT
Connection: keep-alive
entrsec.com/signup/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957
207.120.33.168302 Found 0 B URL HTTP/2 entrsec.com/signup/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957
IP 207.120.33.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /signup/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957 HTTP/1.1
Host: entrsec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://slutsaga.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 19 Jan 2023 11:06:02 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://bsrvtn.com/acct/epc68155/add/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957&epcCID=q4faa6Waw0PbS211ea1fa0U0I5T4mdpam&rtid=41358502965
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=92656fabf6f4618081cfe9702b0d77ed; path=/; secure; SameSite=None
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 1089047
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 0bc580f531951e685b6af0015f1d4c6e
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa7b8e225c6bfb47514b752f9c83fe28
dc006846e7fbfd2b321a8227b639e33b22619295
2eabc76687eabcdcf880f1d3b6872ecd32cb8ccf9c3b76902177b390c2a6bc9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EABC76687EABCDCF880F1D3B6872ECD32CB8CCF9C3B76902177B390C2A6BC9D"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 19 Jan 2023 17:06:02 GMT
Date: Thu, 19 Jan 2023 11:06:02 GMT
Connection: keep-alive
bsrvtn.com/acct/epc68155/add/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957&epcCID=q4faa6Waw0PbS211ea1fa0U0I5T4mdpam&rtid=41358502965
207.120.33.7200 OK 32 kB URL HTTP/2 bsrvtn.com/acct/epc68155/add/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957&epcCID=q4faa6Waw0PbS211ea1fa0U0I5T4mdpam&rtid=41358502965
IP 207.120.33.7:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (62780)
Hash 5b4ac32f5608e85db8c6318f0a745e53
2b8a6e2a72478e3298dd7e532a28a4aa94a96736
db8baa430bf62f99bf78f8f0e5738c8fd16429109bf64c64e50e17c896e5f5c7
GET /acct/epc68155/add/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957&epcCID=q4faa6Waw0PbS211ea1fa0U0I5T4mdpam&rtid=41358502965 HTTP/1.1
Host: bsrvtn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://slutsaga.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:03 GMT
content-type: text/html; charset=UTF-8
content-length: 31944
set-cookie: PHPSESSID=5405664971209f1226519c12bef25964; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 149498
age: 0
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: 1958edca4d27950a550f77a0b1377639
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
152.199.19.160200 OK 9.8 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (32033)
Hash 432ca07a1a844dbb27f9e0ab0d468be5
7fdaf858d702f84536a515c675b4028ce2eb0cfa
12732099d21835fabf83a93eec52f7cf1847cd64a0572d18917b2e13b06d5cf0
GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bsrvtn.com
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 15758908
cache-control: public,max-age=31536000
content-type: application/javascript
date: Thu, 19 Jan 2023 11:06:03 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
152.199.19.160200 OK 20 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
IP 152.199.19.160:0
File type ASCII text, with very long lines (65371)
Hash 7e2bb6028f0b19917a1a2d1944fc72b1
e1837fc75ee2ddd24c6e1df6b309ea212b57e681
cc6093bd7162882fd34252fb5d3e8e7d07247e3b70fad894320bf2a960abeda5
GET /ajax/bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 18853099
cache-control: public,max-age=31536000
content-type: text/css
date: Thu, 19 Jan 2023 11:06:03 GMT
etag: "0e914f2cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (ska/F740)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19629
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.106200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bsrvtn.com
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 11:09:31 GMT
expires: Sat, 13 Jan 2024 11:09:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 518192
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bsrvtn.com/common_tpls/compactML/css/epcsaga.css
207.120.33.7200 OK 8.8 kB URL HTTP/2 bsrvtn.com/common_tpls/compactML/css/epcsaga.css
IP 207.120.33.7:0
File type ASCII text, with very long lines (1275)
Hash a647e09b3974e10f56189e3f800483be
b4cb278e0160090c73beb4d007d9b7bff8dac9b4
f3bcf42f7332103637cf82e30adde5fb753fd67f777dc548609cf2228adde180
GET /common_tpls/compactML/css/epcsaga.css HTTP/1.1
Host: bsrvtn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/acct/epc68155/add/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957&epcCID=q4faa6Waw0PbS211ea1fa0U0I5T4mdpam&rtid=41358502965
Cookie: PHPSESSID=5405664971209f1226519c12bef25964
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:03 GMT
content-type: text/css
content-length: 8761
last-modified: Sat, 04 Dec 2021 17:36:33 GMT
etag: W/"61aba721-be1c"
content-encoding: gzip
section-io-cache-id: 4a22b359f714d194b6242741afea560f
vary: Accept-Encoding
x-varnish: 2065028 445002
age: 11932
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 4234086c1dfa72dfee1f69b73f02e12d
X-Firefox-Spdy: h2
bsrvtn.com/common_tpls/images/icons/password.png
207.120.33.7200 OK 1.5 kB URL HTTP/2 bsrvtn.com/common_tpls/images/icons/password.png
IP 207.120.33.7:0
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 6f100f1cdbdce928118ffa4c9293ca5b
6b1a3593e792d4c00187d60560dd03fb42df1156
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
GET /common_tpls/images/icons/password.png HTTP/1.1
Host: bsrvtn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/acct/epc68155/add/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957&epcCID=q4faa6Waw0PbS211ea1fa0U0I5T4mdpam&rtid=41358502965
Cookie: PHPSESSID=5405664971209f1226519c12bef25964
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:03 GMT
content-type: image/png
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:34:59 GMT
etag: "599c5d33-5ac"
section-io-cache-id: f2d343cfae05faaa1b227851fadbd5d1
x-varnish: 2065030 1461428
age: 11984
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: e7f4b06db913930aeb11f861191cb37e
X-Firefox-Spdy: h2
bsrvtn.com/common_tpls/images/icons/email.png
207.120.33.7200 OK 1.6 kB URL HTTP/2 bsrvtn.com/common_tpls/images/icons/email.png
IP 207.120.33.7:0
File type gzip compressed data, max compression\012- data
Hash c8bf68149e720e830856873862856621
592de42a07050f5b10f3622e2ce47f4e774d0d66
7eb1f9ea7c8044e3da350a993531b9d5049d852b688ca01e11e4641b21cc09b2
GET /common_tpls/images/icons/email.png HTTP/1.1
Host: bsrvtn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/acct/epc68155/add/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957&epcCID=q4faa6Waw0PbS211ea1fa0U0I5T4mdpam&rtid=41358502965
Cookie: PHPSESSID=5405664971209f1226519c12bef25964
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:03 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
section-io-cache-id: 3ef1245445bcaa03305aee70b5ab5100
x-varnish: 780588 412412
age: 11990
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 7d1f4e4b7c0d7b3fe022ee5ebebc7369
X-Firefox-Spdy: h2
bsrvtn.com/common_tpls/images/icons/address.png
207.120.33.7200 OK 1.2 kB URL HTTP/2 bsrvtn.com/common_tpls/images/icons/address.png
IP 207.120.33.7:0
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash b579e9868402d708e54e1a980166c444
1c58e2890b934c0b1ab057f3ac28bedd2a082d19
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb
GET /common_tpls/images/icons/address.png HTTP/1.1
Host: bsrvtn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/acct/epc68155/add/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957&epcCID=q4faa6Waw0PbS211ea1fa0U0I5T4mdpam&rtid=41358502965
Cookie: PHPSESSID=5405664971209f1226519c12bef25964
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:03 GMT
content-type: image/png
content-length: 1167
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-48f"
section-io-cache-id: 8f3c7898cccc2543e2197b21e92ef205
x-varnish: 2065031 1461432
age: 11984
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: d09f88d8e6e9279788a78e8098e42945
X-Firefox-Spdy: h2
bsrvtn.com/common_tpls/images/icons/fname.png
207.120.33.7200 OK 1.6 kB URL HTTP/2 bsrvtn.com/common_tpls/images/icons/fname.png
IP 207.120.33.7:0
File type PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c846870756544f39604e671d4111b9d
304938c74246e228fa82d8ca40201c3db6098074
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d
GET /common_tpls/images/icons/fname.png HTTP/1.1
Host: bsrvtn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/acct/epc68155/add/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957&epcCID=q4faa6Waw0PbS211ea1fa0U0I5T4mdpam&rtid=41358502965
Cookie: PHPSESSID=5405664971209f1226519c12bef25964
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:03 GMT
content-type: image/png
content-length: 1649
last-modified: Tue, 28 Nov 2017 20:52:02 GMT
etag: "5a1dcc72-671"
section-io-cache-id: 35f7b89a8a4cece7dd915784c25726d3
x-varnish: 780589 1592699
age: 12013
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 16ba8424270e0fe10375b626b74066cc
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
104.18.23.52200 OK 2.6 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP 104.18.23.52:0
File type ASCII text, with very long lines (27832)
Hash eaaabd3f60063923cd5333eb1d7a20a1
0da69706105e28896a1f6eeaa91d5bec1b82f7f1
f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bsrvtn.com/
Origin: https://bsrvtn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:03 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1355571
accept-ranges: bytes
server: cloudflare
cf-ray: 78bf194c0a4bb4fa-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
104.18.23.52200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP 104.18.23.52:0
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bsrvtn.com/
Origin: https://bsrvtn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:03 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1355571
accept-ranges: bytes
server: cloudflare
cf-ray: 78bf194c0a4cb4fa-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
104.18.23.52200 OK 54 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
IP 104.18.23.52:0
File type ASCII text, with very long lines (65397)
Hash dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bsrvtn.com/
Origin: https://bsrvtn.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:03 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 1355571
accept-ranges: bytes
server: cloudflare
cf-ray: 78bf194c0a4db4fa-OSL
X-Firefox-Spdy: h2
js-agent.newrelic.com/859.25fcbbf1-1221.js
151.101.66.137200 OK 6.0 kB URL HTTP/2 js-agent.newrelic.com/859.25fcbbf1-1221.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (21758)
Hash 075e387e4c20df5b5c683b913e0a5c9d
53dbc08cad799a04cc54a293e0ceb73e4f7db989
e211ef672d665422463674a4239d0717ba21b6579f8151d4ee98a62fbf2296cf
GET /859.25fcbbf1-1221.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +goQW8pSNEuaIL/VsSxuQTdOwAWWYzYUnH4OUaVbXC1zyfGdCkQKkZuApSeSUw3SR0m2dnPDMlc=
x-amz-request-id: 33WDWKJ4SEWGQJD2
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
etag: "955ba8bb9a6f4fec37ed25b54890b88a"
x-amz-version-id: LcQjPO428dQ4CkCwzu1ctp1i_7pNRF02
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 19 Jan 2023 11:06:03 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 7038
x-timer: S1674126364.625167,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5994
X-Firefox-Spdy: h2
js-agent.newrelic.com/590.25fcbbf1-1221.js
151.101.66.137200 OK 3.9 kB URL HTTP/2 js-agent.newrelic.com/590.25fcbbf1-1221.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (9523)
Hash 668d6ce7fa988afefd78e62feffc9d9e
b48b8d633d7c76a4e5ff41dbf35d343c6ed5fb75
22e86fcc62d926cd051d6bcd5a311afa0f78efaf8cf3d5a1cbf71b39ca81a6e3
GET /590.25fcbbf1-1221.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: +WAd0nhhaELU6/6K1u657bMPgMX+p/bi2xBIxo3vsTzBlUlm/Iu/ThNWYpe2wHllyOk30oS/XfA=
x-amz-request-id: 33W9TWZ450414FCB
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
etag: "92e1944f8d0a41050f325890fd46d907"
x-amz-version-id: ojurhdR3hlmw0KgBN226TqH.sYUeq1Tt
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 19 Jan 2023 11:06:03 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 7036
x-timer: S1674126364.818487,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3878
X-Firefox-Spdy: h2
bsrvtn.com/common_tpls/js/form_support.js?v=1101202201
207.120.33.7200 OK 2.8 kB URL HTTP/2 bsrvtn.com/common_tpls/js/form_support.js?v=1101202201
IP 207.120.33.7:0
File type ASCII text, with very long lines (3382)
Hash 99e4dd8c0d1ff88d9233c113c9deb7dc
c66e1da2c1c67a2ea68d981b4cf781ccfb5d86a3
4226d364c444443b50475959c2ed82895450f3fa8e82b22865484deffadc2b65
GET /common_tpls/js/form_support.js?v=1101202201 HTTP/1.1
Host: bsrvtn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/acct/epc68155/add/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957&epcCID=q4faa6Waw0PbS211ea1fa0U0I5T4mdpam&rtid=41358502965
Cookie: PHPSESSID=5405664971209f1226519c12bef25964
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Nov 2022 21:23:38 GMT
etag: W/"6377f7da-ed7"
section-io-cache-id: 48cf574b0e034bd8c26b2ca36a4363c9
x-varnish: 780587 1293722
age: 12013
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 30adcc30927d4ec4b77e7c4f9fa78979
X-Firefox-Spdy: h2
js-agent.newrelic.com/457.25fcbbf1-1221.js
151.101.66.137200 OK 2.2 kB URL HTTP/2 js-agent.newrelic.com/457.25fcbbf1-1221.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (5553)
Hash 668b6063ac332a7f446a470cfe5857e8
180d316dc899e037ba45107b9bb1ef3ef7a7415a
b4c1773861d0636a373ecbac7e1334680105ca1c0cc685f6efe0e78c820358fa
GET /457.25fcbbf1-1221.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: U5Y1c5xJGTCDmzdRt6cAkXrChOhRFghlWna7w0cnN4rrnKb+ipeGTB8PSXxh06A9yFsqKvxpTfE=
x-amz-request-id: 33W0N4F5H85S99QA
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
etag: "74cb970ad1cca9b43a1326b3618adc9f"
x-amz-version-id: PI7ELWWdeBYiCYBkGMRwXTH0E8ONfEZC
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 19 Jan 2023 11:06:03 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 7036
x-timer: S1674126364.818697,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2241
X-Firefox-Spdy: h2
bsrvtn.com/common_tpls/js/validate_form_v2.js?jsv=31
207.120.33.7200 OK 6.6 kB URL HTTP/2 bsrvtn.com/common_tpls/js/validate_form_v2.js?jsv=31
IP 207.120.33.7:0
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with very long lines (1168)
Hash 2297f97651a74a088e2dc671ae1a0703
988542f017ff61cd9d7303f94c313d3dda849f79
0707db4f0c9175b52f08aece1f1fe8c669964b2b143152b0111fabf5c9118597
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/js/validate_form_v2.js?jsv=31 HTTP/1.1
Host: bsrvtn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/acct/epc68155/add/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957&epcCID=q4faa6Waw0PbS211ea1fa0U0I5T4mdpam&rtid=41358502965
Cookie: PHPSESSID=5405664971209f1226519c12bef25964
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 10 Jan 2023 21:04:24 GMT
etag: W/"63bdd2d8-62bd"
section-io-cache-id: 8b6099cd269933951ae70e4d565369d3
x-varnish: 2065029 1259836
age: 12055
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 5c80e68e74b1367c9852180a96f85e48
X-Firefox-Spdy: h2
js-agent.newrelic.com/736.25fcbbf1-1221.js
151.101.66.137200 OK 2.3 kB URL HTTP/2 js-agent.newrelic.com/736.25fcbbf1-1221.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (5220)
Hash 6a75f2958043c251fa41b4d7d5073acc
26785ff7cad1309e9e120ed24e2901565b619fc3
e922b3b6bde60fdf7f102ecd885dbaf79f81eb1cb9c23000d8302021dbea65de
GET /736.25fcbbf1-1221.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: +IrQBISZYFuk7uIU3yB9SDF9VtuQonIdiaYIveQ+pXMlFui2wli+MFm+3x4s+nbbNMpXmGaKIhA=
x-amz-request-id: 33W7XTJM59R04C51
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
etag: "f89e0773b439273abd9cce629a69a68e"
x-amz-version-id: Jd0S.YVh9CaXfPOCqdoECl_Mx9lbK5bG
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 19 Jan 2023 11:06:03 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 3754
x-timer: S1674126364.820110,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2337
X-Firefox-Spdy: h2
js-agent.newrelic.com/244.25fcbbf1-1221.js
151.101.66.137200 OK 3.2 kB URL HTTP/2 js-agent.newrelic.com/244.25fcbbf1-1221.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (7207)
Hash c30f63a18193258ef7c94ca71efe0ce1
c0cd0a7503a99164c71f83e1fd277fd11a3cc49c
a9bad43e118806a44997811c59b54f83c9bd8e41f9a45230166881e1f1ae866b
GET /244.25fcbbf1-1221.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: xtX8p60ObiW2wx2089/nMoaJ+WWWWcaLHJAWFXXZnmpXx6nh4imo4JafIReNJSSj9U8NqqF2vMw=
x-amz-request-id: 33WD9114YCV8GNXF
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
etag: "10761414c69129d7b0eca13654453978"
x-amz-version-id: e2__U5byTFNhVa9OnsLbCmLc69kX_p7Y
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 19 Jan 2023 11:06:03 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 3754
x-timer: S1674126364.820129,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2760
X-Firefox-Spdy: h2
js-agent.newrelic.com/142.25fcbbf1-1221.js
151.101.66.137200 OK 1.1 kB URL HTTP/2 js-agent.newrelic.com/142.25fcbbf1-1221.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (2345)
Hash 71f961011f858ef2f4b165d179fc64e1
e6a0ec40fd51a661e07002537596ef06199e3115
a27642e9dd8653233b1533ca97571e7aef37ea3a5d9c7546acf0207566d0b4c8
GET /142.25fcbbf1-1221.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: VeM4EsXjiGs8WkKD3wDPXqjkBojUVpHeQYUd6AeIQqW7LgHmLMg0bwonEgLIVE2AI8Q/cHsTdv4=
x-amz-request-id: 33WF30PY4ETGE8WX
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
etag: "39c27fcfa6bb15809b306b5c915522b8"
x-amz-version-id: VffeRtNBrgVvjp64eZabDMMkJE1Mt0o3
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 19 Jan 2023 11:06:03 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 3767
x-timer: S1674126364.820723,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1086
X-Firefox-Spdy: h2
js-agent.newrelic.com/885.25fcbbf1-1221.js
151.101.66.137200 OK 6.1 kB URL HTTP/2 js-agent.newrelic.com/885.25fcbbf1-1221.js
IP 151.101.66.137:0
File type ASCII text, with very long lines (17644)
Hash 97c0d7c1612e142cabc0ad3a0723d6d1
1e7e560af64273095d299e31b6032ad78f0f99d8
e235a42b4b870933ff7636a77f99b738cfc63cecb96f3a44b38d01ad35b126b6
GET /885.25fcbbf1-1221.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 4KhVyePQ1UPwd2qHRZ4YNJ71iPGoKlXvsppGkw9xRT9IEVemdT8bH3ZyfRm4O6KWMedIpxLgf8w=
x-amz-request-id: 33W7KTW3X5C68N7K
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
etag: "24b4856ed39246f3c0d71e48be979862"
x-amz-version-id: Js2cPjVhYFdcC2CsvlVQmVtMWUAuHzkv
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 19 Jan 2023 11:06:03 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 2450
x-timer: S1674126364.821010,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 6086
X-Firefox-Spdy: h2
bsrvtn.com/acct/trk/?rtid=41358502965
207.120.33.7200 OK 21 B URL HTTP/2 bsrvtn.com/acct/trk/?rtid=41358502965
IP 207.120.33.7:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d5907a96ddf56e9bfb99b689308573c7
5eedb8a305d32c027e0af609d942af5acb4e3bbe
8d6e762790487535927c2b90e8d28a194c1cd8197877e31329c557d747f914b3
GET /acct/trk/?rtid=41358502965 HTTP/1.1
Host: bsrvtn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6IjZjNWUzMmVhZDFiYTY2MmIiLCJ0ciI6ImVmMDA1YThkYzlmMmVkNjg4ZTIyMGY3MjllYzc1YWMwIiwidGkiOjE2NzQxMjYzNjMyNTB9fQ==
traceparent: 00-ef005a8dc9f2ed688e220f729ec75ac0-6c5e32ead1ba662b-01
tracestate: 3355250@nr=0-1-3355250-1103078842-6c5e32ead1ba662b----1674126363250
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://bsrvtn.com/acct/epc68155/add/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957&epcCID=q4faa6Waw0PbS211ea1fa0U0I5T4mdpam&rtid=41358502965
Cookie: PHPSESSID=5405664971209f1226519c12bef25964
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:04 GMT
content-type: text/json;charset=UTF-8
content-length: 21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 149502
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: b159be8fd13bc721ff61b2719638bd08
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1221.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4284&ck=0&s=3e595c814a07115e&ref=https://bsrvtn.com/acct/epc68155/add/&ap=87&be=3633&fe=314&dc=308&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1674126359273,%22n%22:0,%22f%22:2491,%22dn%22:2493,%22dne%22:2526,%22c%22:2526,%22s%22:2630,%22ce%22:2924,%22rq%22:2924,%22rp%22:3516,%22rpe%22:3516,%22dl%22:3521,%22di%22:3923,%22ds%22:3940,%22de%22:3946,%22dc%22:3946,%22l%22:3946,%22le%22:3951%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1221.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4284&ck=0&s=3e595c814a07115e&ref=https://bsrvtn.com/acct/epc68155/add/&ap=87&be=3633&fe=314&dc=308&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1674126359273,%22n%22:0,%22f%22:2491,%22dn%22:2493,%22dne%22:2526,%22c%22:2526,%22s%22:2630,%22ce%22:2924,%22rq%22:2924,%22rp%22:3516,%22rpe%22:3516,%22dl%22:3521,%22di%22:3923,%22ds%22:3940,%22de%22:3946,%22dc%22:3946,%22l%22:3946,%22le%22:3951%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1221.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4284&ck=0&s=3e595c814a07115e&ref=https://bsrvtn.com/acct/epc68155/add/&ap=87&be=3633&fe=314&dc=308&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1674126359273,%22n%22:0,%22f%22:2491,%22dn%22:2493,%22dne%22:2526,%22c%22:2526,%22s%22:2630,%22ce%22:2924,%22rq%22:2924,%22rp%22:3516,%22rpe%22:3516,%22dl%22:3521,%22di%22:3923,%22ds%22:3940,%22de%22:3946,%22dc%22:3946,%22l%22:3946,%22le%22:3951%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 11:06:04 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 78bf194f2d50b4f1-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1221.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=5041&ck=0&s=3e595c814a07115e&ref=https://bsrvtn.com/acct/epc68155/add/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1221.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=5041&ck=0&s=3e595c814a07115e&ref=https://bsrvtn.com/acct/epc68155/add/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1221.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=5041&ck=0&s=3e595c814a07115e&ref=https://bsrvtn.com/acct/epc68155/add/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 679
Origin: https://bsrvtn.com
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 11:06:05 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 78bf19532b74b4f1-OSL
Access-Control-Allow-Origin: https://bsrvtn.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
www.landqck.com/ep.php/prmagms:74332/68155:34828.null.null.Mi7S011939960.6957
50.112.176.215302 Found 0 B URL HTTP/2 www.landqck.com/ep.php/prmagms:74332/68155:34828.null.null.Mi7S011939960.6957
IP 50.112.176.215:0
GET /ep.php/prmagms:74332/68155:34828.null.null.Mi7S011939960.6957 HTTP/1.1
Host: www.landqck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://slutsaga.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 19 Jan 2023 11:06:01 GMT
content-type: text/html; charset=UTF-8
location: https://entrsec.com/signup/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957
set-cookie: AWSALB=Csp+xipmLHbj2MqWnxBqTZ0MhQ65ol23zfvqn9YxM0eUDfLVB+yXI3QRytM3V6iKxY6HoEcx8eoAZhJCDwixdlaaeLWKxTBkKNap3x19Jst37XM/8CWPGUkzjR84; Expires=Thu, 26 Jan 2023 11:06:01 GMT; Path=/
AWSALBCORS=Csp+xipmLHbj2MqWnxBqTZ0MhQ65ol23zfvqn9YxM0eUDfLVB+yXI3QRytM3V6iKxY6HoEcx8eoAZhJCDwixdlaaeLWKxTBkKNap3x19Jst37XM/8CWPGUkzjR84; Expires=Thu, 26 Jan 2023 11:06:01 GMT; Path=/; SameSite=None; Secure
vip_id=68155.47406-120222; expires=Sun, 22-Jan-2023 11:06:01 GMT; Max-Age=259200; path=/
server: Apache
X-Firefox-Spdy: h2
bsrvtn.com/common_tpls/js/iframeResizer.contentWindow.min.js
207.120.33.7200 OK 0 B URL HTTP/2 bsrvtn.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP 207.120.33.7:0
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: bsrvtn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/acct/epc68155/add/?epcVIP=48.1066.g110&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&act=epc68155.47406-120222.34828.null.null.Mi7S011939960.6957&epcCID=q4faa6Waw0PbS211ea1fa0U0I5T4mdpam&rtid=41358502965
Cookie: PHPSESSID=5405664971209f1226519c12bef25964
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:03 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 9a9c6828e6b1bb07311822070c2d071e
x-varnish: 780590 243787
age: 12013
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: b75c421680b78b140dd060c4e98fa66f
X-Firefox-Spdy: h2
kit.fontawesome.com/b314bdf1b3.js
104.18.23.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/b314bdf1b3.js
IP 104.18.23.52:0
GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bsrvtn.com
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 11:06:03 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FzbgJfFtPgGrse1S8zBh
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 78bf194a6ff4b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
slutsaga.com/2?pub_id=34828
104.21.52.132301 Moved Permanently 0 B URL HTTP/2 slutsaga.com/2?pub_id=34828
IP 104.21.52.132:0
GET /2?pub_id=34828 HTTP/1.1
Host: slutsaga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://go.trklinkcm.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 19 Jan 2023 11:05:59 GMT
content-type: text/html
location: http://slutsaga.com/2/?pub_id=34828
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3V8BGv7tIFgsLDx8aAK8eiKxnL4J50vZXW33%2BYu%2B4jh0Kl3OU6ls2mnhiqFgg398aDzoe%2BDjMOW9SiZj1CkZ9XaDlW5ZPXVvs095PlCUcy61Yq3YXE23MnawRejcwhA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78bf1930de071c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Nunito:wght@400;700&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Nunito:wght@400;700&display=swap
IP 142.250.74.74:0
GET /css2?family=Nunito:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slutsaga.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 19 Jan 2023 11:05:59 GMT
date: Thu, 19 Jan 2023 11:05:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js-agent.newrelic.com/466.25fcbbf1-1221.js
151.101.66.137200 OK 0 B URL HTTP/2 js-agent.newrelic.com/466.25fcbbf1-1221.js
IP 151.101.66.137:0
GET /466.25fcbbf1-1221.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsrvtn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: gkokY6tUrggDoAf4vGDmPhGIZ3bZaK+EEiKSVYell+e/N8+6p5+u+Xq+mKER90YnIWXCzDmB4K4=
x-amz-request-id: 33W8FS94KW84WSYH
last-modified: Fri, 09 Dec 2022 15:30:38 GMT
etag: "eff7d2245d8d47fee06efb3b1f53af37"
x-amz-version-id: qv9p0IVfilK3D.ZTQ1hUosNHmmv.lLd6
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 19 Jan 2023 11:06:03 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 3745
x-timer: S1674126364.820819,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2995
X-Firefox-Spdy: h2