urlquery - report: m6s7p82irtest3.kaspykurmoma.tk/TSKtBH6B?keyword=npl007@slurpmail.net&sub1=clear&sub3=fatec.sp.gov.br

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	391	34.117.237.239
ocsp.pki.goog (9)	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3115	6322	142.250.74.131
js.sentry-cdn.com (1)	5259	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389	1753	151.101.194.217
app.api-push.com (2)	307671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	867	1611	172.64.163.28
r3.o.lencr.org (9)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3042	7978	23.36.76.226
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2372	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5892	34.160.144.191
m6s7p82irtest3.kaspykurmoma.tk (1)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	431	1374	172.67.209.189
dateexotic.com (1)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	531	1773	104.21.34.109
ajax.googleapis.com (1)	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356	32005	216.58.207.202
browser.sentry-cdn.com (1)	4393	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393	21341	151.101.194.217
freedatingero.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	884	1366	104.21.9.26
cdn-static3.com (1)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	331	959	104.21.86.230
e1.o.lencr.org (3)	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1014	2186	95.101.11.115
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	52.42.5.177
alexatracker.com (1)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1196	1240	104.21.85.99
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3246	60310	34.120.237.76
fonts.gstatic.com (2)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	990	42765	142.250.74.35
fonts.googleapis.com (2)	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	728	2307	142.250.74.106
o65532.ingest.sentry.io (1)	747982	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	585	473	34.120.195.249

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-04 15:17:46 UTC	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-03-04 15:17:46 UTC	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-03-04 15:17:47 UTC	medium	Client IP	172.67.209.189	ET POLICY HTTP Request to a *.tk domain
2023-03-04 15:17:55 UTC	high	172.67.209.189	Client IP	ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (b15e4)

Date	UQ / IDS / BL	URL	IP
2023-03-04 15:17:59 UTC	0 - 4 - 0	m6s7p82irtest3.kaspykurmoma.tk/TSKtBH6B?keywo (...)	172.67.209.189
2022-11-09 14:21:21 UTC	0 - 0 - 7	availheave.cn/SIMAN-qll/tb.php?bi=vu1668002942685	172.67.209.189

Date	UQ / IDS / BL	URL	IP
2023-06-07 04:34:26 UTC	0 - 0 - 1	spaceflowg.com/cl/1f2a277d127a93e3	104.21.70.119
2023-06-07 04:31:59 UTC	0 - 3 - 0	smartlifestyletrends.com/lp/miraclesheets-202 (...)	104.26.10.114
2023-06-07 04:31:56 UTC	0 - 3 - 0	smartlifestyletrends.com/lp/miraclesheets-202 (...)	104.26.10.114
2023-06-07 04:31:48 UTC	0 - 3 - 0	pea.newsbreak.com/c/fs0rqq?email=qt7dqc7wv7@s (...)	172.67.36.223
2023-06-07 04:30:22 UTC	0 - 0 - 0	cylect.io	172.67.164.240

Date	UQ / IDS / BL	URL	IP
2023-03-04 15:17:59 UTC	0 - 4 - 0	m6s7p82irtest3.kaspykurmoma.tk/TSKtBH6B?keywo (...)	172.67.209.189

Date	UQ / IDS / BL	URL	IP
2023-03-03 05:48:46 UTC	0 - 0 - 1	dateexotic.com/agEA?usid=2klkn721fs7vk&email= (...)	104.21.34.109
2023-02-16 17:51:33 UTC	0 - 0 - 1	dateexotic.com/agEA?usid=n55us51eige7&email=l (...)	172.67.159.164
2023-02-15 11:33:43 UTC	0 - 2 - 0	jdk5bsk8sctest3.holbestfib.gq/q3bCCwDV?keywor (...)	146.190.75.35
2023-02-11 07:37:10 UTC	0 - 3 - 0	e0bvvbctest3.vinsutab.tk/TSKtBH6B?keyword=jas (...)	146.190.75.35
2023-02-10 02:38:58 UTC	0 - 4 - 0	8qhumabd4test3.inprogenanthinra.tk/q3bCCwDV?k (...)	146.190.75.35

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D74374D27BBE6DF8C6D8F7DA2E5DB0E0B07EFB07A711131B500BC66A12594B88" Last-Modified: Thu, 02 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12474 Expires: Sat, 04 Mar 2023 18:45:42 GMT Date: Sat, 04 Mar 2023 15:17:48 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: cf3bd7bf954753a40867593f59828a19 Sha1: 8812b6b5e4e0725e3a5a7700be3ef0b4c3db4e24 Sha256: d74374d27bbe6df8c6d8f7da2e5db0e0b07efb07a711131b500bc66a12594b88
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D1ADF9C8C7E63C33674A6AF4B4111FE0CE1092D362CA4BF7C7DD00E6B6034F09" Last-Modified: Thu, 02 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2282 Expires: Sat, 04 Mar 2023 15:55:50 GMT Date: Sat, 04 Mar 2023 15:17:48 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a39c6b0123e56e5b89743a8ad25c746e Sha1: feb61559594a73b319532dec130f10068fdf1242 Sha256: d1adf9c8c7e63c33674a6af4b4111fe0ce1092d362ca4bf7c7dd00e6b6034f09
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 04 Mar 2023 15:08:26 GMT age: 562 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 84db75194692d4afe13196bda6f22da8 Sha1: 4c1f49bc973a4917f146d93c8d598344edc021f6 Sha256: a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5463C186F7F30F83BE61E91A980C749B70089E48B234D73A6E7EEB179CFD7EE9" Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2680 Expires: Sat, 04 Mar 2023 16:02:28 GMT Date: Sat, 04 Mar 2023 15:17:48 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d2383d0b67af7368d8e13a3013f4065a Sha1: cdf951e84f87d010cf40b76f7b91e82ad17f374f Sha256: 5463c186f7f30f83be61e91a980c749b70089e48b234d73a6e7eeb179cfd7ee9
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 6jZpryrFz1Yy0A5o/ufCG2bovTFCHETQ2BhWgjcAdJymlt5nLlrirOBwViz5N70dHOkax0g/jrSWST2+KAG85A== x-amz-request-id: N8XKZH81JHFH6BRD x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 04 Mar 2023 15:16:17 GMT age: 91 last-modified: Sat, 18 Feb 2023 20:28:27 GMT etag: "b5ba6334e73496995e3e3a9ecd0eb323" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: b5ba6334e73496995e3e3a9ecd0eb323 Sha1: ad80d3b7718c28364e8c2004fb38a13a1747e462 Sha256: aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 04 Mar 2023 15:17:48 GMT content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /TSKtBH6B?keyword=npl007@slurpmail.net&sub1=clear&sub3=fatec.sp.gov.br HTTP/1.1 Host: m6s7p82irtest3.kaspykurmoma.tk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	172.67.209.189 HTTP/1.1 302 Found Content-Type: text/html; charset=UTF-8 Date: Sat, 04 Mar 2023 15:17:48 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: 0 Location: https://dateexotic.com/agEA?usid=16sa6p51g06kf&email=npl007%40slurpmail.net&sub1=clear_main&prid=16sa6p51g06kf Pragma: no-cache Set-Cookie: _subid=16sa6p51g06kf;Expires=Tuesday, 04-Apr-2023 15:17:48 GMT;Max-Age=2678400;Path=/ b15e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjk4XCI6MTY3Nzk0MzA2OH0sXCJjYW1wYWlnbnNcIjp7XCIzM1wiOjE2Nzc5NDMwNjh9LFwidGltZVwiOjE2Nzc5NDMwNjh9In0.vjiZ4SxPE1wA2PaC-IOo_VJui09d-Z6m26OA32LivxU;Expires=Wednesday, 06-May-2076 06:35:36 GMT;Max-Age=1678029468;Path=/ _token=uuid_16sa6p51g06kf_16sa6p51g06kf6403611c326149.86166628;Expires=Tuesday, 04-Apr-2023 15:17:48 GMT;Max-Age=2678400;Path=/ Vary: Accept-Encoding Access-Control-Allow-Origin: * CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrTe5X6YxhAcRji8hX44nTz3C9pojECYSyEuTokk6S0drTpywc12%2FuQhq90WEZ%2BSymCJI1CprvmDKbMiuLHF14hYVur9aMNmmypn1HlS8KLrpLJWW3ln32csxHN3MMg68L1W%2FuDfV%2FNsw2nPhdNzsQw%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 7a2b168e1de3fab4-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 IDS: - ET POLICY HTTP Request to a *.tk domain - ETPRO WEB_CLIENT Evil Keitaro Set-Cookie Inbound (b15e4)
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 346 ETag: "1D255074ABDC1D6288851878D3822D446522E429A961263C7CDF19D8A11B4A3C" Last-Modified: Thu, 02 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15381 Expires: Sat, 04 Mar 2023 19:34:09 GMT Date: Sat, 04 Mar 2023 15:17:48 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 346 Md5: f81f1eeaf0e4636b15279b192f135bf6 Sha1: a9c1effe795deea76463e78586b2891ec617751a Sha256: 1d255074abdc1d6288851878d3822d446522e429a961263c7cdf19d8a11b4a3c
GET /agEA?usid=16sa6p51g06kf&email=npl007%40slurpmail.net&sub1=clear_main&prid=16sa6p51g06kf HTTP/1.1 Host: dateexotic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	104.21.34.109 HTTP/2 200 OK content-type: text/html date: Sat, 04 Mar 2023 15:17:48 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QB4OM0FzbR7XACh0lmkEZWfpJLMYbIcKKuY1fV62QNDQKT%2F38D5BGKmc8atRoNg71v989DFxYNpkJNKpVY7bIHo0WfzW7mdpJ4R9Q368dVGJbTBKNOW0cHMSpcayzFlVFw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7a2b1691e9b5b51d-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 1204 Md5: c70db56d3e616e7ab71ffd91230cb261 Sha1: be33356f765e214bee87c322b015b3350bca1c6f Sha256: 2e1330bfa028d33f06dd07e53b22426017e889c3ffc3f0d627ca0cfa3fdfc8bc
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 04 Mar 2023 15:03:39 GMT age: 849 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BBA70E7CE85B81A6CA0346956EA2021E29CF94EC13023FA75BD0A7FEC943EB18" Last-Modified: Thu, 02 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20687 Expires: Sat, 04 Mar 2023 21:02:35 GMT Date: Sat, 04 Mar 2023 15:17:48 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ae3a34d88aadc877a7cd4bde2ce637f9 Sha1: 1f2721cd0fcf74835ecbea57506f0f9dd369f62c Sha256: bba70e7ce85b81a6ca0346956ea2021e29cf94ec13023fa75bd0a7fec943eb18
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Gj34HXVnHrM8F5VN3rg2qQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.42.5.177 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: C9ZTi63tvAp/AO//6QqoMoK7rkI= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?r=aHR0cHM6Ly93d3cyLmRhdGVleG90aWMuY29tL2FnRUE%2FdXNpZD0xNnNhNnA1MWcwNmtmJmVtYWlsPW5wbDAwNyU0MHNsdXJwbWFpbC5uZXQmc3ViMT1jbGVhcl9tYWluJnByaWQ9MTZzYTZwNTFnMDZrZiZiZGF0YT1leUprWVhSaElqcDdJbkJzWVhSbWIzSnRJam9pVEdsdWRYZ2dlRGcyWHpZMEluMHNJbVY0ZEhKaElqcDdJazVoZG1sbllYUnZjaTV3YkdGMFptOXliU0k2V3lKTWFXNTFlQ0J3YkdGMFptOXliU0JoYm1RZ1YybHVaRzkzY3lCMWMyVnlJR0ZuWlc1MElHUnZJRzV2ZENCdFlYUmphQ0pkZlN3aVpYSnliM0p6SWpwN0ltbG1jbUZ0WlNJNld5SmpZVzRuZENCaFkyTmxjM01nY0hKdmNHVnlkSGtnWENKaGNIQmxibVJEYUdsc1pGd2lMQ0JrYjJOMWJXVnVkQzVpYjJSNUlHbHpJRzUxYkd3aVhTd2lZMkZ1ZG1GelgyTnZiblJsZUhRaU9sc2lSbUZwYkdWa0lIUnZJR2RsZENCallXNTJZWE1nWTI5dWRHVjRkQ0pkZlN3aVltOTBVMk52Y21VaU9pSXlOQ0o5JmJ0PTE2Nzc5NDMwNjgmYnRoPTI2NTgyNTA4ODM%3D&h=09ba2ddcb84553f66eeb4037d7a53c84 HTTP/1.1 Host: alexatracker.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	104.21.85.99 HTTP/2 301 Moved Permanently date: Sat, 04 Mar 2023 15:17:49 GMT content-length: 0 location: https://www2.dateexotic.com/agEA?usid=16sa6p51g06kf&email=npl007%40slurpmail.net&sub1=clear_main&prid=16sa6p51g06kf&bdata=eyJkYXRhIjp7InBsYXRmb3JtIjoiTGludXggeDg2XzY0In0sImV4dHJhIjp7Ik5hdmlnYXRvci5wbGF0Zm9ybSI6WyJMaW51eCBwbGF0Zm9ybSBhbmQgV2luZG93cyB1c2VyIGFnZW50IGRvIG5vdCBtYXRjaCJdfSwiZXJyb3JzIjp7ImlmcmFtZSI6WyJjYW4ndCBhY2Nlc3MgcHJvcGVydHkgXCJhcHBlbmRDaGlsZFwiLCBkb2N1bWVudC5ib2R5IGlzIG51bGwiXSwiY2FudmFzX2NvbnRleHQiOlsiRmFpbGVkIHRvIGdldCBjYW52YXMgY29udGV4dCJdfSwiYm90U2NvcmUiOiIyNCJ9&bt=1677943068&bth=2658250883&tbsession=644682027395932445&c=2954413873 set-cookie: trbarid=644682027395932445;expires=Mon, 03 Mar 2025 15:17:49 GMT;secure;HttpOnly;SameSite=None;path=/ report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7cT%2B70hpTLjfMnsyGIAdUrN6AzCr5g5PiKXlyzt8qTvxOf3gL44hxIHFKrjDWiYdLG5X2owTeEIHnc6ru%2BXrNEvqaVWIP4VCracY1PSuPvNdxAdOYwLYd%2B41fOyVX4CJFpj"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7a2b16978f04b4ee-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /s/gts1p5/16u-ssn2c3s HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Mar 2023 15:17:49 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 21f643a8d60ae98ffcf5b717fb95bbbb Sha1: eecc188b733b6f5d8fa586e6d1cc3d4eb2b73bcd Sha256: d0bcd361729d14fe2a20e18d78b15ed9edc367944430397dbad7e93844d99c4f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1" Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3550 Expires: Sat, 04 Mar 2023 16:17:00 GMT Date: Sat, 04 Mar 2023 15:17:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 0880782ffbede81650c9d4a97c298bdf Sha1: 0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e Sha256: 77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1" Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3550 Expires: Sat, 04 Mar 2023 16:17:00 GMT Date: Sat, 04 Mar 2023 15:17:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 0880782ffbede81650c9d4a97c298bdf Sha1: 0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e Sha256: 77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1" Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3550 Expires: Sat, 04 Mar 2023 16:17:00 GMT Date: Sat, 04 Mar 2023 15:17:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 0880782ffbede81650c9d4a97c298bdf Sha1: 0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e Sha256: 77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fa5dc9-caa3-4f10-8e11-c553d77d1884.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7886 x-amzn-requestid: 9cb90846-b1a7-49fb-ab01-7e9f4ecfc30a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BOUpEHlfIAMFvGQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640267d3-1baf25c4405b13a67a2ecb42;Sampled=0 x-amzn-remapped-date: Fri, 03 Mar 2023 21:34:11 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: mo7cvMiY2AEIqpTWerCZSZaLN7Yxi_UQ3jDTDRqcvchk5G8T8JPm2g== via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Mar 2023 22:04:09 GMT etag: "59aeb0f0ef8e254f09235f188e954c710d58cd62" age: 62021 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 11415 Md5: c8c42a4be4bc53b94956488b51354235 Sha1: 5d3c8f34a35fa4278d0a995c2c1eb1e945b6bd03 Sha256: 217ffda314463c8362003b6170e86eb72e2844ca6b6a6207011c3672c45313f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48d8d31e-4b2c-47bc-986c-48a254f89921.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 14462 x-amzn-requestid: 25020f42-5ab6-41d9-a639-86e97d45c800 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BOUnoH0UoAMFk6A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640267ca-320998a5399634120d4bbc4c;Sampled=0 x-amzn-remapped-date: Fri, 03 Mar 2023 21:34:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Miss from cloudfront x-amz-cf-id: XOKJzIm30bWJt4A2aDLB09WiR6mjX-s-u2yZTOsZlIM1N9VRHNIkbw== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Mar 2023 22:02:00 GMT age: 62150 etag: "936c9e53f91cfbd735c8799436c2d1b639aabc39" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 14462 Md5: 94d08004ad57e967c969c2f515226cc4 Sha1: 936c9e53f91cfbd735c8799436c2d1b639aabc39 Sha256: 3a9f38ac2c1bd7129e65671ef7278cd84c0c587c8f1bddff67942c0cd123a85c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc87cbe69-ed83-442f-9aa8-06e8e40b4171.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7930 x-amzn-requestid: aeab21c8-b182-4fb9-98d9-7105070d018a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BOUnpG11oAMFw0Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640267ca-4bc2f30375de585c11002cc6;Sampled=0 x-amzn-remapped-date: Fri, 03 Mar 2023 21:34:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: o1LrVFzmaABJFedKhh9iIiiKNvXY0O6Z2I8gzKKmZc29dSp92PJBPw== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Mar 2023 21:44:58 GMT age: 63172 etag: "0b9f1ebe49d4fddf773de442ec6612813804af2b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7930 Md5: 380b24ddd315c60ce79f25e81d4e7082 Sha1: 0b9f1ebe49d4fddf773de442ec6612813804af2b Sha256: 9eeb7457750942abfdec741e059e84f3ffe589d976a1f693f384dad6690dad53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe438a253-9de3-434d-86fd-3c9c4b9837aa.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8961 x-amzn-requestid: 4bb2be1d-9522-41ab-982d-3972b289a775 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BJCcnEFyIAMFznw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64004ab6-3f6b26e726a08c9928bffb74;Sampled=0 x-amzn-remapped-date: Thu, 02 Mar 2023 07:05:26 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: NAt2bz3CKEB8qOwq6pY6Sb14_9ideYLufPWCnc-IWFEr8Hnqu4MTTg== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Mar 2023 05:15:45 GMT age: 36125 etag: "3546a22f843406ea91b147776bc37d76251098cd" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8961 Md5: 39b91f591a06e5a4643021ff56be3255 Sha1: 3546a22f843406ea91b147776bc37d76251098cd Sha256: 7c51e000c2ab2925cd800fc90ac15f8f60f8484b10211fc02ae93a8b7c0bc2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa5e06fd-9d0e-41ee-8678-21dea6944665.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7800 x-amzn-requestid: 681a2aa5-9c6f-490c-b242-1753c36fdc64 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: BOUnpFgioAMFyKg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-640267ca-62e802682b78f9b45dda8d02;Sampled=0 x-amzn-remapped-date: Fri, 03 Mar 2023 21:34:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: 5XlAb6FGmPmAfR_OFr0dR_85TQNxhpxttObxFQr2ZolxUHWGpdCrpQ== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Mar 2023 22:02:00 GMT age: 62150 etag: "3dd3708456dcd4ccee428a138914a3778eb70916" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7800 Md5: 60b7f43334c20780a2078a3b260ef4f2 Sha1: 3dd3708456dcd4ccee428a138914a3778eb70916 Sha256: 504d47af2f5f6cf35abf189aed6fa03aacfaac6123550766928337c8f1e52be7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3381 x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: A-PNPFynoAMFn8Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0 x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: 20gfRWuEZKeWijeUdUr10sCx8uqri-zpK-KTXBJrZaQOm3V1Gk8KQw== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 0ec9ddba08fcd99386924593dbdbd44a.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Mar 2023 11:26:51 GMT age: 13859 etag: "4619a0418ee08d6618ead537f31823c98f355b5a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3381 Md5: 4726917eabc29a977873ad26e264e70d Sha1: 4619a0418ee08d6618ead537f31823c98f355b5a Sha256: d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "0DF594D4DE1617B6A6207BB56DFACEA9F4158C09AFBBEC188D34B2B45AD56772" Last-Modified: Thu, 02 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2403 Expires: Sat, 04 Mar 2023 15:57:53 GMT Date: Sat, 04 Mar 2023 15:17:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: fb4a3d919cdea3666532643131bb86ba Sha1: 6436f5e590d98fea6e79a7e6f655d9285e3be8ef Sha256: 0df594d4de1617b6a6207bb56dfacea9f4158c09afbbec188d34b2b45ad56772
GET /f44bbfb9a37b4915ac9fa50036de00f6.min.js HTTP/1.1 Host: js.sentry-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://freedatingero.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	151.101.194.217 HTTP/2 200 OK content-type: text/javascript access-control-allow-origin: * cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000 x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 1; mode=block x-envoy-attempt-count: 1 x-envoy-upstream-service-time: 13 content-encoding: gzip accept-ranges: bytes date: Sat, 04 Mar 2023 15:17:50 GMT age: 4 x-served-by: getsentry-web-default-common-production-69576866df-cgxn4, cache-bma1674-BMA vary: Accept-Encoding timing-allow-origin: https://sentry.io strict-transport-security: max-age=31536000; includeSubDomains content-length: 1065 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (501) Size: 1065 Md5: ed1b63893aea52b8a9874fafecd58ce8 Sha1: d1dc315cb4cd4c24e110bbde356815ebe83bfab1 Sha256: b55e68e34c69e0b6aec13761c6db0d31b17c0a37c773cf75dcf90b8541abf52a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Mar 2023 15:17:50 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 35581ace600d770dec39bc13c3e6d3ce Sha1: daa82881ab8e71d1c2a78b1fbd5f7e19a670825f Sha256: 06612647f91ce64d5c878b2c2108b5a909778d7c8d6cd0e2fa381b38960ede70
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Mar 2023 15:17:50 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 6da779acb12dfc1041cbaf3a5c1f5ff3 Sha1: 4f1749a2339a8af009b5b02bb427071ef06bd5f3 Sha256: 45407bbfb8b7ec7d6459716c907161aca7f563ecbff0812b2687e00181c1b425
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 345 ETag: "0DF594D4DE1617B6A6207BB56DFACEA9F4158C09AFBBEC188D34B2B45AD56772" Last-Modified: Thu, 02 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2403 Expires: Sat, 04 Mar 2023 15:57:53 GMT Date: Sat, 04 Mar 2023 15:17:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 345 Md5: fb4a3d919cdea3666532643131bb86ba Sha1: 6436f5e590d98fea6e79a7e6f655d9285e3be8ef Sha256: 0df594d4de1617b6a6207bb56dfacea9f4158c09afbbec188d34b2b45ad56772
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	216.58.207.202 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 31021 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 02 Mar 2023 13:36:02 GMT expires: Fri, 01 Mar 2024 13:36:02 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Fri, 08 May 2020 07:05:03 GMT vary: Accept-Encoding age: 178908 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 31021 Md5: 903bc7a7e510f87aa5d0201eb59a0832 Sha1: ac9aa4dd94cde1bcba9037e94087138b127e41fc Sha256: 41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /css?family=Montserrat:100,400,700,900 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 04 Mar 2023 15:17:50 GMT date: Sat, 04 Mar 2023 15:17:50 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 1047 Md5: 423e4b3ab72b870e4d653242acab59bd Sha1: 22adcc4709890bfe8796b8ca7a9f293cdeb0609f Sha256: 734d96f0312cf75fcad9c81f4e76c617e3b59634ceca41d7fcbcc7125558ed7c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Mar 2023 15:17:50 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 35581ace600d770dec39bc13c3e6d3ce Sha1: daa82881ab8e71d1c2a78b1fbd5f7e19a670825f Sha256: 06612647f91ce64d5c878b2c2108b5a909778d7c8d6cd0e2fa381b38960ede70
POST /s/gts1p5/16u-ssn2c3s HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Mar 2023 15:17:50 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 21f643a8d60ae98ffcf5b717fb95bbbb Sha1: eecc188b733b6f5d8fa586e6d1cc3d4eb2b73bcd Sha256: d0bcd361729d14fe2a20e18d78b15ed9edc367944430397dbad7e93844d99c4f
GET /7.40.0/bundle.es5.min.js HTTP/1.1 Host: browser.sentry-cdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://freedatingero.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	151.101.194.217 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 cache-control: public, max-age=31536000 expires: Thu, 29 Feb 2024 18:51:36 GMT last-modified: Wed, 01 Mar 2023 18:20:41 GMT etag: "14da9da54aa21381974d858dd680e195" content-encoding: gzip accept-ranges: bytes date: Sat, 04 Mar 2023 15:17:50 GMT age: 246373 vary: Accept-Encoding access-control-allow-origin: * server: Fastly strict-transport-security: max-age=31536000; includeSubDomains content-length: 20830 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (64313) Size: 20830 Md5: 14da9da54aa21381974d858dd680e195 Sha1: 1bea72143962fbecfe3dcbf96fb63bae87dac1fd Sha256: 7b503af6191c7d084d45c6a01bd4c2562bd36432c4438854cdaf521aa70baed6
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Mar 2023 15:17:50 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 4be530c8bac3770aa82031b8e7120240 Sha1: 1ded9e0b0974a9148092ad39df90bcdb2f380015 Sha256: 5ba3f1f95f816a34181126e8b1b09beb99faf496d5c256abf65f7ca0f4fa1e50
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Mar 2023 15:17:50 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 4be530c8bac3770aa82031b8e7120240 Sha1: 1ded9e0b0974a9148092ad39df90bcdb2f380015 Sha256: 5ba3f1f95f816a34181126e8b1b09beb99faf496d5c256abf65f7ca0f4fa1e50
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Mar 2023 15:17:50 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: bba672a94dfc9e79665ea44b23f9c19b Sha1: 2458a0439e4567374f0475945def58c7da12660c Sha256: baebcf0e9740e2dde753635e7d46c61eb293957c0497a75d56cabf6af212ddb6
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://freedatingero.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	142.250.74.35 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 30928 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 04 Mar 2023 12:25:55 GMT expires: Sun, 03 Mar 2024 12:25:55 GMT cache-control: public, max-age=31536000 last-modified: Mon, 11 Jul 2022 18:57:39 GMT age: 10315 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Size: 30928 Md5: ac0d2859ea5f8fd6bcb3c305c08ec184 Sha1: 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://freedatingero.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	142.250.74.35 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 10172 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 02 Mar 2023 18:05:47 GMT expires: Fri, 01 Mar 2024 18:05:47 GMT cache-control: public, max-age=31536000 age: 162723 last-modified: Mon, 18 Jul 2022 19:23:34 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data Size: 10172 Md5: 58e5c92fd1a1fc89b8ca6d74ce4793b8 Sha1: 337771c465778aeed6de18195e0cbe9d9098d299 Sha256: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C4D67DDDE5612D93AF679747D109B5530A10984B925870AE595342B9F7BE7F1C" Last-Modified: Thu, 02 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17323 Expires: Sat, 04 Mar 2023 20:06:33 GMT Date: Sat, 04 Mar 2023 15:17:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 20c74540d00e1b786cba7dfe2b625238 Sha1: 54aeca57f4b7b8be630710be976166f0ff9d8884 Sha256: c4d67ddde5612d93af679747d109b5530a10984b925870ae595342b9f7be7f1c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Mar 2023 15:17:50 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 4be530c8bac3770aa82031b8e7120240 Sha1: 1ded9e0b0974a9148092ad39df90bcdb2f380015 Sha256: 5ba3f1f95f816a34181126e8b1b09beb99faf496d5c256abf65f7ca0f4fa1e50
POST /api/6161109/envelope/?sentry_key=f44bbfb9a37b4915ac9fa50036de00f6&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.40.0 HTTP/1.1 Host: o65532.ingest.sentry.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://freedatingero.com/ Content-Type: text/plain;charset=UTF-8 Origin: https://freedatingero.com Content-Length: 426 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.195.249 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 04 Mar 2023 15:17:50 GMT content-length: 2 access-control-allow-origin: https://freedatingero.com access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits vary: Origin x-envoy-upstream-service-time: 0 strict-transport-security: max-age=31536000; includeSubDomains; preload via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 2 Md5: 99914b932bd37a50b983c5e7c90ae93b Sha1: bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C4D67DDDE5612D93AF679747D109B5530A10984B925870AE595342B9F7BE7F1C" Last-Modified: Thu, 02 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17323 Expires: Sat, 04 Mar 2023 20:06:33 GMT Date: Sat, 04 Mar 2023 15:17:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 20c74540d00e1b786cba7dfe2b625238 Sha1: 54aeca57f4b7b8be630710be976166f0ff9d8884 Sha256: c4d67ddde5612d93af679747d109b5530a10984b925870ae595342b9f7be7f1c
OPTIONS /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Origin: https://freedatingero.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	172.64.163.28 HTTP/2 204 No Content date: Sat, 04 Mar 2023 15:17:51 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: content-type strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFmutPyblEHKyVSe%2B5lHZvXsbfUL%2FdCJWO1xC2A8cAKAl%2Fcy4NPrEepafJ%2FNHJQCBjnygcECaQ%2FuvayrHL%2FUpHjMlTaDW7BNggSSWMvdDSIufPoTh9YdgoXukiZD%2BVmen6IT"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7a2b16a17c997509-LHR alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /get-keys HTTP/1.1 Host: app.api-push.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 177 Origin: https://freedatingero.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	172.64.163.28 HTTP/2 200 OK content-type: application/json; charset=utf-8 date: Sat, 04 Mar 2023 15:17:51 GMT vary: Origin access-control-allow-origin: * access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept strict-transport-security: max-age=15724800; includeSubDomains cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgbKJkWPjtFcS1vUk0A307msUvem1WMqPMwK6ZEH%2BeaQK9den2SJ%2Bm2I2TGzHsS62msSyhpuKnQpG%2BaoGV18bQV%2BHmhRBiQ7Qg6O%2BHi8jR%2FDyYQGXt1E%2FJzfO4chsTh5n1OD"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7a2b16a23d307509-LHR content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /css?family=Oswald:700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 04 Mar 2023 15:17:50 GMT date: Sat, 04 Mar 2023 15:17:50 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /GwAA/12186/oth?i=UJY8LmQDYR0&u=644682027395932445 HTTP/1.1 Host: freedatingero.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://dateexotic.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	104.21.9.26 HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Sat, 04 Mar 2023 15:17:50 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mEQ%2BEJWuVzDhDrBlNTh1iq8Ie3xIn2dg1BNscglg3WHcuJSdXxNF2tqMBnZQwVzxRBk%2F4BEAFdvb%2Bb9hN2QCX7eHADy1W5%2BKwzQkr%2F5rSIf6dlC1CDgWcGyvnrW1YIjxEy8vQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7a2b169b8ca3b505-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /cdn/push.min.js HTTP/1.1 Host: cdn-static3.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	104.21.86.230 HTTP/2 200 OK content-type: application/x-javascript date: Sat, 04 Mar 2023 15:17:50 GMT content-security-policy: block-all-mixed-content etag: W/"44c9e373bc246e347c8420a2eb8f54d4" last-modified: Mon, 06 Jun 2022 20:30:35 GMT strict-transport-security: max-age=15724800; includeSubDomains vary: Origin, Accept-Encoding x-amz-request-id: 16F62DA8BBE7EAAC x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: max-age=14400 cf-cache-status: HIT age: 3920 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiVpKH6tJ1hVm0XqnJ4u4K1HDMYJlvn2sxQz0zasHxy4qDtWTi%2B4B8MIr9LHFHfpxFX4Y3zYjPjAsE17Okk4gA5AJQBHqwouLUsjGF4RMuN8luqbwkRzZ6AryBBy26HX2og%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7a2b169f4bf0b4fa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:
GET /static/BAAA/style.css HTTP/1.1 Host: freedatingero.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	104.21.9.26 HTTP/2 200 OK content-type: text/css date: Sat, 04 Mar 2023 15:17:50 GMT last-modified: Mon, 04 Mar 2019 12:10:26 GMT etag: W/"5c7d15b2-2341" access-control-allow-origin: * cache-control: max-age=14400 cf-cache-status: REVALIDATED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXSGFP8YU3JoyWR8isCOWuAm5QYg43iEsWyVNn7gN%2Fksh11YdrMwJT9qsZnfefglRdwMjtBKrpqmU24JP7oTPRWszB4waZmlS8FBic1KWvTLNqlwlzjjXeYDdOwYdiODtGihXg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7a2b169f0990b505-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256:

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.36.76.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "D1ADF9C8C7E63C33674A6AF4B4111FE0CE1092D362CA4BF7C7DD00E6B6034F09" 

                                            
                                                
Last-Modified: Thu, 02 Mar 2023 14:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=2282 

                                            
                                                
Expires: Sat, 04 Mar 2023 15:55:50 GMT 

                                            
                                                
Date: Sat, 04 Mar 2023 15:17:48 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    a39c6b0123e56e5b89743a8ad25c746e

                                                Sha1:   feb61559594a73b319532dec130f10068fdf1242

                                                Sha256: d1adf9c8c7e63c33674a6af4b4111fe0ce1092d362ca4bf7c7dd00e6b6034f09

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.36.76.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "5463C186F7F30F83BE61E91A980C749B70089E48B234D73A6E7EEB179CFD7EE9" 

                                            
                                                
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=2680 

                                            
                                                
Expires: Sat, 04 Mar 2023 16:02:28 GMT 

                                            
                                                
Date: Sat, 04 Mar 2023 15:17:48 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    d2383d0b67af7368d8e13a3013f4065a

                                                Sha1:   cdf951e84f87d010cf40b76f7b91e82ad17f374f

                                                Sha256: 5463c186f7f30f83be61e91a980c749b70089e48b234d73a6e7eeb179cfd7ee9

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.117.237.239

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json

                                            

                                            
                                                
server: nginx 

                                            
                                                
date: Sat, 04 Mar 2023 15:17:48 GMT 

                                            
                                                
content-length: 12 

                                            
                                                
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers 

                                            
                                                
access-control-allow-credentials: true 

                                            
                                                
access-control-expose-headers: content-type 

                                            
                                                
strict-transport-security: max-age=31536000 

                                            
                                                
via: 1.1 google 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             95.101.11.115

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 346 

                                            
                                                
ETag: "1D255074ABDC1D6288851878D3822D446522E429A961263C7CDF19D8A11B4A3C" 

                                            
                                                
Last-Modified: Thu, 02 Mar 2023 06:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=15381 

                                            
                                                
Expires: Sat, 04 Mar 2023 19:34:09 GMT 

                                            
                                                
Date: Sat, 04 Mar 2023 15:17:48 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   346

                                                Md5:    f81f1eeaf0e4636b15279b192f135bf6

                                                Sha1:   a9c1effe795deea76463e78586b2891ec617751a

                                                Sha256: 1d255074abdc1d6288851878d3822d446522e429a961263c7cdf19d8a11b4a3c

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             35.241.9.150

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json

                                            

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires 

                                            
                                                
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                            
                                                
strict-transport-security: max-age=31536000 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
content-length: 329 

                                            
                                                
via: 1.1 google 

                                            
                                                
date: Sat, 04 Mar 2023 15:03:39 GMT 

                                            
                                                
age: 849 

                                            
                                                
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                            
                                                
etag: "1648230346554" 

                                            
                                                
cache-control: max-age=3600,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: Gj34HXVnHrM8F5VN3rg2qQ== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                        
                                             52.42.5.177

                                            
                                                HTTP/1.1 101 Switching Protocols

                                            

                                            
                                                
Connection: Upgrade 

                                            
                                                
Upgrade: websocket 

                                            
                                                
Sec-WebSocket-Accept: C9ZTi63tvAp/AO//6QqoMoK7rkI= 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /s/gts1p5/16u-ssn2c3s HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             142.250.74.131

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Date: Sat, 04 Mar 2023 15:17:49 GMT 

                                            
                                                
Cache-Control: public, max-age=14400 

                                            
                                                
Server: scaffolding on HTTPServer2 

                                            
                                                
Content-Length: 471 

                                            
                                                
X-XSS-Protection: 0 

                                            
                                                
X-Frame-Options: SAMEORIGIN 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   471

                                                Md5:    21f643a8d60ae98ffcf5b717fb95bbbb

                                                Sha1:   eecc188b733b6f5d8fa586e6d1cc3d4eb2b73bcd

                                                Sha256: d0bcd361729d14fe2a20e18d78b15ed9edc367944430397dbad7e93844d99c4f

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.36.76.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1" 

                                            
                                                
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=3550 

                                            
                                                
Expires: Sat, 04 Mar 2023 16:17:00 GMT 

                                            
                                                
Date: Sat, 04 Mar 2023 15:17:50 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    0880782ffbede81650c9d4a97c298bdf

                                                Sha1:   0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e

                                                Sha256: 77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2fa5dc9-caa3-4f10-8e11-c553d77d1884.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
server: nginx 

                                            
                                                
content-length: 7886 

                                            
                                                
x-amzn-requestid: 9cb90846-b1a7-49fb-ab01-7e9f4ecfc30a 

                                            
                                                
x-xss-protection: 1; mode=block 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                            
                                                
x-frame-options: DENY 

                                            
                                                
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                            
                                                
x-amz-apigw-id: BOUpEHlfIAMFvGQ= 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
x-amzn-trace-id: Root=1-640267d3-1baf25c4405b13a67a2ecb42;Sampled=0 

                                            
                                                
x-amzn-remapped-date: Fri, 03 Mar 2023 21:34:11 GMT 

                                            
                                                
x-amz-cf-pop: HIO50-C1, SEA19-C3 

                                            
                                                
x-cache: Miss from cloudfront 

                                            
                                                
x-amz-cf-id: mo7cvMiY2AEIqpTWerCZSZaLN7Yxi_UQ3jDTDRqcvchk5G8T8JPm2g== 

                                            
                                                
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google 

                                            
                                                
date: Fri, 03 Mar 2023 22:04:09 GMT 

                                            
                                                
etag: "59aeb0f0ef8e254f09235f188e954c710d58cd62" 

                                            
                                                
age: 62021 

                                            
                                                
cache-control: max-age=3600,public,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   11415

                                                Md5:    c8c42a4be4bc53b94956488b51354235

                                                Sha1:   5d3c8f34a35fa4278d0a995c2c1eb1e945b6bd03

                                                Sha256: 217ffda314463c8362003b6170e86eb72e2844ca6b6a6207011c3672c45313f0

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc87cbe69-ed83-442f-9aa8-06e8e40b4171.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
server: nginx 

                                            
                                                
content-length: 7930 

                                            
                                                
x-amzn-requestid: aeab21c8-b182-4fb9-98d9-7105070d018a 

                                            
                                                
x-xss-protection: 1; mode=block 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                            
                                                
x-frame-options: DENY 

                                            
                                                
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                            
                                                
x-amz-apigw-id: BOUnpG11oAMFw0Q= 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
x-amzn-trace-id: Root=1-640267ca-4bc2f30375de585c11002cc6;Sampled=0 

                                            
                                                
x-amzn-remapped-date: Fri, 03 Mar 2023 21:34:02 GMT 

                                            
                                                
x-amz-cf-pop: HIO50-C1, SEA19-C3 

                                            
                                                
x-cache: Hit from cloudfront 

                                            
                                                
x-amz-cf-id: o1LrVFzmaABJFedKhh9iIiiKNvXY0O6Z2I8gzKKmZc29dSp92PJBPw== 

                                            
                                                
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google 

                                            
                                                
date: Fri, 03 Mar 2023 21:44:58 GMT 

                                            
                                                
age: 63172 

                                            
                                                
etag: "0b9f1ebe49d4fddf773de442ec6612813804af2b" 

                                            
                                                
cache-control: max-age=3600,public,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7930

                                                Md5:    380b24ddd315c60ce79f25e81d4e7082

                                                Sha1:   0b9f1ebe49d4fddf773de442ec6612813804af2b

                                                Sha256: 9eeb7457750942abfdec741e059e84f3ffe589d976a1f693f384dad6690dad53

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa5e06fd-9d0e-41ee-8678-21dea6944665.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
server: nginx 

                                            
                                                
content-length: 7800 

                                            
                                                
x-amzn-requestid: 681a2aa5-9c6f-490c-b242-1753c36fdc64 

                                            
                                                
x-xss-protection: 1; mode=block 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                            
                                                
x-frame-options: DENY 

                                            
                                                
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                            
                                                
x-amz-apigw-id: BOUnpFgioAMFyKg= 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
x-amzn-trace-id: Root=1-640267ca-62e802682b78f9b45dda8d02;Sampled=0 

                                            
                                                
x-amzn-remapped-date: Fri, 03 Mar 2023 21:34:02 GMT 

                                            
                                                
x-amz-cf-pop: HIO50-C1, SEA19-C3 

                                            
                                                
x-cache: Hit from cloudfront 

                                            
                                                
x-amz-cf-id: 5XlAb6FGmPmAfR_OFr0dR_85TQNxhpxttObxFQr2ZolxUHWGpdCrpQ== 

                                            
                                                
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google 

                                            
                                                
date: Fri, 03 Mar 2023 22:02:00 GMT 

                                            
                                                
age: 62150 

                                            
                                                
etag: "3dd3708456dcd4ccee428a138914a3778eb70916" 

                                            
                                                
cache-control: max-age=3600,public,public 

                                            
                                                
alt-svc: clear 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7800

                                                Md5:    60b7f43334c20780a2078a3b260ef4f2

                                                Sha1:   3dd3708456dcd4ccee428a138914a3778eb70916

                                                Sha256: 504d47af2f5f6cf35abf189aed6fa03aacfaac6123550766928337c8f1e52be7

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             95.101.11.115

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 345 

                                            
                                                
ETag: "0DF594D4DE1617B6A6207BB56DFACEA9F4158C09AFBBEC188D34B2B45AD56772" 

                                            
                                                
Last-Modified: Thu, 02 Mar 2023 06:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=2403 

                                            
                                                
Expires: Sat, 04 Mar 2023 15:57:53 GMT 

                                            
                                                
Date: Sat, 04 Mar 2023 15:17:50 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   345

                                                Md5:    fb4a3d919cdea3666532643131bb86ba

                                                Sha1:   6436f5e590d98fea6e79a7e6f655d9285e3be8ef

                                                Sha256: 0df594d4de1617b6a6207bb56dfacea9f4158c09afbbec188d34b2b45ad56772

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             142.250.74.131

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Date: Sat, 04 Mar 2023 15:17:50 GMT 

                                            
                                                
Cache-Control: public, max-age=14400 

                                            
                                                
Server: ocsp_responder 

                                            
                                                
Content-Length: 472 

                                            
                                                
X-XSS-Protection: 0 

                                            
                                                
X-Frame-Options: SAMEORIGIN 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   472

                                                Md5:    35581ace600d770dec39bc13c3e6d3ce

                                                Sha1:   daa82881ab8e71d1c2a78b1fbd5f7e19a670825f

                                                Sha256: 06612647f91ce64d5c878b2c2108b5a909778d7c8d6cd0e2fa381b38960ede70

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: e1.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             95.101.11.115

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 345 

                                            
                                                
ETag: "0DF594D4DE1617B6A6207BB56DFACEA9F4158C09AFBBEC188D34B2B45AD56772" 

                                            
                                                
Last-Modified: Thu, 02 Mar 2023 06:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=2403 

                                            
                                                
Expires: Sat, 04 Mar 2023 15:57:53 GMT 

                                            
                                                
Date: Sat, 04 Mar 2023 15:17:50 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   345

                                                Md5:    fb4a3d919cdea3666532643131bb86ba

                                                Sha1:   6436f5e590d98fea6e79a7e6f655d9285e3be8ef

                                                Sha256: 0df594d4de1617b6a6207bb56dfacea9f4158c09afbbec188d34b2b45ad56772

                                        
                                            GET /css?family=Montserrat:100,400,700,900 HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             142.250.74.106

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/css; charset=utf-8

                                            

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
timing-allow-origin: * 

                                            
                                                
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                            
                                                
strict-transport-security: max-age=31536000 

                                            
                                                
expires: Sat, 04 Mar 2023 15:17:50 GMT 

                                            
                                                
date: Sat, 04 Mar 2023 15:17:50 GMT 

                                            
                                                
cache-control: private, max-age=86400 

                                            
                                                
cross-origin-opener-policy: same-origin-allow-popups 

                                            
                                                
cross-origin-resource-policy: cross-origin 

                                            
                                                
content-encoding: gzip 

                                            
                                                
server: ESF 

                                            
                                                
x-xss-protection: 0 

                                            
                                                
x-frame-options: SAMEORIGIN 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   1047

                                                Md5:    423e4b3ab72b870e4d653242acab59bd

                                                Sha1:   22adcc4709890bfe8796b8ca7a9f293cdeb0609f

                                                Sha256: 734d96f0312cf75fcad9c81f4e76c617e3b59634ceca41d7fcbcc7125558ed7c

                                        
                                            POST /s/gts1p5/16u-ssn2c3s HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             142.250.74.131

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Date: Sat, 04 Mar 2023 15:17:50 GMT 

                                            
                                                
Cache-Control: public, max-age=14400 

                                            
                                                
Server: scaffolding on HTTPServer2 

                                            
                                                
Content-Length: 471 

                                            
                                                
X-XSS-Protection: 0 

                                            
                                                
X-Frame-Options: SAMEORIGIN 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   471

                                                Md5:    21f643a8d60ae98ffcf5b717fb95bbbb

                                                Sha1:   eecc188b733b6f5d8fa586e6d1cc3d4eb2b73bcd

                                                Sha256: d0bcd361729d14fe2a20e18d78b15ed9edc367944430397dbad7e93844d99c4f

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             142.250.74.131

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Date: Sat, 04 Mar 2023 15:17:50 GMT 

                                            
                                                
Cache-Control: public, max-age=14400 

                                            
                                                
Server: ocsp_responder 

                                            
                                                
Content-Length: 472 

                                            
                                                
X-XSS-Protection: 0 

                                            
                                                
X-Frame-Options: SAMEORIGIN 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   472

                                                Md5:    4be530c8bac3770aa82031b8e7120240

                                                Sha1:   1ded9e0b0974a9148092ad39df90bcdb2f380015

                                                Sha256: 5ba3f1f95f816a34181126e8b1b09beb99faf496d5c256abf65f7ca0f4fa1e50

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             142.250.74.131

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Date: Sat, 04 Mar 2023 15:17:50 GMT 

                                            
                                                
Cache-Control: public, max-age=14400 

                                            
                                                
Server: ocsp_responder 

                                            
                                                
Content-Length: 472 

                                            
                                                
X-XSS-Protection: 0 

                                            
                                                
X-Frame-Options: SAMEORIGIN 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   472

                                                Md5:    bba672a94dfc9e79665ea44b23f9c19b

                                                Sha1:   2458a0439e4567374f0475945def58c7da12660c

                                                Sha256: baebcf0e9740e2dde753635e7d46c61eb293957c0497a75d56cabf6af212ddb6

                                        
                                            GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://freedatingero.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             142.250.74.35

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: font/woff2

                                            

                                            
                                                
accept-ranges: bytes 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                            
                                                
cross-origin-resource-policy: cross-origin 

                                            
                                                
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                            
                                                
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                            
                                                
timing-allow-origin: * 

                                            
                                                
content-length: 10172 

                                            
                                                
x-content-type-options: nosniff 

                                            
                                                
server: sffe 

                                            
                                                
x-xss-protection: 0 

                                            
                                                
date: Thu, 02 Mar 2023 18:05:47 GMT 

                                            
                                                
expires: Fri, 01 Mar 2024 18:05:47 GMT 

                                            
                                                
cache-control: public, max-age=31536000 

                                            
                                                
age: 162723 

                                            
                                                
last-modified: Mon, 18 Jul 2022 19:23:34 GMT 

                                            
                                                
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  Web Open Font Format (Version 2), TrueType, length 10172, version 1.0\012- data

                                                Size:   10172

                                                Md5:    58e5c92fd1a1fc89b8ca6d74ce4793b8

                                                Sha1:   337771c465778aeed6de18195e0cbe9d9098d299

                                                Sha256: 6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             142.250.74.131

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Date: Sat, 04 Mar 2023 15:17:50 GMT 

                                            
                                                
Cache-Control: public, max-age=14400 

                                            
                                                
Server: ocsp_responder 

                                            
                                                
Content-Length: 472 

                                            
                                                
X-XSS-Protection: 0 

                                            
                                                
X-Frame-Options: SAMEORIGIN 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   472

                                                Md5:    4be530c8bac3770aa82031b8e7120240

                                                Sha1:   1ded9e0b0974a9148092ad39df90bcdb2f380015

                                                Sha256: 5ba3f1f95f816a34181126e8b1b09beb99faf496d5c256abf65f7ca0f4fa1e50

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             23.36.76.226

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: application/ocsp-response

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Content-Length: 503 

                                            
                                                
ETag: "C4D67DDDE5612D93AF679747D109B5530A10984B925870AE595342B9F7BE7F1C" 

                                            
                                                
Last-Modified: Thu, 02 Mar 2023 05:00:00 UTC 

                                            
                                                
Cache-Control: public, no-transform, must-revalidate, max-age=17323 

                                            
                                                
Expires: Sat, 04 Mar 2023 20:06:33 GMT 

                                            
                                                
Date: Sat, 04 Mar 2023 15:17:50 GMT 

                                            
                                                
Connection: keep-alive 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  data

                                                Size:   503

                                                Md5:    20c74540d00e1b786cba7dfe2b625238

                                                Sha1:   54aeca57f4b7b8be630710be976166f0ff9d8884

                                                Sha256: c4d67ddde5612d93af679747d109b5530a10984b925870ae595342b9f7be7f1c

                                        
                                            POST /get-keys HTTP/1.1 

                                        
                                            
Host: app.api-push.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Content-Length: 177 

                                        
                                            
Origin: https://freedatingero.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                        
                                             172.64.163.28

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: application/json; charset=utf-8

                                            

                                            
                                                
date: Sat, 04 Mar 2023 15:17:51 GMT 

                                            
                                                
vary: Origin 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH 

                                            
                                                
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept 

                                            
                                                
strict-transport-security: max-age=15724800; includeSubDomains 

                                            
                                                
cf-cache-status: DYNAMIC 

                                            
                                                
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgbKJkWPjtFcS1vUk0A307msUvem1WMqPMwK6ZEH%2BeaQK9den2SJ%2Bm2I2TGzHsS62msSyhpuKnQpG%2BaoGV18bQV%2BHmhRBiQ7Qg6O%2BHi8jR%2FDyYQGXt1E%2FJzfO4chsTh5n1OD"}],"group":"cf-nel","max_age":604800} 

                                            
                                                
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                            
                                                
server: cloudflare 

                                            
                                                
cf-ray: 7a2b16a23d307509-LHR 

                                            
                                                
content-encoding: br 

                                            
                                                
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

                                        
                                            GET /GwAA/12186/oth?i=UJY8LmQDYR0&u=644682027395932445 HTTP/1.1 

                                        
                                            
Host: freedatingero.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://dateexotic.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                        
                                             104.21.9.26

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/html; charset=UTF-8

                                            

                                            
                                                
date: Sat, 04 Mar 2023 15:17:50 GMT 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
cf-cache-status: DYNAMIC 

                                            
                                                
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mEQ%2BEJWuVzDhDrBlNTh1iq8Ie3xIn2dg1BNscglg3WHcuJSdXxNF2tqMBnZQwVzxRBk%2F4BEAFdvb%2Bb9hN2QCX7eHADy1W5%2BKwzQkr%2F5rSIf6dlC1CDgWcGyvnrW1YIjxEy8vQ%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                            
                                                
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                            
                                                
server: cloudflare 

                                            
                                                
cf-ray: 7a2b169b8ca3b505-OSL 

                                            
                                                
content-encoding: br 

                                            
                                                
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

                                        
                                            GET /static/BAAA/style.css HTTP/1.1 

                                        
                                            
Host: freedatingero.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                        
                                             104.21.9.26

                                            
                                                HTTP/2 200 OK 

                                            
                                                
content-type: text/css

                                            

                                            
                                                
date: Sat, 04 Mar 2023 15:17:50 GMT 

                                            
                                                
last-modified: Mon, 04 Mar 2019 12:10:26 GMT 

                                            
                                                
etag: W/"5c7d15b2-2341" 

                                            
                                                
access-control-allow-origin: * 

                                            
                                                
cache-control: max-age=14400 

                                            
                                                
cf-cache-status: REVALIDATED 

                                            
                                                
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXSGFP8YU3JoyWR8isCOWuAm5QYg43iEsWyVNn7gN%2Fksh11YdrMwJT9qsZnfefglRdwMjtBKrpqmU24JP7oTPRWszB4waZmlS8FBic1KWvTLNqlwlzjjXeYDdOwYdiODtGihXg%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                            
                                                
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
server: cloudflare 

                                            
                                                
cf-ray: 7a2b169f0990b505-OSL 

                                            
                                                
content-encoding: br 

                                            
                                                
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                            
                                                
X-Firefox-Spdy: h2 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    

                                                Sha1:   

                                                Sha256:

URL	m6s7p82irtest3.kaspykurmoma.tk/TSKtBH6B?keyword=npl007@slurpmail.net&sub1=clear&sub3=fatec.sp.gov.br
IP	172.67.209.189 (United States)
ASN	#13335 CLOUDFLARENET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access
Report completed	2023-03-04 15:17:59 UTC
Status	Loading report..
IDS alerts	4
Blocklist alert	0
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (20)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 172.67.209.189

Last 5 reports on ASN: CLOUDFLARENET

Last 1 reports on domain: kaspykurmoma.tk

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (8)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (48)

Overview

Domain Summary (20)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 172.67.209.189

Last 5 reports on ASN: CLOUDFLARENET

Last 1 reports on domain: kaspykurmoma.tk

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (8)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (48)

Network Intrusion Detection Systems