fun.bucarol.com/fts/1kzzjLPOQryz-1kcSSSlBcFW1
301 Moved Permanently 0 B URL HTTP/1.1 fun.bucarol.com/fts/1kzzjLPOQryz-1kcSSSlBcFW1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fts/1kzzjLPOQryz-1kcSSSlBcFW1 HTTP/1.1
Host: fun.bucarol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 05:07:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 26 Sep 2022 06:07:44 GMT
Location: https://fun.bucarol.com/fts/1kzzjLPOQryz-1kcSSSlBcFW1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmU5gEPa1XVQt%2BcMu1tJH31w7%2FG62VqT6nz6b41rmKLy0gSVisk7UIK%2FfSKW7mqJvWuNJaEuIaNfsz3QDASYuJ4FSGTWZ%2Fk4iC55OWdXMWBvxVmfjl6NJb3dEdlmG6EqMD8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75097a484e2efac8-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 04:15:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cHFdkW9r_E2BO_lkhlEzaZz3BdwFTZFLRI5yuE23asTosExAlz29iA==
Age: 3146
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4583
Expires: Mon, 26 Sep 2022 06:24:07 GMT
Date: Mon, 26 Sep 2022 05:07:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gjcfG1tDQ68m2vGwhXdud0MGx2SRDEQwuCG0aS_8jfzGvFWx7PQGvQ==
age: 1949
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 2d11d4d04869e3bdec9024596630b64d
af48e3de1e8d30626e8cb2626271624bafe8c4f4
a8763a7e1f690a15d6bf7237484be6ed3f89896deeb1cfb52532f5a1fc2a02fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:07:44 GMT
Server: ECS (amb/6BBB)
Content-Length: 279
fun.bucarol.com/fts/1kzzjLPOQryz-1kcSSSlBcFW1
301 Moved Permanently 0 B URL HTTP/2 fun.bucarol.com/fts/1kzzjLPOQryz-1kcSSSlBcFW1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fts/1kzzjLPOQryz-1kcSSSlBcFW1 HTTP/1.1
Host: fun.bucarol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Mon, 26 Sep 2022 05:07:44 GMT
content-length: 0
location: https://appuseful.top/sw-cash/sws/english/?vid=efUlcIo8PSlDK8VOcqWVGNJ19gx
x-lum-instance: edge-677444d6bb-hpsvk
cache-control: no-cache, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
x-lum-execution-time: 6.923561ms
set-cookie: vid=efUlcIo8PSlDK8VOcqWVGNJ19gx; expires=Tue, 26 Sep 2023 05:07:44 GMT; path=/; secure; SameSite=None
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jv7WFGcCXJva6Vsw%2B2WLIc27mSqq3UJwhffYLRxh7Q0PInqV1Se3ud0lBi7B%2FE38g5iPDu3UC1Cw9MrdyxG6lsHdx0quF3aqJcpE00FN4dMjsjyQyvqmwmI69reE2nZl3Tc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75097a4a2a86b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 05:07:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 2d11d4d04869e3bdec9024596630b64d
af48e3de1e8d30626e8cb2626271624bafe8c4f4
a8763a7e1f690a15d6bf7237484be6ed3f89896deeb1cfb52532f5a1fc2a02fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:07:44 GMT
Last-Modified: Mon, 26 Sep 2022 05:07:44 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1p5/jPSh1R0qmeo
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/jPSh1R0qmeo
IP
Hash 7eebd071a75dd4af2d24054154a51bca
e4c21c8ebb356d1d6e2f634071d79f3c4e7b491a
778fc731210033b6cff61b10f1b975196bbd5ec898d0fc011ec0d84df297af7a
POST /s/gts1p5/jPSh1R0qmeo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:07:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 05:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 05:22:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0mFzNRS2ZFisTsDZYhcJZNgErhKcE9bIOpDqKHDS8tFqxB-3s78pVA==
Age: 625
ocsp.pki.goog/s/gts1p5/jPSh1R0qmeo
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/jPSh1R0qmeo
IP
Hash 7eebd071a75dd4af2d24054154a51bca
e4c21c8ebb356d1d6e2f634071d79f3c4e7b491a
778fc731210033b6cff61b10f1b975196bbd5ec898d0fc011ec0d84df297af7a
POST /s/gts1p5/jPSh1R0qmeo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:07:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6563
Cache-Control: max-age=103705
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:07:44 GMT
Etag: "63300c16-1d7"
Expires: Tue, 27 Sep 2022 09:56:09 GMT
Last-Modified: Sun, 25 Sep 2022 08:06:46 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
appuseful.top/sw-cash/sws/english/img/landers/survey-pick-a-box/checked.png
200 OK 1.5 kB URL HTTP/2 appuseful.top/sw-cash/sws/english/img/landers/survey-pick-a-box/checked.png
IP
File type PNG image data, 256 x 256, 4-bit colormap, non-interlaced\012- data
Hash b9a9e340bb886b125b3f43f6fe456c0d
e60c66e26465ba9bac392e72733c20380228ad73
ab834bfb8eeb43e3703eabad89e11a0cd906155d6cea60205cd69e443cc9adcc
GET /sw-cash/sws/english/img/landers/survey-pick-a-box/checked.png HTTP/1.1
Host: appuseful.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appuseful.top/sw-cash/sws/english/?vid=efUlcIo8PSlDK8VOcqWVGNJ19gx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:07:45 GMT
content-type: image/png
content-length: 1502
cache-control: public, max-age=31536000, must-revalidate
etag: "5c14285e4620a4e4edfadebf1a90af91-ssl"
x-nf-request-id: 01GDE43T2ZWM311ZD24ZZM2MXT
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxDfhwhLqAyKHbDxSGH7KU%2FDiwqmgMxeUUXqlpdfvE4OucDvIs9s%2FaUKb4ZGsstx%2B7WARaelO574VaWGjnNuQqsGFEkKVgcAT5qKQNMFfXGyxxuQPRADo33Qg5wM4Jr3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75097a4d6816b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
appuseful.top/sw-cash/sws/english/img/prizes/cash-300000-usd/ng/default@0.75x.png
200 OK 19 kB URL HTTP/2 appuseful.top/sw-cash/sws/english/img/prizes/cash-300000-usd/ng/default@0.75x.png
IP
File type PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Hash 532300c722f12809f2403a37c550cf7d
6f72491378b5cc1908463db0f2e2a54431199334
dd357592029891f9bcbfa8aff01873a94dc58965220b2de30635e13b311dc26d
GET /sw-cash/sws/english/img/prizes/cash-300000-usd/ng/default@0.75x.png HTTP/1.1
Host: appuseful.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appuseful.top/sw-cash/sws/english/?vid=efUlcIo8PSlDK8VOcqWVGNJ19gx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:07:45 GMT
content-type: image/png
content-length: 19261
cache-control: public, max-age=31536000, must-revalidate
etag: "a534f5e62c6293ac684c396220dbd501-ssl"
x-nf-request-id: 01GDE43SAYBS7X1VW4V4KHAVM0
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBx%2BITmOsVq%2Fp8tJZ4ONkz%2FfdCxwu93yAI1bj1NnDoO4ii9KgMF5m%2BlqS3GoXzdJj3DG2zHxl7r5vktof4id5q8I1QPz0Yy4FX1JZgMXZjavKSYo3h8fYEyPNe07IeO4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75097a4d5814b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
appuseful.top/sw-cash/sws/english/img/landers/survey-pick-a-box/spinner.gif
200 OK 1.6 kB URL HTTP/2 appuseful.top/sw-cash/sws/english/img/landers/survey-pick-a-box/spinner.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash 907e5277285e5c4d1cfdf2ecc2332c53
d4c50a33dbf2f2c896bb13b5339affcf345cdf10
d08886e8a724d490ec4f86229c38a1856ef782d7e56d80f6dd042a76da6dec2e
GET /sw-cash/sws/english/img/landers/survey-pick-a-box/spinner.gif HTTP/1.1
Host: appuseful.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appuseful.top/sw-cash/sws/english/?vid=efUlcIo8PSlDK8VOcqWVGNJ19gx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:07:45 GMT
content-type: image/gif
content-length: 1569
cache-control: public, max-age=31536000, must-revalidate
etag: "c1dcead54c316fa591172016e9477403-ssl"
x-nf-request-id: 01GDEBBAR5A411EQYGGNPFZM9V
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42Jp72HBP2atemiMiCj8DM57UqeK0bCo5CnhxGHLII0YLM%2F7%2Bp89zE96J2hSr4TSgJTHVhv9CAzbDV0LOKzAfD5IXBQJg24sghMRCbx7GlNmbaigzaNP4kbOLgH5vI0z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75097a4d6818b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R/qVBvnOWlnckLGsS+Junw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VLz23BFP/6ttQHuq8rlggpWj3ME=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:07:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:07:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b31e804653bd3d7b7457542ffefe020e
1debdf5025f84eccc7656de9c3c32b3255c9a1c9
5a516af21efb2f365559b6161b12ce92c07ee4582044c11d4482d8e9ff6db8b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A516AF21EFB2F365559B6161B12CE92C07EE4582044C11D4482D8E9FF6DB8B6"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10237
Expires: Mon, 26 Sep 2022 07:58:23 GMT
Date: Mon, 26 Sep 2022 05:07:46 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:07:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6Mk.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6Mk.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30908, version 1.0\012- data
Hash 0637d53459cdc8ee092a8f96186b4097
060034f995d649902b3207d41fde9a6060241499
50488656aeea003d0042da0979cd15675c0bc1c028a21dddfafd7656d54c709e
GET /s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6Mk.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://appuseful.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 14:17:47 GMT
expires: Mon, 25 Sep 2023 14:17:47 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:34:50 GMT
content-type: font/woff2
age: 53399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 05:07:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7762
Expires: Mon, 26 Sep 2022 07:17:08 GMT
Date: Mon, 26 Sep 2022 05:07:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7762
Expires: Mon, 26 Sep 2022 07:17:08 GMT
Date: Mon, 26 Sep 2022 05:07:46 GMT
Connection: keep-alive
register.yars10.net/js/pub.min.js?application=appuseful.top
200 OK 14 kB URL HTTP/2 register.yars10.net/js/pub.min.js?application=appuseful.top
IP
ASN #24940 Hetzner Online GmbH
Hash cad02330a35b31afe725899c76f94981
3e8df6cf1404f25634e3f9dcec0298f50ac2cb70
d0b7ec8e460aff4adccb169056a1952f3b66b6050a21d4a5407e9e8bcd1ff0f4
GET /js/pub.min.js?application=appuseful.top HTTP/1.1
Host: register.yars10.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appuseful.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
date: Mon, 26 Sep 2022 05:07:46 GMT
vary: Accept-Encoding, Origin
set-cookie: api_push_dog_session=eyJpdiI6IjZ4NGxlWGFCbUR5bHg1RWpBWkduVGc9PSIsInZhbHVlIjoiRndYSkx4Y0l4dEkvd0ZJOWhVbStBeHdIcERBTXN5dFhybFpLWE9JRHBzV2FwWnJlU1VRcDl1L1k2ZWQ2UmNHSEJ2ZnVDbC9HYWxnb3hDTzlJS1d6ZzJmODFJOWxNN0lCTkZCN2VxNkdYelVwRmx0STFMT002ZWFLa0wzOTlGaUMiLCJtYWMiOiI2MDk5MjE5YTU0M2Y1ZmI4MDVkODBlY2M5NjQzMDBhNGMyYmFjNjBhZjIyZjM2ZGExODAwMTkyMzYyNTczOTgyIiwidGFnIjoiIn0%3D; expires=Mon, 26-Sep-2022 07:07:46 GMT; Max-Age=7200; path=/; domain=push.dog; secure; httponly; samesite=lax
Hc2wA2AGoeuMeq9EJnNGQpIYKjJG8xcmvh3rMFZ9=eyJpdiI6InZYcE1zYVlIbTVHc3Q5VnA2cVMvUkE9PSIsInZhbHVlIjoiYkRqeVJ5Z2dtV1hjQTd2TklKNlhWY2FWOGd5Qko4QmhqYStGZlJsakxNTDdNNjlOZThVTk11MWYyaWtuZVIrcTFBTXJsbDMrcURGdlYyQ1h1VDBKUTBvTFpBWjNWcjkzS2NPb3gxamRKNStJREV0dUtES2ZoYnJ0TFgrYVo3SURySXdSSzhxM2U0TThocS94cngvZDBrQUgvR0FSY2NUTXRYYWJUR2ttSmdrNitWaG9ZRGEzczhLY0hlSVdUbnhaMkRWeXpNT2srcHVWWVhpM0lyQXJCYmh6b2hhNzJ5Q1hsNWp5ZnMrTmhpMVp5ZlpuMDd3VnRmYVlNWUl1ZEZDM3FWMCs3T01COTBTUll4aXkxMmllTTdZNDN5YVY0c0RFK1AwVnhLZUlDV3ZJbTh6N2lPUnEzRG8yWXZtK0NwdGY5bGpmQUtaN3YrQjlJMFdDWFk0d1kzMjVGeHVpMmRNdVJYM1dpZ2paVXpBQnRZZEVUM3dHU1B5VldwS3JGYnRFVzJSb3J2V3gxa1B1dlVxck55emh3VnVKRHU4R1Q4M2ZBTUEwK3FRY2tydzd1M0pPOGZQWGliQktuQ0N1VnNBVXJGVXBFdEdnM24rWmpwYUZ5eDQyQ05BQ0ZLdjJyWlB3M293alBXVmpxMmQzR1VVVjM5MTZHcGxrZEJ6RXFHRTUyb1Y0WlVPSlVBNzlQbGtFZE5xSm9QMnVuY2h1SmExSUVBZXV0R0kyZHYxOWxDSEQ1TlVjQ0thSjJ5TXlET3M0UDdTZkx2ZE02UXFSQ3FzcG1vSDlTRm00OHRobFFMckJ3SDdoTitVcXUwdlViMDdNNmdKZ3NtbGxyYmJDaFI4WXM5RDNYOGViMytXNkVCeGowMzJ2c2VtRG1GcDNJQVZrbnMyZDRsV1o0QWVzNElhT25NSzdwSFJaNm4zeE9rRSs5SkE4dGtVRCsrSU05ek1wdkNBWUw1YWJMQjRVR1pkVm9vWStLQThpc0dpTGNuSmlJMHZBZTVFVUpMUzhJYTlwTitQSlVvcGtvWmN0Q0pyUnlDcDA3ZG1jc2tlZVV0MmhjbGF1TklBb0RCLzREczBjTkFLQkNsNGRMUEE0OGx0RFB4WFlLcnpqYUNIYmt5VmN4NGtEWGhLMDZ6SVVXZG93cjRwbWY5NGNHWUNiVEFmMWo3UXp1dGFqYzFJcjZGUksiLCJtYWMiOiJiMDIzNmRhYWY3NTdhMjQ0NTk3YTJhNzkzM2E1ODg5N2I3ZjMwZDZkNGVkZDYyZWJlMmY0Y2Q0YTZjZDQxN2FlIiwidGFnIjoiIn0%3D; expires=Mon, 26-Sep-2022 07:07:46 GMT; Max-Age=7200; path=/; domain=push.dog; secure; httponly; samesite=lax
DSALB=4b19916237258d2f; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
appuseful.top/sw-cash/sws/english/?vid=efUlcIo8PSlDK8VOcqWVGNJ19gx
200 OK 15 kB URL HTTP/2 appuseful.top/sw-cash/sws/english/?vid=efUlcIo8PSlDK8VOcqWVGNJ19gx
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (530)
Hash 88f28c3a4d600e33ef5ca99f0fde89bd
4401daad6d963aeaf254077971d1ccdb56fa2d14
80132ea218f14305bf5157770f5ab6a38884ede6da0cd7d7ac4f97608573b7cd
Analyzer Verdict Alert fortinet Phishing
GET /sw-cash/sws/english/?vid=efUlcIo8PSlDK8VOcqWVGNJ19gx HTTP/1.1
Host: appuseful.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:07:44 GMT
content-type: text/html; charset=UTF-8
age: 93128
cache-control: public, max-age=0, must-revalidate
vary: Accept-Encoding
x-nf-request-id: 01GDW33AX0FR0PKRDMR4KBWXGA
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHEmnGPhgYHYs3n9h6ALVfp6fAWrEqn0nJjn%2F2q9vLVrBFXNtZgAqbHSfuV7G%2F99Vasf3S46nV3bMEJn0kHq6jgw%2FYP4JDaqhJodwiPLsGbozTgE2zKZ%2BVaTqC9Vo3xa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75097a4bfeebb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 22670
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d79a3a5bd7dc7aa6cab306176fafd11
0d5cb1f3e3ea510308034a5e569c0e65fae30835
57979dfcf6fdc76f04e4790c2b94b876e188ac780aa49d9bfc8a58c498dc4203
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f39b5b4-f60c-42d8-9916-f71d7998f158.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7185
x-amzn-requestid: e7b997d7-f9ce-40c6-b9bb-372ee10d8ad0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTAfEX5oAMFcHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb9c-31e295e33ead940f381121a1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:43:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YW8Pk1qXdq3DBNRDO3abND1HGTqhUInN2Wo3N8Uzb0zzyXrsKPCvYg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 26334
etag: "0d5cb1f3e3ea510308034a5e569c0e65fae30835"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b6e43e36ae283d6ec12fb5c9c692fa83
a3b3a4396da5beac2430e8facdb4d4b799621c9d
49ed7dccf0fe8abb7b0bfdc34ff89b30ef719288571bb1d89d29a1cb8857310e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa675e34b-7ee1-4318-a6a3-b49bce6a4ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10944
x-amzn-requestid: 2711886c-e022-4a77-862e-9d7bbd0db02e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvxHsSIAMF8Pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-6b464e2e489825b51447d74d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-nUwIxG9TDPRBSt8-RuITSg0nVZIMMidfKme75OXsqDXJ-vcXA41Q==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:25:00 GMT
age: 24166
etag: "a3b3a4396da5beac2430e8facdb4d4b799621c9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 24426
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appuseful.top
Connection: keep-alive
Referer: https://appuseful.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:07:44 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 75097a4d8956fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
appuseful.top/sw-cash/sws/english/css/app.css?id=2fbe2d9a9a40ca9b2489
200 OK 0 B URL HTTP/2 appuseful.top/sw-cash/sws/english/css/app.css?id=2fbe2d9a9a40ca9b2489
IP
Analyzer Verdict Alert fortinet Phishing
GET /sw-cash/sws/english/css/app.css?id=2fbe2d9a9a40ca9b2489 HTTP/1.1
Host: appuseful.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appuseful.top/sw-cash/sws/english/?vid=efUlcIo8PSlDK8VOcqWVGNJ19gx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:07:45 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, must-revalidate
etag: W/"df252afa0caf10d0eee2b25f002df84e-ssl"
x-nf-request-id: 01GDKK50QREG58DMX449ZNZA4C
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YUW6ib5EJOk7Wn6ux980Qkgc9O%2BpzOcW%2FmlUtiIjOPUGkqQNfyRrZhhPqhySMQfO3nluqx18tgdDIbVuWWkhtsiIUGwVvJQHFUN5unJ8PuerwLuBa6V%2FI2vOWR6WC3j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75097a4d5811b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
appuseful.top/sw-cash/sws/english/css/landers/survey-pick-a-box/app.css?id=1105e28fbd241a88e39b
200 OK 0 B URL HTTP/2 appuseful.top/sw-cash/sws/english/css/landers/survey-pick-a-box/app.css?id=1105e28fbd241a88e39b
IP
GET /sw-cash/sws/english/css/landers/survey-pick-a-box/app.css?id=1105e28fbd241a88e39b HTTP/1.1
Host: appuseful.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appuseful.top/sw-cash/sws/english/?vid=efUlcIo8PSlDK8VOcqWVGNJ19gx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:07:45 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, must-revalidate
cf-bgj: minify
cf-polished: origSize=2266
etag: W/"14af351bd5bf9130a1c89e663798177c-ssl"
vary: Accept-Encoding
x-nf-request-id: 01GDEHEM1C5AAAD1SB949CBRFH
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9a5esrbZiMMCD6qkE24WI1%2F%2BkN9ZTOpv7DHhbsAS%2FapISQtyl4IR4GDewrEZdsL7gqI3uXN9a1Tc6iHP9GF1DTFeQMrb8Tl3BlysRNDw3s1ePDZYpEvu7PZr4f9u3MrI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75097a4d5812b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Pacifico&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Pacifico&display=swap
IP
GET /css?family=Pacifico&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appuseful.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 05:07:45 GMT
date: Mon, 26 Sep 2022 05:07:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
register.yars10.net/js/sw.js
200 OK 0 B URL HTTP/2 register.yars10.net/js/sw.js
IP
ASN #24940 Hetzner Online GmbH
GET /js/sw.js HTTP/1.1
Host: register.yars10.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appuseful.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
date: Mon, 26 Sep 2022 05:07:47 GMT
vary: Accept-Encoding, Origin
set-cookie: api_push_dog_session=eyJpdiI6IlF4Ujl1WHNYSVNNbUxBem9yb1ZwZnc9PSIsInZhbHVlIjoiSjNvcGQ4UWh1dEFoakJXZFVCWTVrdG5GbzhoYU1qUWFRV0F4QVBIRzdxUDMwdG9zMG8vYmpQcThnKzl0aXU3MXplcGI1ejFFVE9UK3Y2RXh2aFZsa1pqK0NhenhvdDBwRzJ4US93cXRhSEplZVEvN3d4Mkd2ajE5VXFGZlQycUwiLCJtYWMiOiIxMDYzNTc0YmRlNDQ5OWI1M2M0MmYxMGQyZWExMDBhZDRkYTVmNjg3YWY0MWExNjVhOGI0ZjNmNDhkOWE5YWY0IiwidGFnIjoiIn0%3D; expires=Mon, 26-Sep-2022 07:07:47 GMT; Max-Age=7200; path=/; domain=push.dog; secure; httponly; samesite=lax
S9WTxrxgcfe9J7OxJoEdwiFzaqf3aLm19k96g8vJ=eyJpdiI6Ii9VRzFnWFI1TXdaWGl2REZUTnVNZXc9PSIsInZhbHVlIjoiVHlwME5zVGV2L0I2YVZ5UFdtZ2plZE9xMlNsVDAyUXFkTE9YTkdwRHN3UmxvMy9wempBOXVqSVB2NlhtZ2ZSTEt0TjBvdGlqYnppYmtTRVBScXFBME9TNzMwaEgrYitnd0xoWFg3RlU3bVlnSllacGJVZDlNZU1TNFBFZ1Q4cDVjUk8ydXcxYTBzdVdxaVZhODQydTcydnNQa1RkOFUwRUY0azIxRVFtWUg4citaS3VsTlFGQUhId1V5NGdocUNiRVA2QkxqSkM3eU9MUVRIamxaNFZzZE5XQ1BBWWxoUUprVTQwM2R0aEpVTHpkYmRkV1JicVc4SDhaaEFrZnRGMlBGeXlLdkJrcys0TXQ5SmYxQ3NRT2NhcU5JOWlSa1JTcHNqcVNhNGpxdExrQVBxUm15WXBXbkQ0VnBtM2JjbXR6TGozc1VTUkxuV0gzQ1YvbnpKMnpiOTZ5TTVqNUZCWEFQNTBOZUtOU2RnTnFGaDF4dFlobnhsKzduemtLY2IxZ2ZwRzUvemlFQ2RzdE95YU9OVkI4S29mVGtlNnRMSnNTSUVrSnEzbkovcnl1aEZPYlRHOU84eGFwM1ZiMEt1SWtlK09HckJpMFhsdkJPbW5jS3FMKzV0Tnp4NHFrK2xldlVUYjRMYk5oaGppYndxdk8ycVM1akhkZldmQndpZmZ0YzNFL2RXUzFLeXV2TmRMRzQrUlNGc29mODNsSTBGS2c5NzdWS0lKK2dQbU1CdS8rSm5hMGxXYnF5YUFpU0lpVFJTcTJTN3I5KzJEcWlocEJnZmtFZnpwWlZURUw1TVl3Z25oODEzdWRiVFZITTZUeGhmc0RBNHk2RDdFQlNEQ2tFQk5zNVFvRzhDYzdnRnVkRU01VXhLTlJqbmdySjVtb3ozbjBwVEhhVmttQ1ZhaTN1RnorZWN0R2JXeXlvYm1HMUxkeERJK3E2SktqTkVPaFQzdTV2ZTRmK0FXUnpRQjB4azZKY1N6TGI2VERiL3hsSnczOG9ZTzdjNUpjeXBpZXNVSmNZeXFCODUxZFQ3RzMyVUFqYVA0bCtGWkpBc0NqY29VVnJlcGpkM2U1U3lVOG9aRldzaGE0V0lrTzBBViIsIm1hYyI6IjgyMzM2NTE3YTRmN2MxNGU4YWI5ZDM5ZmE0ZDdmZmY5ZTMxNmZjOWFjZjM4MThhMmUwMjc5NDQ0ODdlZTIwZTQiLCJ0YWciOiIifQ%3D%3D; expires=Mon, 26-Sep-2022 07:07:47 GMT; Max-Age=7200; path=/; domain=push.dog; secure; httponly; samesite=lax
DSALB=595921988003458c; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
appuseful.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 0 B URL HTTP/2 appuseful.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: appuseful.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appuseful.top/sw-cash/sws/english/?vid=efUlcIo8PSlDK8VOcqWVGNJ19gx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 05:07:44 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 17:11:54 GMT
etag: W/"632b45da-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTEqaCWpe1sY10EnzHk9aXHa43IuXTT%2FPO2XegcP%2BR8edxlvJizeIWKifSEcsLy%2BHxyt1GrbpvjqETMzkAS2zx39HWtyUxpPt3tlkIIPfY3DXOPHskorSq7SK0JchsPc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75097a4d6819b500-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 28 Sep 2022 05:07:44 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
172.67.140.117
104.21.87.35
23.36.76.226
93.184.220.29
5.9.127.233