r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4711
Expires: Fri, 03 Feb 2023 14:00:45 GMT
Date: Fri, 03 Feb 2023 12:42:14 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2870
Expires: Fri, 03 Feb 2023 13:30:04 GMT
Date: Fri, 03 Feb 2023 12:42:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 11:43:35 GMT
content-type: application/json
age: 3519
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17149
Expires: Fri, 03 Feb 2023 17:28:03 GMT
Date: Fri, 03 Feb 2023 12:42:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yWa2KZc0Jka52TJ8/ZHnFlAXSkV7g/BvJOQ8tDF7mfgC5NjPLG4YvaOx8B8KKLpgPk4dnpwAZng=
x-amz-request-id: NQYGTPPC5VPCH8V8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 11:52:24 GMT
age: 2990
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:14 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
afeera.net/classifieds/browse-ads/58/water-coolers
178.128.249.233200 OK 57 kB URL HTTP/1.1 afeera.net/classifieds/browse-ads/58/water-coolers
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (20704), with CRLF, LF line terminators
Hash 2e978199454e8b5cdea06932220528fb
fd01182b296bc00db93700fda5d8e6a1cd0c3ba5
11a5c386ad707f7080210e444b4bb22d9d35eef7304a8551f6d57b20f82caf29
Analyzer Verdict Alert fortinet Phishing
GET /classifieds/browse-ads/58/water-coolers HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <https://afeera.net/wp-json/>; rel="https://api.w.org/", <https://afeera.net/wp-json/wp/v2/pages/22525>; rel="alternate"; type="application/json", <https://afeera.net/?p=22525>; rel=shortlink
Set-Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
afeera.net/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
178.128.249.233200 OK 299 B URL HTTP/1.1 afeera.net/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
Hash 1e34ceaa9a4c96c3499483f5fe818671
55a92f1196d0155e2bf0632f0905b5b8000f5ad7
9738e8e5222b5802082be7a77e56ad9fdee06718da410f356504184fd08b56bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b2-2b5"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/buddypress/bp-members/css/blocks/member.min.css?ver=10.2.0
178.128.249.233200 OK 604 B URL HTTP/1.1 afeera.net/wp-content/plugins/buddypress/bp-members/css/blocks/member.min.css?ver=10.2.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1898), with no line terminators
Hash c255b50f0b766feca4a0d157f1f16f5f
d921982b100a1ff6207ed415b93eb280f3cac362
62fac84b2e5b27a0b5856a00090f5829ed1464848a70fc9d09b4b6b4f4081d74
GET /wp-content/plugins/buddypress/bp-members/css/blocks/member.min.css?ver=10.2.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b2-76a"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/buddypress/bp-members/css/blocks/members.min.css?ver=10.2.0
178.128.249.233200 OK 851 B URL HTTP/1.1 afeera.net/wp-content/plugins/buddypress/bp-members/css/blocks/members.min.css?ver=10.2.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (3917), with no line terminators
Hash 47d3634e70aa3b9788a6dd3e661a73b3
dce23f485f41c9c42cdb2a031f25c6f44ee1feee
c04d13b41483f221dd37dceb0164abc3e38b360b40b4f8ff9d250697c04eb533
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-members/css/blocks/members.min.css?ver=10.2.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b2-f4d"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/buddypress/bp-members/css/blocks/dynamic-members.min.css?ver=10.2.0
178.128.249.233200 OK 230 B URL HTTP/1.1 afeera.net/wp-content/plugins/buddypress/bp-members/css/blocks/dynamic-members.min.css?ver=10.2.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (621), with no line terminators
Hash 7d31c84d851e698cf5ad00f0a9b3df5a
ac5a76898a7f073ed49becf0ad55404b62cfbe50
60f0bda1164b78deac9990bbf5d4838998a96deb34d954ea01f86ae295f50901
GET /wp-content/plugins/buddypress/bp-members/css/blocks/dynamic-members.min.css?ver=10.2.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b2-26d"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0
178.128.249.233200 OK 374 B URL HTTP/1.1 afeera.net/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
Hash 99f478aea66ce928c3dda9ab3a0dbbb3
29bb3e5ccb81defba6cf1749768f4c57533e261a
44b0fdb4d849dfa85411e2e814e8352a89f04fad8e65924f477368dad133955e
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b2-3e0"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/buddypress/bp-activity/css/blocks/latest-activities.min.css?ver=10.2.0
178.128.249.233200 OK 530 B URL HTTP/1.1 afeera.net/wp-content/plugins/buddypress/bp-activity/css/blocks/latest-activities.min.css?ver=10.2.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1877), with no line terminators
Hash 3709ede0403bc587dcc8084d06bed405
4066539ae3909bf43d16a8a782c6a6c9fdc10265
1be40b092836fd93583c704ac2636e05f2c56c88063fc4006edfe81224a5fecb
GET /wp-content/plugins/buddypress/bp-activity/css/blocks/latest-activities.min.css?ver=10.2.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b1-755"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
178.128.249.233200 OK 1.3 kB URL HTTP/1.1 afeera.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (4933), with no line terminators
Hash d2d7f4c273d3b4cd972a337969b14754
b441775d1dcba61a5234df0256a40c7f58a8b059
fcfdbdf2a45072bbb545934d419cf76e5272d3193742eb8b659e938cafab4cdf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b5-1345"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/style.css?ver=6.1.1
178.128.249.233200 OK 4.8 kB URL HTTP/1.1 afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/style.css?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash 555558d27163f505c8b9f01e70535bc4
af08f4c90b23fbd2918eb0f4500ef6c672592c00
207c0dd09be718e9971cd4d8b8fa94bfaa04c370bfef193a0e8f93ea233a7791
GET /wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/style.css?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-80d6"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0
178.128.249.233200 OK 3.3 kB URL HTTP/1.1 afeera.net/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (27709)
Hash de25deb1514a3ba39e90bb45665aaa2f
fd5d4c836cc80f4350101414de25e665c4df4b51
67cdfdaf9767c318d1f269c0c46e768a65520ff151b103f40fc1446b473abec8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b3-6c70"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-includes/css/classic-themes.min.css?ver=1
178.128.249.233200 OK 189 B URL HTTP/1.1 afeera.net/wp-includes/css/classic-themes.min.css?ver=1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b8-d9"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/user-panel.css?ver=6.1.1
178.128.249.233200 OK 774 B URL HTTP/1.1 afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/user-panel.css?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash ce56b5d771fab206587ecd46005de59b
69233be65fba73c8e4c9d96768e2fa27a7666257
22648153b192257f62f6e731876e5a8fc5c3a38e16383a9a3feaf5fb34b31aff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/user-panel.css?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-ab4"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/all.css?ver=6.1.1
178.128.249.233200 OK 4.6 kB URL HTTP/1.1 afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/all.css?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash 1a52325ff1fc3f6264f1649e010eb55f
c5267dfa88b9eb442a58404303fb09d5ebca5205
9f8fde6afaa5c4bdff6272ac488284f3f92d53c657de2913cf22069231c9239a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ap-plugin-scripteo/frontend/css/all.css?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Feb 2023 12:42:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63dd0127-b854"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
178.128.249.233200 OK 22 kB URL HTTP/1.1 afeera.net/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash d7658a5f4802795f8668f7d30a8d5847
bca9e21965d6f16e6164e7bf1983d460a809dd2c
af532a8ad1dd26d06abeea961dff85a1ba9414f23a7e93cb8008ff5d45f9a76d
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b5-333a7"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/animate.css?ver=6.1.1
178.128.249.233200 OK 9.7 kB URL HTTP/1.1 afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/animate.css?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash fb7202346682ea4ed1935c3704b31860
840c7efe8391ca8588bae5a5b0e532f0cbce8ad6
118000b696a24660d0b1157714bbc091ba0cfa5dcc01d68d5d4980c91f9c6ebd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/animate.css?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-1f1fc"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/chart.css?ver=6.1.1
178.128.249.233200 OK 958 B URL HTTP/1.1 afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/chart.css?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (7308), with CRLF line terminators
Hash 673069ada5134d9b1e0800ad0f59caff
9d066ec067e985c7e6c5786ed26d47e91a38fad2
09d8a922efc699e79aad88be8c1a1b66bec7cbab873fd73323b0eb0ecda93f85
GET /wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/chart.css?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-1d0c"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/bsa.carousel.css?ver=6.1.1
178.128.249.233200 OK 534 B URL HTTP/1.1 afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/bsa.carousel.css?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
Hash ad403440951d5b2711ec0905e6801ada
faed8657fd9f27e81a791f0f9695af34b2218513
b4c2b46a3de8d1fb0d4bbb4cb2a3daa3887682add47a9ec16501a0808631f7ce
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/bsa.carousel.css?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-5ce"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/material-design.css?ver=6.1.1
178.128.249.233200 OK 2.2 kB URL HTTP/1.1 afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/material-design.css?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (362)
Hash be8fcd94f529c3800ef05ff7646599c1
3481d6ebbb85f849afdb145cb2cb5a6215b09f9e
d14d76499542fab044b1613e8d9e6ae86dd1c47f62389939ed5076de853c5edb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ap-plugin-scripteo/frontend/css/asset/material-design.css?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-2f93"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/buddypress/bp-templates/bp-nouveau/css/buddypress.min.css?ver=10.2.0
178.128.249.233200 OK 16 kB URL HTTP/1.1 afeera.net/wp-content/plugins/buddypress/bp-templates/bp-nouveau/css/buddypress.min.css?ver=10.2.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65536), with no line terminators
Hash 673dfad784fdfd12a096bdfe105d9549
d9b114a02d0f03c052fd042ffaea3c31a6ca1268
39baea6537c198d6e7597aeec40cfae415f1f4b1ed498be131682b8e60eed20a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-templates/bp-nouveau/css/buddypress.min.css?ver=10.2.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b2-1a1ef"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
178.128.249.233200 OK 972 B URL HTTP/1.1 afeera.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b2-aab"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1
178.128.249.233200 OK 2.6 kB URL HTTP/1.1 afeera.net/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (17809), with no line terminators
Hash be0befa6b3a8509adb68e2a5a976978b
ebf3b07fac78db7fc7617a802912388fe0e28438
018ccaf9b85e8352adbac26932fb2123993f4fb96d8248a1cd5a44d7679937ad
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b4-4591"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1
178.128.249.233200 OK 8.9 kB URL HTTP/1.1 afeera.net/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 5e6f0816cfea75222a4c840a9bc95c2d
73bfbef7c9dbbc5033c432b6b12c6dbffd017c43
8dadb86fcb6d0d3eafb86089bb65845d072a3964c0a12f266ea410e2faff60f0
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b4-f523"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 12:07:19 GMT
age: 2096
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
afeera.net/wp-includes/css/dashicons.min.css?ver=6.1.1
178.128.249.233200 OK 36 kB URL HTTP/1.1 afeera.net/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (58981)
Hash 8feeb31c2c2b1eac8f5dac3b20f6016d
9d9797e1a9e800bb6f9c5aea9eb9a0a1172a11fe
ea7991c406d76572a7d81ea53e3f78d70b4327fd50f759fd941047d66bf9b754
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b8-e688"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/another-wordpress-classifieds-plugin/resources/css/awpcpstyle.css?ver=4.1.7
178.128.249.233200 OK 9.4 kB URL HTTP/1.1 afeera.net/wp-content/plugins/another-wordpress-classifieds-plugin/resources/css/awpcpstyle.css?ver=4.1.7
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (59413), with no line terminators
Hash 598477e758b5ac0cfd4ba11d408de8c1
1bbab85e01bf21c051de801f8c7af1b5c548c091
9617bc9c0c79f382713e625ad6048ed1e825e35f6be4e84f95cb18d1673d9a63
GET /wp-content/plugins/another-wordpress-classifieds-plugin/resources/css/awpcpstyle.css?ver=4.1.7 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-e817"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/uploads/2023/01/afree-logo.png
178.128.249.233200 OK 8.0 kB URL HTTP/2 afeera.net/wp-content/uploads/2023/01/afree-logo.png
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 275 x 58, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b77836e20277452226fbf99b72e5a8e
ded04acf405992f3614347b804ba4a273e156d67
b1936f4f2edc845c6c5974d493df77d6baa83508cb7e68f775108d347031cd63
GET /wp-content/uploads/2023/01/afree-logo.png HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:15 GMT
content-type: image/png
content-length: 8019
last-modified: Fri, 20 Jan 2023 14:30:16 GMT
etag: "63caa578-1f53"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
afeera.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
178.128.249.233200 OK 4.2 kB URL HTTP/1.1 afeera.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b8-2bd8"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
178.128.249.233200 OK 31 kB URL HTTP/1.1 afeera.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65447)
Hash 2eccf707201b564e5e0cc3637fe4fd79
13b3ab2c399a84808e8fd6a2c795a6a49f5090a4
fb2e62f5864ef969b2d586b0e589fc81d7689038cd54a90fbca4b463e0ca6261
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b8-15e54"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
178.128.249.233200 OK 4.0 kB URL HTTP/1.1 afeera.net/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with very long lines (597)
Hash 6ab55bda152ec0ad804795959f676182
e926aba0016ad03868990c71dfe107bb7aacad58
c8a7cb95c2a760f8c3d0685d5917f7835ac443c83a4057f13cbbdae7da970a36
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b8-33ba"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-includes/js/underscore.min.js?ver=1.13.4
178.128.249.233200 OK 7.3 kB URL HTTP/1.1 afeera.net/wp-includes/js/underscore.min.js?ver=1.13.4
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (18798)
Hash 3f92fc0fb188799b432341421df6cfde
09041f63af89e1164a53dec66eb7b2ac1dc58ba6
6b09e750d7ecaac14315f7c7e09b6de17f8d1f790b4acdc094b74832402aee31
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b8-4991"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-includes/js/shortcode.min.js?ver=6.1.1
178.128.249.233200 OK 1.1 kB URL HTTP/1.1 afeera.net/wp-includes/js/shortcode.min.js?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2608)
Hash 26862c3fd437d11cffbc25cdef9f0a66
392cc067570c749323fba1fcf55545d350bd5361
a40fcd0c9d0e0724d939a1b0a3db8f53e851b06353fb88b2153793a88128435b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/shortcode.min.js?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b8-a53"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-admin/js/media-upload.min.js?ver=6.1.1
178.128.249.233200 OK 612 B URL HTTP/1.1 afeera.net/wp-admin/js/media-upload.min.js?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1117)
Hash 3bfdd02a7280f146d689971b4fd6c5fc
1fff1fbd830a3879ff64761c9ca8d238505ea44f
f07ac21a9a912410a1d0cdd1beb4834cf98798c164ae9a18be6d8b445f7521cc
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/js/media-upload.min.js?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-480"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/js/script.js?ver=6.1.1
178.128.249.233200 OK 1.8 kB URL HTTP/1.1 afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/js/script.js?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash a18f1aeee329dba72aa2049d86eef544
7e2ed6c84472efa6e16cd94036b06a9e2b6ecbf9
2b32653541d4bf9b82a98a37e469d63fbecf6cca55d7aaa36e631abe7eda51fa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ap-plugin-scripteo/frontend/js/script.js?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-1821"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/js/chart.js?ver=6.1.1
178.128.249.233200 OK 24 kB URL HTTP/1.1 afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/js/chart.js?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (1035), with CRLF line terminators
Hash df5c7ab12edb916145e308f5f18f35eb
77722afea96ea1bca894b47915402fc9d4f486d9
41ccc7fd5ea46449209f63579d4b734a504d389fa67362d1965e2a6d144dddc3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ap-plugin-scripteo/frontend/js/chart.js?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-1903f"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/js/jquery.simplyscroll.js?ver=6.1.1
178.128.249.233200 OK 3.3 kB URL HTTP/1.1 afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/js/jquery.simplyscroll.js?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash 5f557c2590b80c1718ec2d18bb8e725c
a75af6d454c3f9ea86dfeda4013a813c2cd6bc3d
f7514e885600e838ce390b2ae089375b0568a086ab9442b9776d4384c823325a
GET /wp-content/plugins/ap-plugin-scripteo/frontend/js/jquery.simplyscroll.js?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-3129"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=10.2.0
178.128.249.233200 OK 495 B URL HTTP/1.1 afeera.net/wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=10.2.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1198), with no line terminators
Hash b459b4f0b7ee58f1d6f618460db364cb
b1f080d337a462600290c1d37600ce680081ef7b
9d33a2d66fd565008194a964f0e11363b02a0e6bcf77e92dc0256117a6438a93
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-core/js/widget-members.min.js?ver=10.2.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b1-4ae"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=10.2.0
178.128.249.233200 OK 126 B URL HTTP/1.1 afeera.net/wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=10.2.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash ccb3f140a39b19989efdfde7add27c76
cfa4c78d35c62838bfdfc3515a483c6f48cac5bd
92b090836416c6de95f85440a2b835ab39e4cac7f4c4b3b021dcf83db56f30be
GET /wp-content/plugins/buddypress/bp-core/js/jquery-query.min.js?ver=10.2.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b1-73"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-cookie.min.js?ver=10.2.0
178.128.249.233200 OK 660 B URL HTTP/1.1 afeera.net/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-cookie.min.js?ver=10.2.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1229), with no line terminators
Hash be556cd52da76f599a5528b6c8dd05e7
a167c91955082e0b2ddd89a3523ee0f56a122056
551e7ad49a0282263be62c4776dfe1e2410a7f47c451ecb8bf72a8c777fa9d9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-core/js/vendor/jquery-cookie.min.js?ver=10.2.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b1-4cd"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-scroll-to.min.js?ver=10.2.0
178.128.249.233200 OK 1.2 kB URL HTTP/1.1 afeera.net/wp-content/plugins/buddypress/bp-core/js/vendor/jquery-scroll-to.min.js?ver=10.2.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2273), with no line terminators
Hash 3e78f3c9b382d9c6c379d0c20d46cc90
9b4c1a089b4f333713dea28d5f14f1fad9980e98
b88818ed22401441f0c0970954641c4ccc8f0526e87f37e7b834e2a3fcdb438e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-core/js/vendor/jquery-scroll-to.min.js?ver=10.2.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b1-8e1"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
178.128.249.233200 OK 3.5 kB URL HTTP/1.1 afeera.net/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (9139)
Hash d6c87c7221011e280d3bb60eb9c598e4
93aa9b7f17b91719689519d4439c10d884063296
0acd2e4b6cc50829b1fb1e12b55ed2b72b201631e908a80171d39ef4a9570724
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b4-253d"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
178.128.249.233200 OK 12 kB URL HTTP/1.1 afeera.net/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (47826)
Hash 981383d43a7adb38d6c2bf5286dcd065
e41871905868763178f7d8127e3dfb87909f108f
fceb208fc5a1581abc1926596d5f59fa41e7a7d72027b563303b445cdf7ed126
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b8-172a9"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=10.2.0
178.128.249.233200 OK 324 B URL HTTP/1.1 afeera.net/wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=10.2.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (727), with no line terminators
Hash b3ea24146baa5da16e6b1c61c0fce9c5
b379202a0fe9ef37b78a026f88a2601988a1515c
9dcf380ca420e36c0d3f670b9db99f8e40e962123e0fbdda3b6fe0121f4a1cec
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-core/css/blocks/login-form.min.css?ver=10.2.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b1-2d7"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
178.128.249.233200 OK 1.1 kB URL HTTP/1.1 afeera.net/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash f46e666160800ab91bb12cccc7555662
63b98922823c1f54ed1a96e1dcd0c227e3e51419
f5cc9892eb6b336791126838b53edfe9dc4b12b99aae085cadf52d8e734f5c68
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b4-bdd"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 12:42:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afeera.net/wp-content/bs-booster-cache/e57f6e2a0d222329fd5e68b901f2ac9e.css
178.128.249.233200 OK 6.9 kB URL HTTP/1.1 afeera.net/wp-content/bs-booster-cache/e57f6e2a0d222329fd5e68b901f2ac9e.css
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (47880), with no line terminators
Hash b39aa07dc5f7134058219953ef8a33b6
29e25ba5eb6225481fefccb7c73688d9bc74d762
d8531cf70b8a247fe40cee964c523707b5af38f2e22b7f4842eefa9b87ddcc1f
GET /wp-content/bs-booster-cache/e57f6e2a0d222329fd5e68b901f2ac9e.css HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Feb 2023 12:38:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63dd002e-bb08"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
178.128.249.233200 OK 5.0 kB URL HTTP/1.1 afeera.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (15660)
Hash 1b982d290af16dac5885f21a198aaa66
f847ca85d23c2f240938bbde0135f3de97925759
0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b8-48b9"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.3.1
178.128.249.233200 OK 1.9 kB URL HTTP/1.1 afeera.net/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.3.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (14615), with no line terminators
Hash 95c1fa8191d7051ed2c1f0807bbc57c8
3cae5698b4282de21449726177544fbc08e7dc35
89fe7813ce1348f6144aac84d5b5d1bff4fcf2333355c49c324f9ff80b8d1478
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.3.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b4-3917"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0
178.128.249.233200 OK 195 B URL HTTP/1.1 afeera.net/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
Hash f9d342a66f882a21aaa6bf2f886dec5f
208b0196ddc4618f81a4acbe5e03b0789da1b9b3
16354818e612c2d6a9457960b8425bc745d7d48aa7e35f2c4ff4a32be4633cdf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b3-14b"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/js/bsa.carousel.js?ver=6.1.1
178.128.249.233200 OK 8.8 kB URL HTTP/1.1 afeera.net/wp-content/plugins/ap-plugin-scripteo/frontend/js/bsa.carousel.js?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
Hash c4466ab6476789afddfef0374632db8e
c397a8b13a4591cddbd9203ee325b92534505472
998eee349f80aef5313bb9e9a1aba76a9061a3d09fca5be9928c18966ebe9c23
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ap-plugin-scripteo/frontend/js/bsa.carousel.js?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-ce3d"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/buddypress/bp-templates/bp-nouveau/js/buddypress-nouveau.min.js?ver=10.2.0
178.128.249.233200 OK 3.7 kB URL HTTP/1.1 afeera.net/wp-content/plugins/buddypress/bp-templates/bp-nouveau/js/buddypress-nouveau.min.js?ver=10.2.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (12260), with no line terminators
Hash 0da9f41425c2f22a0b5622fc0fb87851
4c40703d0c64e58df0c8cce41b7fc3d651969752
c67295d35d71172a6215d705b69e7b4dbcbd32a5e96656ce93caa8baf6c1826d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/buddypress/bp-templates/bp-nouveau/js/buddypress-nouveau.min.js?ver=10.2.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b2-2fe4"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-includes/js/comment-reply.min.js?ver=6.1.1
178.128.249.233200 OK 1.4 kB URL HTTP/1.1 afeera.net/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2946)
Hash 28214bc78b9edfcfbc9c7b651fb4f56c
fb0847abdb33dd943a2dcda4c4b905fb5cdd116c
11691bc1acc1f3a7ab8ef7c67fb720ca58fb72e52f510009f7b0cbc2589d45e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b8-ba5"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
178.128.249.233200 OK 2.5 kB URL HTTP/1.1 afeera.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b8-194b"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
178.128.249.233200 OK 6.5 kB URL HTTP/1.1 afeera.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 287748e15cc4a588d0df39da369d9035
b02e10a775f9d6ab54d448acffbc9253e2d9bfb9
742f6e950eecbeaf0c308f5d3877e48d6d57d48b7f8bd458d81875feb4b58654
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b8-459f"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
178.128.249.233200 OK 3.3 kB URL HTTP/1.1 afeera.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash 4ac0d5ab8d83806d59c4e1f7bf0a855a
81153a2f5e3a21febe9ede53c9f0073da3e14829
605fd4e7f4d3fbb5505bb81e3f72c685b6ef411c27cde2f7bab2787c3d870b10
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b2-25f8"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
178.128.249.233200 OK 982 B URL HTTP/1.1 afeera.net/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1668)
Hash e66463f2023b738680c9bdefece69a37
315dc8e6ebdfb18c662851244ee33e2758ad3c83
fd83e7fc6d81aa6f6680ea640e9c086aa1950a17757a582aa74ea9797a70f346
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b4-72a"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
178.128.249.233200 OK 794 B URL HTTP/1.1 afeera.net/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2139), with no line terminators
Hash 29307e8dec33cf3411ca4e1f2c84e9d0
484402289464d7ffb1475827f3438329d520bfc6
a2db59efaa416ef0c9d5d58f142cd5e44c475348cff20a664586fd3cda1b5f5b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b4-85b"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
178.128.249.233200 OK 1.0 kB URL HTTP/1.1 afeera.net/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2938), with no line terminators
Hash 45db3d2887c26700a51bf469e3bb3aa1
d070b5fb53d2fbb66964bbfd482270b855d0ee96
1abc0cff49f82d9a063c04cd086b991af6ad00467efc4cb8d8d4e3c9a0f95777
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b4-b7a"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/better-adsmanager/js/advertising.min.js?ver=1.21.0
178.128.249.233200 OK 47 B URL HTTP/1.1 afeera.net/wp-content/plugins/better-adsmanager/js/advertising.min.js?ver=1.21.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash 02d47e013d17ba2f63516062d6fce38b
411fe85247e308432b88da4fe29fd7fddcbe035c
c309e6b3c7401dfdc1429e9164d1e0b144ca1b337be5a5a29266321bbdb98f25
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/better-adsmanager/js/advertising.min.js?ver=1.21.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b1-1d"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
ajax.aspnetcdn.com/ajax/knockout/knockout-3.5.0.js?ver=3.5.0
152.199.19.160301 Moved Permanently 0 B URL HTTP/1.1 ajax.aspnetcdn.com/ajax/knockout/knockout-3.5.0.js?ver=3.5.0
IP 152.199.19.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ajax/knockout/knockout-3.5.0.js?ver=3.5.0 HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 12:42:15 GMT
Location: https://ajax.aspnetcdn.com/ajax/knockout/knockout-3.5.0.js?ver=3.5.0
Server: ECAcc (ska/F73B)
Content-Length: 0
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3134
Expires: Fri, 03 Feb 2023 13:34:29 GMT
Date: Fri, 03 Feb 2023 12:42:15 GMT
Connection: keep-alive
afeera.net/wp-content/plugins/another-wordpress-classifieds-plugin/resources/vendors/breakpoints.js/breakpoints.min.js?ver=0.0.10
178.128.249.233200 OK 873 B URL HTTP/1.1 afeera.net/wp-content/plugins/another-wordpress-classifieds-plugin/resources/vendors/breakpoints.js/breakpoints.min.js?ver=0.0.10
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2005), with no line terminators
Hash 82850c54ac210a5b1a524b506ed881ff
5735653c1e7ccd64dcc7a0c134373d5bc0db9042
e482fdd0cd320ceabcdb1693bafa36ab4e06a57de531885f4b25f76378371033
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/another-wordpress-classifieds-plugin/resources/vendors/breakpoints.js/breakpoints.min.js?ver=0.0.10 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-7d5"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/another-wordpress-classifieds-plugin/resources/js/awpcp.min.js?ver=4.1.7
178.128.249.233200 OK 13 kB URL HTTP/1.1 afeera.net/wp-content/plugins/another-wordpress-classifieds-plugin/resources/js/awpcp.min.js?ver=4.1.7
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (32011)
Hash 9ed300c70a8798c777005d36906df4ed
f59de06386655abd616dfce66f6be8866b592ea8
6048f6b4bd95a79ef7de7f4b458b1760492945017514a13cd018b2891a34049e
GET /wp-content/plugins/another-wordpress-classifieds-plugin/resources/js/awpcp.min.js?ver=4.1.7 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b0-bf18"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 12:42:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afeera.net/wp-content/plugins/woocommerce/assets/js/selectWoo/selectWoo.full.min.js?ver=1.0.9-wc.6.3.1
178.128.249.233200 OK 22 kB URL HTTP/1.1 afeera.net/wp-content/plugins/woocommerce/assets/js/selectWoo/selectWoo.full.min.js?ver=1.0.9-wc.6.3.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (64041)
Hash 598c52e81eadf6380ec78e944466327c
8a2f6de97a0bdcf6725581e580093166c283199f
c465b6528bb205af4aea76716592cfc7cd9431708cb41a4a058198804a3e76ac
GET /wp-content/plugins/woocommerce/assets/js/selectWoo/selectWoo.full.min.js?ver=1.0.9-wc.6.3.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:16 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b4-12d52"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-includes/js/backbone.min.js?ver=1.4.1
178.128.249.233200 OK 7.9 kB URL HTTP/1.1 afeera.net/wp-includes/js/backbone.min.js?ver=1.4.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (23813)
Hash 77eaa07e74160d847e878d00dbc69f4c
1722a4f34a09b92427c992a8f9302a35cb4965fb
559f85f19fb14d662c2c906de6b2be1ea7185a67ae69294b5e5606655c6085c4
GET /wp-includes/js/backbone.min.js?ver=1.4.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:16 GMT
Content-Type: application/javascript
Last-Modified: Fri, 20 Jan 2023 14:31:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b8-5d28"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash df9916c6151ec3675213c40624e234dc
a2eee5603468acdd24a288e15d5193c6ea2284d2
ced4c1147377caf01dfa2e9a50861598357fc1754189ac07ce1a5fbd3356a85d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CED4C1147377CAF01DFA2E9A50861598357FC1754189AC07CE1A5FBD3356A85D"
Last-Modified: Thu, 02 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21578
Expires: Fri, 03 Feb 2023 18:41:54 GMT
Date: Fri, 03 Feb 2023 12:42:16 GMT
Connection: keep-alive
afeera.net/wp-content/bs-booster-cache/78e254e13d6d8077260a389117a9cff2.js?ver=6.1.1
178.128.249.233200 OK 75 kB URL HTTP/1.1 afeera.net/wp-content/bs-booster-cache/78e254e13d6d8077260a389117a9cff2.js?ver=6.1.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (32071), with CRLF, LF line terminators
Hash a41d91d4b80a740652146171170ca878
cc5a04df432dae0d03463214ca147bf9a8a1a7d8
817da6c6154ae3de0034aab2a0cd675005a1e11a174d0e3eea72cb91d4c45ca5
GET /wp-content/bs-booster-cache/78e254e13d6d8077260a389117a9cff2.js?ver=6.1.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: application/javascript
Last-Modified: Thu, 26 Jan 2023 13:19:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63d27dfa-3f3b0"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
afeera.net/wp-content/plugins/gtranslate/flags/24/en.png
178.128.249.233200 OK 1.8 kB URL HTTP/1.1 afeera.net/wp-content/plugins/gtranslate/flags/24/en.png
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ec7233b5c80e5db85f7733b2ec25203f
d4c36fff06dc7d920b10eb13b58ea9cd9321b430
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40
GET /wp-content/plugins/gtranslate/flags/24/en.png HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:16 GMT
Content-Type: image/png
Content-Length: 1767
Last-Modified: Fri, 20 Jan 2023 14:28:23 GMT
Connection: keep-alive
ETag: "63caa507-6e7"
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
afeera.net/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1
178.128.249.233200 OK 1.2 kB URL HTTP/1.1 afeera.net/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (7043), with no line terminators
Hash 7a01d757cd8aced5af866e83a6d0ce76
f352b0e25c2a3ca7af84f93c9bc1fd700db3586f
da5327f259e09fafac875160fbcd3fe934f48359e751e42b802f5577310b014c
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:16 GMT
Content-Type: text/css
Last-Modified: Fri, 20 Jan 2023 14:31:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63caa5b4-1b83"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
ajax.aspnetcdn.com/ajax/knockout/knockout-3.5.0.js?ver=3.5.0
152.199.19.160200 OK 25 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/knockout/knockout-3.5.0.js?ver=3.5.0
IP 152.199.19.160:0
File type ASCII text, with very long lines (598)
Hash f51167e9f3a1b0dbec398d3b105156fc
e2b2b3f6fae3408f404954817a99a68caff1c5ce
ab57f90f87b214baf38a6ca594ae330425f0861223fdd446d5ab41a8187b073e
GET /ajax/knockout/knockout-3.5.0.js?ver=3.5.0 HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://afeera.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 29761074
cache-control: public, max-age=31536000
content-type: application/javascript
date: Fri, 03 Feb 2023 12:42:16 GMT
etag: "02cf5d66d0d41:0"
last-modified: Fri, 01 Mar 2019 19:36:24 GMT
server: ECAcc (ska/F73B)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 24991
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6b61f29aa4893be0db68c287b351a119
8668d9d5d28fdd64e1876173720e5346de637bf8
15544948538d8b02a25d1d12b0017baf24278915b8b158fd12d0f51093716714
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6054
Cache-Control: max-age=129243
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 12:42:16 GMT
Etag: "63dc3f5d-117"
Expires: Sun, 05 Feb 2023 00:36:19 GMT
Last-Modified: Thu, 02 Feb 2023 22:55:25 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
52.26.112.186101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.26.112.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qgGi3rG2PEwyFH9hoh8ZFA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7PJzLnYgtA/Y70VkyBwzlHFOZ+U=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6b61f29aa4893be0db68c287b351a119
8668d9d5d28fdd64e1876173720e5346de637bf8
15544948538d8b02a25d1d12b0017baf24278915b8b158fd12d0f51093716714
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1683
Cache-Control: max-age=124872
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 12:42:16 GMT
Etag: "63dc3f5d-117"
Expires: Sat, 04 Feb 2023 23:23:28 GMT
Last-Modified: Thu, 02 Feb 2023 22:55:25 GMT
Server: ECS (amb/6B84)
X-Cache: HIT
Content-Length: 279
afeera.net/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
178.128.249.233200 OK 14 kB URL HTTP/1.1 afeera.net/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format, CFF, length 13852, version 1.0\012- data
Hash 7b3b5f7ada337a9a61df97550c2d6c64
fbc1335ac8b6513f8dca47d0af28381b7d1261cd
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://afeera.net/wp-content/bs-booster-cache/f4ba002074c62bf4a032369ab5268b76.css
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:16 GMT
Content-Type: application/font-woff
Content-Length: 13852
Last-Modified: Fri, 20 Jan 2023 14:28:30 GMT
Connection: keep-alive
ETag: "63caa50e-361c"
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
afeera.net/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
178.128.249.233200 OK 77 kB URL HTTP/1.1 afeera.net/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://afeera.net/wp-content/bs-booster-cache/f4ba002074c62bf4a032369ab5268b76.css
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:16 GMT
Content-Type: application/font-woff2
Content-Length: 77160
Last-Modified: Fri, 20 Jan 2023 14:28:30 GMT
Connection: keep-alive
ETag: "63caa50e-12d68"
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 12:42:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 12:42:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 12:42:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
142.250.74.35200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 27120, version 1.0\012- data
Hash 43e7d3f1dec74478587a2b3cfa272631
c065f24ac428353854ebd6715c49966fc4f4c762
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
GET /s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://afeera.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:06:40 GMT
expires: Sat, 03 Feb 2024 02:06:40 GMT
cache-control: public, max-age=31536000
age: 38136
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
142.250.74.35200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 27268, version 1.0\012- data
Hash cd83836443d658985c464d7021aa3e83
83a2915021f30c4ed54752b02e0c999e3c56798c
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
GET /s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://afeera.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27268
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 09:47:19 GMT
expires: Wed, 31 Jan 2024 09:47:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:56:23 GMT
content-type: font/woff2
age: 269697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.webcop.co/widget/Webcop.js
165.227.196.157200 OK 30 kB URL HTTP/1.1 cdn.webcop.co/widget/Webcop.js
IP 165.227.196.157:0
ASN #14061 DIGITALOCEAN-ASN
Hash 3f73885cd69b806ac7e26ed23230c756
537e7b363be9c8c9eb01a23bce879cff179f2a5f
8b0f7817debebe06fe31cccaeaf6203afe892181800a1d33244a4c97449f0fd4
GET /widget/Webcop.js HTTP/1.1
Host: cdn.webcop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 03 Feb 2023 12:42:16 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 29698
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 24 Mar 2022 00:44:34 GMT
ETag: W/"7402-17fb961e1a8"
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 12:42:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d82139609e323e908fac5d93cc352a0
16464d86dbab5ffda5e66d870c5d139ee69f9422
dafce9d952b644da844563623a477eec073d696e74275b56b8329ed44b64aa57
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAFCE9D952B644DA844563623A477EEC073D696E74275B56B8329ED44B64AA57"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2012
Expires: Fri, 03 Feb 2023 13:15:48 GMT
Date: Fri, 03 Feb 2023 12:42:16 GMT
Connection: keep-alive
s.w.org/images/core/emoji/14.0.0/svg/26a0.svg
192.0.77.48200 OK 548 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/26a0.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (548), with no line terminators
Hash 289673858e06dfa2e0e3a7ee610c3a30
8d54d46b87ab85a62cbb6ccc0e1a992d99a891d5
03382ac2fd7fe0d58ae2f81964b332bd34dfc9cc5145a10e61cb5e776aef5e2b
GET /images/core/emoji/14.0.0/svg/26a0.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: image/svg+xml
content-length: 548
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
www.acint.net/aci.js
193.3.184.137200 OK 7.8 kB IP 193.3.184.137:0
File type ASCII text, with very long lines (1649)
Hash 777eef0db9280e74fe8d3e0e9561da9c
f8316623410b9735dd07b6e12a2f29352c0aa4cd
985dc8f4eb0a0b4629fa8e6d86f741ee8d22b7a0a1f64be2e9e9f2c96c9cf772
GET /aci.js HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/x-javascript
content-length: 7784
last-modified: Thu, 02 Feb 2023 13:54:08 GMT
etag: "63dbc080-1e68"
content-encoding: gzip
expires: Sat, 04 Feb 2023 00:42:16 GMT
cache-control: max-age=43200
X-Firefox-Spdy: h2
cdn.webcop.co/widget/plugins/jquery/jquery.js
165.227.196.157200 OK 97 kB URL HTTP/1.1 cdn.webcop.co/widget/plugins/jquery/jquery.js
IP 165.227.196.157:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (32077)
Hash 4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
GET /widget/plugins/jquery/jquery.js HTTP/1.1
Host: cdn.webcop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 03 Feb 2023 12:42:16 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 97163
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 24 Mar 2022 00:44:34 GMT
ETag: W/"17b8b-17fb961e1ac"
www.acint.net/oci.js?t=1675428167320
193.3.184.137302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/oci.js?t=1675428167320
IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /oci.js?t=1675428167320 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 03 Feb 2023 12:42:16 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci.js?t=1675428167320
www.acint.net/mc/?dp=10
193.3.184.137302 Moved Temporarily 142 B IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 03 Feb 2023 12:42:16 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=10
www.acint.net/hit/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=84619945&u=http%3A%2F%2Fafeera.net%2Fclassifieds%2Fbrowse-ads%2F58%2Fwater-coolers&r=&rs=1280x1024&t=Browse%20Ads%20-%20afeera.net&oE=1&oP=1&dT=2023-02-03T12%3A42%3A47.316&fu=4366f358-85ae-4872-a398-8e71978ae7fd
193.3.184.137302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/hit/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=84619945&u=http%3A%2F%2Fafeera.net%2Fclassifieds%2Fbrowse-ads%2F58%2Fwater-coolers&r=&rs=1280x1024&t=Browse%20Ads%20-%20afeera.net&oE=1&oP=1&dT=2023-02-03T12%3A42%3A47.316&fu=4366f358-85ae-4872-a398-8e71978ae7fd
IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /hit/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=84619945&u=http%3A%2F%2Fafeera.net%2Fclassifieds%2Fbrowse-ads%2F58%2Fwater-coolers&r=&rs=1280x1024&t=Browse%20Ads%20-%20afeera.net&oE=1&oP=1&dT=2023-02-03T12%3A42%3A47.316&fu=4366f358-85ae-4872-a398-8e71978ae7fd HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 03 Feb 2023 12:42:16 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/hit/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=84619945&u=http%3A%2F%2Fafeera.net%2Fclassifieds%2Fbrowse-ads%2F58%2Fwater-coolers&r=&rs=1280x1024&t=Browse%20Ads%20-%20afeera.net&oE=1&oP=1&dT=2023-02-03T12%3A42%3A47.316&fu=4366f358-85ae-4872-a398-8e71978ae7fd
www.fiverr.com/cdn-proxy/pim/5c6432cdf44d0810011f883e.js
104.18.254.23200 OK 52 kB URL HTTP/2 www.fiverr.com/cdn-proxy/pim/5c6432cdf44d0810011f883e.js
IP 104.18.254.23:0
File type ASCII text, with very long lines (1096)
Hash dbc9a6d860f54b79eed7695dd9aae325
ddd4c6697570f0c215302aae3a0a353f59795ce8
3cef7eb585fe0d2f6d85ba0ed0821c84d37d6bfd57e7c0969a1bb30932afb576
GET /cdn-proxy/pim/5c6432cdf44d0810011f883e.js HTTP/1.1
Host: www.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fiverr.com/gig_widgets?id=U2FsdGVkX18+dzmnbDd/W4q6EZGR4hMt7nWWB7HjL3CaKBlKlqaYZPqy/yXjIQpneL4R7Qkyg7alflszMVQhGHbqBX8bbGfmaeHHZSUFR3BDclYvDA3TDQVHNngyxaLInqW9v6zCLqZBCj+2LapyD2RAA0Fg+aGqa36RKIALVJ33I29mcjGfRmA9L+0bCgo4wK/k9AubWzmdHeUM0tOiM91LpWsR80R5SBbFd8sNaJrdp23MChloFsY8RW4rRt1pU+iSOi2LMogpDYvfRNRLg/3LDoboSIlIMyDrYu0NBR4pqNWPSH18sG4GmLRmkJHm8gtOFYSxctnU89IXb6TPbhTHssFfSmRUW3znzjZ67plPJ3fhUVYlwO+qx3f0f/OFYDq6QQIOcwdA+rXM4LiV1EVPdOo7GhkSnai+Jvu+8HHb/QQHu3kfmsK8IidMzqVMXq69RIiTWjr1X5HxvUYFz71E1tF7zqIAZPNUQVrWzButSRr0TWg6BILnXDoW6NUBatB49xV9PKV5D45wwzceEndXwEQVotJvKtyJrFNtMmNFFV4PFI9uNuNjJ7x7zfl+EBN3a9gdRqoR1Aba1Gt5TQeyFSyn9UV8us5kcZbwstDaOh+WEIz6zeM8uAMRnAeOzsib+uBepOmtBSSafTB/umchklkywkOjYN6IwuQZd4M=&affiliate_id=153556&strip_google_tagmanager=true
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
content-length: 52463
cf-ray: 793b3eddaa06b521-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 661
cache-control: public, max-age=1800
content-encoding: gzip
etag: "0x8DA659C0C1375DC"
expires: Fri, 03 Feb 2023 13:12:16 GMT
last-modified: Thu, 14 Jul 2022 13:23:31 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-methods: GET, POST, HEAD
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
content-md5: iQexiiaNuBS0EUjiKwAvRQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h97TSWG0hecpL%2BBLpDvWxvOjTyIVAa5g5oBdMnrxF8tzutHr%2BSI%2FYqFoon7%2FMvdR89eJHsTEUcWAgig%2BeN2pOUUaZc72fBvShc49GwPdClSY7gQng%2Fi7iYhOn%2FTt%2BEJb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=9.999990, CDN-Proxy; dur=11; desc="Time to fetch asset from origin server", Edge-Cache-Satus; dur=1; desc="HIT", cfRequestDuration;dur=32.999992
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
timing-allow-origin: *
server: cloudflare
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/assets/uploads/macan-regular.woff2
104.17.47.69200 OK 47 kB URL HTTP/2 npm-assets.fiverrcdn.com/assets/uploads/macan-regular.woff2
IP 104.17.47.69:0
File type Web Open Font Format (Version 2), CFF, length 47324, version 1.13107\012- data
Hash 3d263b5d897300221339f211f2b74e5e
b354fd0e5963d0be5eafa33d3c99b7cb998b4fcd
26194ce68a898e83a50b6fe2b0ae8761844041fc28a7d50e7332aa4d5aac3077
GET /assets/uploads/macan-regular.woff2 HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: font/woff2
content-length: 47324
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 05 Jan 2023 08:37:51 GMT
etag: "3d263b5d897300221339f211f2b74e5e"
cf-cache-status: HIT
age: 1318
expires: Sat, 03 Feb 2024 12:42:16 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
set-cookie: __cf_bm=IS2v8avWmc0vLTzft9EmgKRWa7O8sfxOlZoJkl1Jijs-1675428136-0-AUawUZcEGe8Y8ffVmXFMHoJdUjR7OAZZlLdn46KQpfQvyOJ+jvNyZRSWKYS+cOnnNAo4mDHIk4eaIMcyvj76srU=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWD5Mz9subNNBnBI869guCL0aoYu37U%2FRBWKgEUGT%2FzUHeuikrcm%2FUXtghV6%2Bgjd8ggKNfPbfxgMIsZa5SV5wvLFZo66g7hSc80PHHNriOdsmfQfUdifdDxVbKkM8nvf%2FAMECUxQcZ8sgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
server: cloudflare
cf-ray: 793b3eddca3cb50c-OSL
X-Firefox-Spdy: h2
afeera.net/wp-includes/js/thickbox/loadingAnimation.gif
178.128.249.233200 OK 15 kB URL HTTP/1.1 afeera.net/wp-includes/js/thickbox/loadingAnimation.gif
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 416 x 26\012- data
Hash ce2268030dd2151b63cdf4ffc2f626ba
15280f21eb43f5fa7838dcf011f67d79e301b15f
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
GET /wp-includes/js/thickbox/loadingAnimation.gif HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s; fid=4366f358-85ae-4872-a398-8e71978ae7fd
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:16 GMT
Content-Type: image/gif
Content-Length: 15238
Last-Modified: Fri, 20 Jan 2023 14:30:33 GMT
Connection: keep-alive
ETag: "63caa589-3b86"
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
www.acint.net/mc/?dp=10
193.3.184.137302 Found 154 B IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://afeera.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Fri, 03-Feb-23 12:52:16 GMT
aid=fwAAAWPdASislBRgUuePAiO5LXrHX+ILJPGdhzhOGa8r+RX+; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=84619945&u=http%3A%2F%2Fafeera.net%2Fclassifieds%2Fbrowse-ads%2F58%2Fwater-coolers&r=&rs=1280x1024&t=Browse%20Ads%20-%20afeera.net&oE=1&oP=1&dT=2023-02-03T12%3A42%3A47.316&fu=4366f358-85ae-4872-a398-8e71978ae7fd
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=84619945&u=http%3A%2F%2Fafeera.net%2Fclassifieds%2Fbrowse-ads%2F58%2Fwater-coolers&r=&rs=1280x1024&t=Browse%20Ads%20-%20afeera.net&oE=1&oP=1&dT=2023-02-03T12%3A42%3A47.316&fu=4366f358-85ae-4872-a398-8e71978ae7fd
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=84619945&u=http%3A%2F%2Fafeera.net%2Fclassifieds%2Fbrowse-ads%2F58%2Fwater-coolers&r=&rs=1280x1024&t=Browse%20Ads%20-%20afeera.net&oE=1&oP=1&dT=2023-02-03T12%3A42%3A47.316&fu=4366f358-85ae-4872-a398-8e71978ae7fd HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://afeera.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=fwAAAWPdASiqExRcHtDXApU2QwlvFNgFsuT8UBrKnip0UTAF; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/assets/uploads/macan-semibold.woff2
104.17.47.69200 OK 48 kB URL HTTP/2 npm-assets.fiverrcdn.com/assets/uploads/macan-semibold.woff2
IP 104.17.47.69:0
File type Web Open Font Format (Version 2), CFF, length 47976, version 1.13107\012- data
Hash d147812d01ddb77d6c271d088b816751
bebc297982023dca903b13947e0851534081f608
1bcb1ad44f979607a19e068cfb421f5a930bf283f60920d7164af2e656cb1e7c
GET /assets/uploads/macan-semibold.woff2 HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: font/woff2
content-length: 47976
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 25 Jan 2023 10:00:51 GMT
etag: "d147812d01ddb77d6c271d088b816751"
cf-cache-status: HIT
age: 5377
expires: Sat, 03 Feb 2024 12:42:16 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
set-cookie: __cf_bm=QbIWpdfctjKlksVre483uxdE3w_ovB1wthqaZ9FAj4A-1675428136-0-AUbIZV4MI5LIZ+qmbyB+EBUDsqAYgSHA2j1qKwIvxkUzLTfCQzCkbf8EAkAXrkHxgULx3GpldXc+qDo8qJf6ejg=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BokiOmIpGdyOJ9eQvhHc2LG40Mgnl7TjvDQQSyeJDa7ihjJJB8%2Boxl%2FAdddWLifBduv6jtPTnpQsSzrYZYHehTfnU4V3Bgd%2FmydmhyGZOuHwj%2F7n7Zko37REwyAxsAYO9SVj%2BdMXUn1pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
server: cloudflare
cf-ray: 793b3ede2adab50c-OSL
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/assets/uploads/macan-bold.woff2
104.17.47.69200 OK 48 kB URL HTTP/2 npm-assets.fiverrcdn.com/assets/uploads/macan-bold.woff2
IP 104.17.47.69:0
File type Web Open Font Format (Version 2), CFF, length 48100, version 1.13107\012- data
Hash 502483a0eb7a0109bba05fbd9b3743e7
22aabd7dc1643ab1def8f44f8f101356c9627497
71a40ad81f28cfe2c904306894b3a193e537b72118cf49b8903975db2c8ee264
GET /assets/uploads/macan-bold.woff2 HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: font/woff2
content-length: 48100
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 05 Jan 2023 08:37:51 GMT
etag: "502483a0eb7a0109bba05fbd9b3743e7"
cf-cache-status: HIT
age: 5377
expires: Sat, 03 Feb 2024 12:42:16 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
set-cookie: __cf_bm=fBagbHf5u1E9Y4kiQLOVSAkBuX7DwlSlE5iKVEkYqwE-1675428136-0-AUSQYzav91ISoUAsvH+mxWcOR3R31DsDw4DgSoQA2G0r0oapcAoWbbpS1Q1zgdxKy/mYVGThXvkgEpm3m9ID1X8=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwG4hGGNx%2FuUYftqHnZz1TcR1i2ePQKL7XVR1G0QKbOn7K8AcjHGfx6TjbKTiuN6i3x%2BLnrxnY8PP2uBvMHhY5fNT25lv6kQRKLK0gG%2FPzVbbfK0GIBY7tKyjhEXuilksS41c2P22HhqnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
server: cloudflare
cf-ray: 793b3ede2addb50c-OSL
X-Firefox-Spdy: h2
tools.fiverr.com/wp-includes/css/classic-themes.min.css?ver=1
104.18.254.23200 OK 666 B URL HTTP/2 tools.fiverr.com/wp-includes/css/classic-themes.min.css?ver=1
IP 104.18.254.23:0
Hash 7b87e75a99c82fd2eb36720d48e4da97
4b99c9b78c1c7cc0c17dabb4bb0c44c12b322883
0a3b00058c287b68086142e1c83a9eba229e46d36ffea919effb8d0ca6406c24
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
etag: W/"6357e86c-d9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUB5MFlUlVHJi2zLJiXrg5VtOfvuSVAprXRzq7udWK%2BX02zX5PnvIBCbzmKWm0iAANkmXD4sStjCLgQnW8R305CQOb3tFZ%2Baab9AmbXcLz5TnWVB8UyKKFbOuZY%2FSPERZWA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=126.000166
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3eddba13b521-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fiverr-res.cloudinary.com/t_profile_thumb,q_auto,f_auto/attachments/profile/photo/55fe0c03fe2b80f400fdc746fe47259c-1547384814547/9961e471-a7b5-4ad3-8535-9478f347ebd2.jpg
2.18.172.42200 OK 1.5 kB URL HTTP/2 fiverr-res.cloudinary.com/t_profile_thumb,q_auto,f_auto/attachments/profile/photo/55fe0c03fe2b80f400fdc746fe47259c-1547384814547/9961e471-a7b5-4ad3-8535-9478f347ebd2.jpg
IP 2.18.172.42:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 85878364478a56a42737411c286263a8
7eeb68b645b0983dcf7447b2904dc5ad2f6c4229
1e09cb62a0aede399980fbf489ce911d3a4ecccaf30af381a9088e6b71845958
GET /t_profile_thumb,q_auto,f_auto/attachments/profile/photo/55fe0c03fe2b80f400fdc746fe47259c-1547384814547/9961e471-a7b5-4ad3-8535-9478f347ebd2.jpg HTTP/1.1
Host: fiverr-res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="9961e471-a7b5-4ad3-8535-9478f347ebd2.webp"
content-type: image/webp
etag: "85878364478a56a42737411c286263a8"
last-modified: Sun, 20 Jan 2019 09:25:53 GMT
content-length: 1470
date: Fri, 03 Feb 2023 12:42:16 GMT
cache-control: private, no-transform, immutable, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: *
server: Cloudinary
strict-transport-security: max-age=604800
vary: Accept,User-Agent,Save-Data
x-content-type-options: nosniff
server-timing: akam;dur=6;start=2023-02-03T12:42:16.767Z;desc=hit,rtt;dur=4
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f525.svg
192.0.77.48200 OK 117 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f525.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (822), with no line terminators
Size 117 kB (117219 bytes)
Hash 196b46a4f7480f317f71ae2752e7a00d
a6eeacafc15bbac821956e51cc43ee3b3a89e4e4
9cea0fcd0f5ed3b3aef8b159f318e96a3273ebcc54fc0d94cfdc705f312abbb2
GET /images/core/emoji/14.0.0/svg/1f525.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-WZFKGD9MZP
142.250.74.40200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-WZFKGD9MZP
IP 142.250.74.40:0
File type ASCII text, with very long lines (19467)
Hash aa5dd47f9283d03e480e95fa1260c10f
96b6cb6c2ea455b32c2f7e55e7afd13cef345337
82baa7b94a6f4ac6ba6198ad6a0a71a4b00fbd9fc3d968fe6cea647b9666f89a
GET /gtag/js?id=G-WZFKGD9MZP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 12:42:16 GMT
expires: Fri, 03 Feb 2023 12:42:16 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77022
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/translations-hub/v2/published/copies/fileSizes-en-US.c1972173f214c0cc97bc86533ab8c646.js
104.17.47.69200 OK 1.9 kB URL HTTP/2 npm-assets.fiverrcdn.com/translations-hub/v2/published/copies/fileSizes-en-US.c1972173f214c0cc97bc86533ab8c646.js
IP 104.17.47.69:0
File type Unicode text, UTF-8 text, with no line terminators
Hash c8451da6e50ac57730dcadb92c3c8368
b0b83324b0de219776283475c1461d671e6cffe6
bb014953d387961b9fb6c5493e045ad268fcf3204f4201424d9398e68626c051
GET /translations-hub/v2/published/copies/fileSizes-en-US.c1972173f214c0cc97bc86533ab8c646.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: minify
etag: W/"c1972173f214c0cc97bc86533ab8c646"
last-modified: Tue, 17 Jan 2023 07:46:17 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 718
expires: Mon, 06 Mar 2023 12:42:16 GMT
cache-control: public, max-age=2678400
set-cookie: __cf_bm=_KZGAWmw1wF_kpctHtmRZS9nKzoraR4c6.k_Kuv46lw-1675428136-0-AYYEiTt7+4Gj5p0b3o0PrmPTe8KPr3dgFnbsGfsbg3WorDOWK8nv5ACdOqSlE65MekK3F676LT/rQclS+acGkDI=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDn7kYZEhtQOFRzuTrFnrCCRDp2uueSYdpxWD326HSPg3Om219Cn3%2F23O6FJRLa1LhrdCwEGwKgcWZZLdiy2UpGeWIcoRHtJdB4V56w799fn49Veyj7LuIcP%2F1CQyFNbT4z9GlQ3xNa9oA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3eddca48b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/translations-hub/v2/published/copies/languages-en-US.d4315162fa126f217d52e129da61300f.js
104.17.47.69200 OK 2.1 kB URL HTTP/2 npm-assets.fiverrcdn.com/translations-hub/v2/published/copies/languages-en-US.d4315162fa126f217d52e129da61300f.js
IP 104.17.47.69:0
File type Unicode text, UTF-8 text, with very long lines (2849), with no line terminators
Hash fe19261a4c18e98d77bc7fbceb93d500
79098fd9e456db69c383c6281dcb3e1065c9c2ee
d5428b3be478236804ae86e6df262aa8f03b0dac38c010328fdaa0260d811d8a
GET /translations-hub/v2/published/copies/languages-en-US.d4315162fa126f217d52e129da61300f.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: minify
etag: W/"d4315162fa126f217d52e129da61300f"
last-modified: Tue, 17 Jan 2023 07:46:17 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 5345
expires: Mon, 06 Mar 2023 12:42:16 GMT
cache-control: public, max-age=2678400
set-cookie: __cf_bm=veDkccgQ2_jNBfTIS2vGVBGC05Gs75VSNN_8P58_ZrA-1675428136-0-AXWSwruOT8qZnmmmDiO2B3i3Ks1ZSkCUjfrDFSB5APl4OdmFj1FFviHb0Jx7nEVNxTJ8Tn5O2pLXfZF3yQ+3P6Y=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHFDzcVcc2W1FZY8QWA%2FmwuBZtvusq5p%2BNbF7ho7NOnj4KuhOVukjdo%2BoH7mSOU1nNaJ0S4PO75uuRyamoaxNxHIIBNYORSwyeYvUuanfNjPVzqYz3U95fcS5V9%2FrkDiDhij8ilDOdXJyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3eddda4db50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
p11.techlab-cdn.com/e/65257_1825232159.js
95.101.10.208200 OK 6.0 kB URL HTTP/2 p11.techlab-cdn.com/e/65257_1825232159.js
IP 95.101.10.208:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (517)
Hash 4da12d649c49eb24a2b87408ad161200
5c71537465ab90c9d2bdd4ceaa603c06c5c6eff8
8881190fa4cdda123fe962619d54ec6a56aeb6b432576d1946d3ec856268eab4
GET /e/65257_1825232159.js HTTP/1.1
Host: p11.techlab-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.fiverr.com/
Origin: https://www.fiverr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-md5: uCd5irYaQbFEuwNKJ59UGA==
last-modified: Wed, 15 Dec 2021 00:34:30 GMT
accept-ranges: bytes
etag: "0x8D9BF62A8923636"
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
content-length: 5956
cache-control: max-age=600
expires: Fri, 03 Feb 2023 12:52:17 GMT
date: Fri, 03 Feb 2023 12:42:17 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
p11.techlab-cdn.com/e/65226_1825232221.js
95.101.10.208200 OK 33 kB URL HTTP/2 p11.techlab-cdn.com/e/65226_1825232221.js
IP 95.101.10.208:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (46725)
Hash 57fb7e486c419bf3f0924acb2e02622d
f2cd0ebfbb1faa828b315a5ee6b542edea22d4ba
cdf3f9bd272e50fea9f1def1c531761dfb38df7eb47363c5d6ed54dece4753c8
GET /e/65226_1825232221.js HTTP/1.1
Host: p11.techlab-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.fiverr.com/
Origin: https://www.fiverr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-md5: SXxgqgysjhD+doh01gfTBg==
last-modified: Tue, 22 Jun 2021 09:56:19 GMT
accept-ranges: bytes
etag: "0x8D93563FBF1CA03"
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
content-length: 32564
cache-control: max-age=600
expires: Fri, 03 Feb 2023 12:52:17 GMT
date: Fri, 03 Feb 2023 12:42:17 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
p11.techlab-cdn.com/e/64885_1825202523.js
95.101.10.208200 OK 1.5 kB URL HTTP/2 p11.techlab-cdn.com/e/64885_1825202523.js
IP 95.101.10.208:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (507)
Hash 33b96ec8bdb33430934f1229780a933b
62bea1715f4d4df9498d2746e561717cb4c0db0c
55572a09bb03f99cec31d03582711f551b061780e1861234ce1a4c249e780270
GET /e/64885_1825202523.js HTTP/1.1
Host: p11.techlab-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.fiverr.com/
Origin: https://www.fiverr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-md5: DnvBZTKTbXGPNtxH2P6zMg==
last-modified: Sun, 24 Apr 2022 12:00:07 GMT
accept-ranges: bytes
etag: "0x8DA25E9F9A41165"
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
content-length: 1470
cache-control: max-age=600
expires: Fri, 03 Feb 2023 12:52:17 GMT
date: Fri, 03 Feb 2023 12:42:17 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
p11.techlab-cdn.com/e/65319_1825202523.js
95.101.10.208200 OK 18 kB URL HTTP/2 p11.techlab-cdn.com/e/65319_1825202523.js
IP 95.101.10.208:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (552)
Hash eea1bd4b030789c7992c125c1cdbf8b3
a094021d62a62385f42f66c60b7b4ad103f1e0e4
84b11995244e59d33449fb9c16d8f8c1ee4258fedbeb3e0a40aa4cdf262f6ec4
GET /e/65319_1825202523.js HTTP/1.1
Host: p11.techlab-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.fiverr.com/
Origin: https://www.fiverr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-md5: JYEgCWdrWBLwxS45s4Z1wA==
last-modified: Sun, 03 Apr 2022 14:58:03 GMT
accept-ranges: bytes
etag: "0x8DA15825A7AF912"
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
content-length: 18209
cache-control: max-age=600
expires: Fri, 03 Feb 2023 12:52:17 GMT
date: Fri, 03 Feb 2023 12:42:17 GMT
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-methods: GET, POST, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/assets/@fiverr-private/vendors-react-helpers/production.8b822ac895ac274d36a5.js
104.17.47.69200 OK 14 kB URL HTTP/2 npm-assets.fiverrcdn.com/assets/@fiverr-private/vendors-react-helpers/production.8b822ac895ac274d36a5.js
IP 104.17.47.69:0
File type ASCII text, with very long lines (51239)
Hash 1c340c14c239debf4c9dab77e8aaf487
4c8c867f9778e4682fbba9703ba55e81bee9354f
68ccab8d68220b121181218ff031341ee5f7572b9e8b0cd9c232f3007a826a8e
GET /assets/@fiverr-private/vendors-react-helpers/production.8b822ac895ac274d36a5.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 18 Aug 2022 09:30:06 GMT
etag: W/"d39c82526c8146afefa7482dc0148d9d"
cf-cache-status: HIT
age: 5376
expires: Sat, 03 Feb 2024 12:42:16 GMT
cache-control: public, max-age=31536000
set-cookie: __cf_bm=UmEK_8ZRT6pFKhZjKcy2H7dl5TPVMVkqyhIwz9wWMnU-1675428136-0-AQYs+cCJPtWJfYxcuE+9aBFZgJoiY7vtC2emYYgQvcIj2jm0KazRYinAzFN7w3cQaltFDt39UwCsrDDYE0xhGm4=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJPrsLRn9N58VEYA9clroLEpSwOBor6P7%2B5SYqS1%2BSZ3PVy%2BGQr1LCs1HWX2wwWJ048AtU0lSjabJdQAmQpdbWzdo8cxWaQOejzC3tFSPDtHdX0f2pD5J8kQ0T58lmJv9knvgCEAdGUJfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3eddca42b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.fiverr.com/api/v1/activities
104.18.254.23200 OK 2 B URL HTTP/2 www.fiverr.com/api/v1/activities
IP 104.18.254.23:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/v1/activities HTTP/1.1
Host: www.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
X-CSRF-Token: 1676637736.4c9WFJ/ow+9+4mihfFRjPUQ6UrYisWhWKqRS4dY+eKU=
Fvrr-Page-Ctx-Id: ec5ac8931ca73d6baaa042f0d6e4d64c
Content-Length: 1128
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/gig_widgets?id=U2FsdGVkX18+dzmnbDd/W4q6EZGR4hMt7nWWB7HjL3CaKBlKlqaYZPqy/yXjIQpneL4R7Qkyg7alflszMVQhGHbqBX8bbGfmaeHHZSUFR3BDclYvDA3TDQVHNngyxaLInqW9v6zCLqZBCj+2LapyD2RAA0Fg+aGqa36RKIALVJ33I29mcjGfRmA9L+0bCgo4wK/k9AubWzmdHeUM0tOiM91LpWsR80R5SBbFd8sNaJrdp23MChloFsY8RW4rRt1pU+iSOi2LMogpDYvfRNRLg/3LDoboSIlIMyDrYu0NBR4pqNWPSH18sG4GmLRmkJHm8gtOFYSxctnU89IXb6TPbhTHssFfSmRUW3znzjZ67plPJ3fhUVYlwO+qx3f0f/OFYDq6QQIOcwdA+rXM4LiV1EVPdOo7GhkSnai+Jvu+8HHb/QQHu3kfmsK8IidMzqVMXq69RIiTWjr1X5HxvUYFz71E1tF7zqIAZPNUQVrWzButSRr0TWg6BILnXDoW6NUBatB49xV9PKV5D45wwzceEndXwEQVotJvKtyJrFNtMmNFFV4PFI9uNuNjJ7x7zfl+EBN3a9gdRqoR1Aba1Gt5TQeyFSyn9UV8us5kcZbwstDaOh+WEIz6zeM8uAMRnAeOzsib+uBepOmtBSSafTB/umchklkywkOjYN6IwuQZd4M=&affiliate_id=153556&strip_google_tagmanager=true
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: application/json;charset=UTF-8
content-length: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Db%2FLk8w%2BQLMVsj%2FEUQSrHXAbMjVaOkI4jOJhFFhhobNRHwuuDqoU3IGC96L3hOZ%2BZYskMnHe3Bj8Lii5Wn%2F5ofj95wCD0zHWXFuvh76CaxWDe79e42KrluH8z6Bz9wdu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: lb;dur=2;desc="External Load Balancer", nx;dur=0.003;desc="External Load Balancer", cfRequestDuration;dur=122.999907
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3ee04d95b521-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d9cc17bf9039cfaef765d21d96a6df1b
61b7877eb180495698ac22160165f970a9b2dcdd
6909da1af53f16eb90d8d40e5f57fc76205ccdefeee2c5502a1f522a10cf68f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6909DA1AF53F16EB90D8D40E5F57FC76205CCDEFEEE2C5502A1F522A10CF68F7"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13800
Expires: Fri, 03 Feb 2023 16:32:17 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 625db98ded64d33f3649378918788897
e48be419f8559bf38d62d48bb391251f40553fcf
934f40c7f5a20e2d2f241da3087d4166bcb2481a6ee6e3970c93b8ccfeddf543
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "934F40C7F5A20E2D2F241DA3087D4166BCB2481A6EE6E3970C93B8CCFEDDF543"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8517
Expires: Fri, 03 Feb 2023 15:04:14 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin//assets/css/style.css?ver=1
104.18.254.23200 OK 2.4 kB URL HTTP/2 tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin//assets/css/style.css?ver=1
IP 104.18.254.23:0
Hash c10a3470d981e77fd929bb4a7d73ee01
0e805a06cf3956358b77e9306c251bcab1b9bb8e
c618bb0f72cd23ea60315bf2be22ffd06ff24f5a8d958d7c54a704eef712b554
GET /wp-content/plugins/nn-fiverr-plugin//assets/css/style.css?ver=1 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 28 Mar 2021 04:31:22 GMT
etag: W/"6060069a-5bf"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETFXxDciS7cWQ4qwaBqbgzTvPh0%2B2XAwPujEdFNwVX%2BB88v8sgcdfTxoxnGSBOxg1g8mDeSxmMNr2JoZ3M0uC09vjFYqAYtjofAB%2FKQOj%2F9zKOn1EWLM3ycVRRMs0b4oOf0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=500.000000
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3eddba1bb521-OSL
X-Firefox-Spdy: h2
tools.fiverr.com/wp-content/themes/twentytwenty/style.css?ver=1.6
104.18.254.23200 OK 24 kB URL HTTP/2 tools.fiverr.com/wp-content/themes/twentytwenty/style.css?ver=1.6
IP 104.18.254.23:0
Hash 56e3583d7834be725b9ae7f59aebbf9e
aa9fcbf832317cdc3a8120b89edfdab25254f237
54c95d87561c0cd51e9f312f862de439c4c5c05737cbaa5c961e6b1387214620
GET /wp-content/themes/twentytwenty/style.css?ver=1.6 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 28 Mar 2021 04:31:22 GMT
etag: W/"6060069a-1f236"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqVP4woSUC7gFiMSGz7I4RN3AI2g%2FJCOCPmOKvocPVD0TZwOyrGvfyLVrYBtxi8cTy89pD538Z9NUpAPMe8imgYF2X6xy1q%2BhI4Crr1Kgq1l8ryiZCX8d35j5el2MhrnOjw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=449.999809
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3eddba17b521-OSL
X-Firefox-Spdy: h2
tools.fiverr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
104.18.254.23200 OK 6.9 kB URL HTTP/2 tools.fiverr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 104.18.254.23:0
Hash 18dabd46c399e50261cda81e5f625963
d69433aba42567e333adb6859d0a761d41d5651c
74291664dd00bb170c2368812e47f9333e2d87cd5d3f4a4ec2103434aef6fd07
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
etag: W/"62551487-48b9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8wfahfs5Htu09d9kG%2FfJMj7YsFB8e896gE%2FpH0fYJ86VUGWAK%2Bp9Fnm46ApVoQl0w%2FV6JggP5zjspx3D1xID%2F4TF7Ev5kR35%2FRTqTMLf5q1Dm7UBCscDUHbZrS16mjggxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=394.000053
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3ede2ac5b521-OSL
X-Firefox-Spdy: h2
afeera.net/wp-content/uploads/2023/02/harry-styles-at-grammys-2023-feature-86x64.jpg
178.128.249.233200 OK 2.6 kB URL HTTP/2 afeera.net/wp-content/uploads/2023/02/harry-styles-at-grammys-2023-feature-86x64.jpg
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 86x64, components 3\012- data
Hash cc7d2ad3a9b22c09170cf44e4191f798
afc0d8506020579d0d37998dd064b02c59ed8872
229ec303536b61b90a0e53feb0dfd4871283c096f24957ac8af4c176ff4f7658
GET /wp-content/uploads/2023/02/harry-styles-at-grammys-2023-feature-86x64.jpg HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/jpeg
content-length: 2638
last-modified: Fri, 03 Feb 2023 10:29:10 GMT
etag: "63dce1f6-a4e"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 59b8aa89e5e22582e40e32d167605c34
f91dcd506ba266e9691399c4e6eb1ee12ee679f8
6a639dd8dd0a8d8cfa8d924850d904056137ca264a8657da43db2db143a4ff5f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A639DD8DD0A8D8CFA8D924850D904056137CA264A8657DA43DB2DB143A4FF5F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16264
Expires: Fri, 03 Feb 2023 17:13:21 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/css/searchbox-iframe.css?ver=1
104.18.254.23200 OK 2.3 kB URL HTTP/2 tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/css/searchbox-iframe.css?ver=1
IP 104.18.254.23:0
File type ASCII text, with very long lines (16305)
Hash 7f72d298b8891da083b509897fa7fb74
798a83a1e9c5a3a3aed7c9dc005f3a437f25ea16
477d46a88d5c9b68606c7efd020a110d2c79e0a9d90aa8c2b52334fc6aea6977
GET /wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/css/searchbox-iframe.css?ver=1 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 28 Mar 2021 04:31:22 GMT
etag: W/"6060069a-3fe3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rElAhM9dO5Npad2QQFfmjb00h3Xqcxq687s8Na5J15kG8y3Y49ZKJUMpQJfQYMrVVn0mRNASYZeu55f6Wx1NkiO1zj%2Bi6%2FVESY%2BymYd7bfT5fEUcml1B3xSA3h1LK%2BJ0bn4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=399.000168
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3eddba19b521-OSL
X-Firefox-Spdy: h2
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
193.3.184.212302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP 193.3.184.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=3203420A2901DD6351001C9102A129AB
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=CkIDMmPdASmRHABRqymhAst3nbp4Qd1S4W9hqIk9TlWpsMud; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css
216.58.211.3200 OK 4.3 kB URL HTTP/2 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css
IP 216.58.211.3:0
File type ASCII text, with very long lines (23413), with no line terminators
Hash c41e5d33c01691d96d76486b1544004b
20b040a572de3003c9977df33e2d631efb9cb68c
f063d4dbe944940b190b4da3716cc71fca549b9fd46d4b30ecf8e0c4a651593c
GET /_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4259
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:28:28 GMT
expires: Fri, 02 Feb 2024 18:28:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 06:11:41 GMT
content-type: text/css; charset=UTF-8
age: 65629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 894948b5d268f1d2a21f7d915eb79138
5fe7d1a9c6301b317b73f4037b29856eac674931
cb23963aab51ebbb8c7626800a4b1df5222c068cecf4538511cb38dbbb0960d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB23963AAB51EBBB8C7626800A4B1DF5222C068CECF4538511CB38DBBB0960D5"
Last-Modified: Thu, 02 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2720
Expires: Fri, 03 Feb 2023 13:27:37 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 5fbedab2dc8247bc42f9c12d15f50906
d582f74349c95a8b513fb7284b037ab5253c8e54
114314e7ca721ff8b2c2b8a332addc6e1c6b903d6d326bb77ad3d1c16072ef9b
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 07 Feb 2023 09:11:24 GMT
ETag: "d582f74349c95a8b513fb7284b037ab5253c8e54"
Last-Modified: Fri, 03 Feb 2023 09:11:25 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3570
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b3ee20e37b50b-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5431f65b9752265c73dfc20feb11c708
a02c33915a5a1d746fe3f0a0110780a4ecf16cf5
1ab127bb9135946104c60ec117163be6987288b63a642decc67cdbf2274597e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1AB127BB9135946104C60EC117163BE6987288B63A642DECC67CDBF2274597E2"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=158
Expires: Fri, 03 Feb 2023 12:44:55 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
npm-assets.fiverrcdn.com/assets/uploads/macan-light.woff2
104.17.47.69200 OK 0 B URL HTTP/2 npm-assets.fiverrcdn.com/assets/uploads/macan-light.woff2
IP 104.17.47.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/uploads/macan-light.woff2 HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: font/woff2
content-length: 47348
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 05 Jan 2023 08:37:51 GMT
etag: "9b72a311bb35194ff57bd6276ffbe2e7"
cf-cache-status: HIT
age: 5377
expires: Sat, 03 Feb 2024 12:42:16 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
set-cookie: __cf_bm=vKgCb4zlirMmI5AprVXgxhBkPgWwYRougdUumUg0bLk-1675428136-0-AQZsrxhDmiYTE7vsIopB7WAAI+sTA4J5ejsYqTBLT84GUiDWlgKY2NpUnCXG77vaKGYKMjelynjllVIYcNFjQJA=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmTlh0TYJhwkprkZSAjff8%2BV6k%2FNW33cev3IToeqKArAvKe2gi9gc%2FkOd%2BndxYGjWcUNEPZ3as0QZ5pnaT03HODCFIHE1cocg3FPtzvVEuJbJNAErEva9x2vxCrU5crtR5hnFcZy7TZLOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
server: cloudflare
cf-ray: 793b3ede2adcb50c-OSL
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync
88.198.16.238302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP 88.198.16.238:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1675428137303;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1675428137303;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
a.utraff.com/sync?ssp=Sape
104.21.59.66204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=Sape
IP 104.21.59.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=Sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Sun, 05 Mar 2023 15:42:17 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Sun, 05 Mar 2023 15:42:17 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aj8ron%2FvUHq%2BIdx9xCcTOS5syIOt941oqlzFfiSwBs%2FbAISgXqwJXUN06PH%2BkHT6HQgPtnwFi9iIOtdFMxtEgSAHCymFUuk%2FE6%2Fbe64C2pkTh6bGes2GfAl3enkwe3o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793b3ee1ef8eb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e798950bda0d223c428c68b3bc79c280
ce614125a64c75310142da2a7a0edba425f0fe71
04a09a43fd071a2426aa56f15b14bc65ca366381e00e647de8623351111d374f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04A09A43FD071A2426AA56F15B14BC65CA366381E00E647DE8623351111D374F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11672
Expires: Fri, 03 Feb 2023 15:56:49 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash aa462c0924ed4264cfec9c27f31963f0
5ac1625a35dcd44b33f94de25ea8fd069e3136de
6b0ada644929e561f608ed2bc8f8594dd112adc58441fdc3f697fe0fa15328bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B0ADA644929E561F608ED2BC8F8594DD112ADC58441FDC3F697FE0FA15328BD"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11064
Expires: Fri, 03 Feb 2023 15:46:41 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
www.fiverr.com/gig_widgets/sdk
104.18.254.23302 Found 130 B URL HTTP/2 www.fiverr.com/gig_widgets/sdk
IP 104.18.254.23:0
File type ASCII text, with no line terminators
Hash 4e190e6c132cdac822d7514a37776918
6df1bacf85b03955e6a31cea9a77ec2f1bd1727c
2148814a4e781077b8232b7a8bcdbc9ad7081f3a1a546fbb3d3d72bbfb46bb0c
GET /gig_widgets/sdk HTTP/1.1
Host: www.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: text/plain; charset=utf-8
content-length: 130
location: https://npm-assets.fiverrcdn.com/assets/@fiverr/gig_widgets_perseus/apps/228f8ceae2a940b6ccfcef4d21bf0684.js
etag: W/"82-bfG6z4WwOVXmoxzqmnfsLxvRcnw"
vary: Accept
set-cookie: _pxhd=2Wrgkd8ZQHbJvh6cqLFpf0/6YxU5ZRk/NyV2ALCSt57iEnbHFn-Olj7l8qCgj88YdbI--Qp66JN0ywwe58GE4w==:bW5x0xF5pJsvngo7TJPajTDGAXsmP33JVFZNXi4qq1As54bdC8fM8sXX2nTiOPJ0EZoI8WorAgTqyw3aXcJToLp2Dyi2GMe3Ba09yxJ3U6c=; Expires=Sat, 03-Feb-24 12:42:17 GMT; Path=/
logged_out_currency=EUR; Domain=.fiverr.com; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hmUTTeFshtE8l%2F1Ivq6Lp7pZq522WOXgPPAEnjMSsu%2B0m3nZhoQCglZL17craypZYNQJnTxEMFRybJB1BI5%2F4rvyu39y2wOOxR5amqNKDy84ymdOXeSNqKYzzuYUFxl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: app; dur=3.997263; desc="Application Response Time", gw; dur=7; desc="API gateway", lb;dur=9;desc="External Load Balancer", nx;dur=0.043;desc="External Load Balancer", cfRequestDuration;dur=164.000034
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3ee14edfb521-OSL
X-Firefox-Spdy: h2
www.acint.net/match?dp=129&euid=qzahrdtgui
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=129&euid=qzahrdtgui
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=129&euid=qzahrdtgui HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPdASiqExRcHtDXApU2QwlvFNgFsuT8UBrKnip0UTAF; cSyncDp7v2=1675428136; cSyncDp14v3=1675428136; cSyncDp17=1675428136; cSyncDp32=1675428136; cSyncDp45v3=1675428136; cSyncDp53v2=1675428136; cSyncDp62=1675428136; cSyncDp67v2=1675428136; cSyncDp68=1675428136; cSyncDp71=1675428136; cSyncDp85=1675428136; cSyncDp95v3=1675428136; cSyncDp98v2=1675428136; cSyncDp101=1675428136; cSyncDp104v2=1675428136; cSyncDp107=1675428136; cSyncDp110=1675428136; cSyncDp125v3=1675428136; cSyncDp126=1675428136; cSyncDp127=1675428136; cSyncDp129=1675428136; cSyncDp136v2=1675428136; cSyncDp146=1675428136; cSyncDp148=1675428136; cSyncDp149v2=1675428136; cSyncDp151=1675428136; cSyncDp178=1675428136; cSyncDp186=1675428136; cSyncDp221=1675428136; cSyncDp235=1675428136
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/sape?id=0100007F2801DD635C1413AA02D7D01E
194.55.244.182204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=0100007F2801DD635C1413AA02D7D01E
IP 194.55.244.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007F2801DD635C1413AA02D7D01E HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.23.2
date: Fri, 03 Feb 2023 12:42:17 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 594197b8439126d23e121f1ca0c13432
4f486347f2c158dd22320bf163d9021558df4d20
8f051c699a35cafa718c89fb163edb8d8869676ec77df84780b8ed83ad9e76ab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F051C699A35CAFA718C89FB163EDB8D8869676EC77DF84780B8ED83AD9E76AB"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9655
Expires: Fri, 03 Feb 2023 15:23:12 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 594197b8439126d23e121f1ca0c13432
4f486347f2c158dd22320bf163d9021558df4d20
8f051c699a35cafa718c89fb163edb8d8869676ec77df84780b8ed83ad9e76ab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F051C699A35CAFA718C89FB163EDB8D8869676EC77DF84780B8ED83AD9E76AB"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9655
Expires: Fri, 03 Feb 2023 15:23:12 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
acint.net/match?dp=14&euid=3203420A2901DD6351001C9102A129AB
193.3.184.137200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=3203420A2901DD6351001C9102A129AB
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=3203420A2901DD6351001C9102A129AB HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPdASiqExRcHtDXApU2QwlvFNgFsuT8UBrKnip0UTAF; cSyncDp7v2=1675428136; cSyncDp14v3=1675428136; cSyncDp17=1675428136; cSyncDp32=1675428136; cSyncDp45v3=1675428136; cSyncDp53v2=1675428136; cSyncDp62=1675428136; cSyncDp67v2=1675428136; cSyncDp68=1675428136; cSyncDp71=1675428136; cSyncDp85=1675428136; cSyncDp95v3=1675428136; cSyncDp98v2=1675428136; cSyncDp101=1675428136; cSyncDp104v2=1675428136; cSyncDp107=1675428136; cSyncDp110=1675428136; cSyncDp125v3=1675428136; cSyncDp126=1675428136; cSyncDp127=1675428136; cSyncDp129=1675428136; cSyncDp136v2=1675428136; cSyncDp146=1675428136; cSyncDp148=1675428136; cSyncDp149v2=1675428136; cSyncDp151=1675428136; cSyncDp178=1675428136; cSyncDp186=1675428136; cSyncDp221=1675428136; cSyncDp235=1675428136
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
afeera.net/wp-content/uploads/2022/03/business-times-footer-bg.jpg
178.128.249.233404 Not Found 12 kB URL HTTP/2 afeera.net/wp-content/uploads/2022/03/business-times-footer-bg.jpg
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
Hash a6907304164cd5ff6f184c76a84eb2d1
da938c55de9a8cdc5ea296c6db0817d4c7deec23
44e4453436d29a9305ffde74000efe5b84974ff45b4faf95131cf70509e8e4de
GET /wp-content/uploads/2022/03/business-times-footer-bg.jpg HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://afeera.net/wp-json/>; rel="https://api.w.org/"
set-cookie: PHPSESSID=bn8gfe56v772mjekciib63t9pq; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F2801DD635C1413AA02D7D01E
87.242.89.90200 OK 12 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F2801DD635C1413AA02D7D01E
IP 87.242.89.90:0
File type exported SGML document, ASCII text, with no line terminators
Hash d8932e1cb3ee147415fbf5591a7217ca
97da5b95fb7f60ecd8d9ed0e5a05d83ad5a9c070
c0327cbcde50f1ab8228334a550b947301123d6f6f7d625707cb6d08a1faec35
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F2801DD635C1413AA02D7D01E HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: text/html
content-length: 12
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
etag: "63d8131e-c"
accept-ranges: bytes
server: elb
X-Firefox-Spdy: h2
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
185.147.80.35302 Found 74 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP 185.147.80.35:0
File type HTML document, ASCII text
Hash a7a5b0bbdd2e4f876d00eb31916fd535
8f765a898f3ac559ad4f9f865067fd84a2febd42
5fec8601eb780e627afa285dd3e1cb563b4a0044884421eea657289f887a1129
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 74
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=KNLHSCSK
Set-Cookie: uid=KNLHSCSK; Expires=Mon, 31 Jan 2033 12:42:17 GMT
acint.net/match?dp=110&euid=492bd993482b4236953f637522db161b
193.3.184.137200 OK 43 B URL HTTP/2 acint.net/match?dp=110&euid=492bd993482b4236953f637522db161b
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=110&euid=492bd993482b4236953f637522db161b HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPdASiqExRcHtDXApU2QwlvFNgFsuT8UBrKnip0UTAF; cSyncDp7v2=1675428136; cSyncDp14v3=1675428136; cSyncDp17=1675428136; cSyncDp32=1675428136; cSyncDp45v3=1675428136; cSyncDp53v2=1675428136; cSyncDp62=1675428136; cSyncDp67v2=1675428136; cSyncDp68=1675428136; cSyncDp71=1675428136; cSyncDp85=1675428136; cSyncDp95v3=1675428136; cSyncDp98v2=1675428136; cSyncDp101=1675428136; cSyncDp104v2=1675428136; cSyncDp107=1675428136; cSyncDp110=1675428136; cSyncDp125v3=1675428136; cSyncDp126=1675428136; cSyncDp127=1675428136; cSyncDp129=1675428136; cSyncDp136v2=1675428136; cSyncDp146=1675428136; cSyncDp148=1675428136; cSyncDp149v2=1675428136; cSyncDp151=1675428136; cSyncDp178=1675428136; cSyncDp186=1675428136; cSyncDp221=1675428136; cSyncDp235=1675428136
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/oci.js?t=1675428167320
193.3.184.137200 OK 15 kB URL HTTP/2 www.acint.net/oci.js?t=1675428167320
IP 193.3.184.137:0
Hash bfc8a57bead6f285be5b90ddc91216b4
b65d315404d8376a9f0fff2911175a1dac20d29b
65b21b46be8fd29eda4588613aca89104c264c467ef856449b4d5fe6f5f7406e
GET /oci.js?t=1675428167320 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://afeera.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/x-javascript
last-modified: Mon, 09 Jan 2023 08:01:12 GMT
etag: W/"63bbc9c8-7dac"
content-encoding: gzip
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=Cvwc807uaa0sWing1Ebv
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=Cvwc807uaa0sWing1Ebv
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=Cvwc807uaa0sWing1Ebv HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPdASiqExRcHtDXApU2QwlvFNgFsuT8UBrKnip0UTAF; cSyncDp7v2=1675428136; cSyncDp14v3=1675428136; cSyncDp17=1675428136; cSyncDp32=1675428136; cSyncDp45v3=1675428136; cSyncDp53v2=1675428136; cSyncDp62=1675428136; cSyncDp67v2=1675428136; cSyncDp68=1675428136; cSyncDp71=1675428136; cSyncDp85=1675428136; cSyncDp95v3=1675428136; cSyncDp98v2=1675428136; cSyncDp101=1675428136; cSyncDp104v2=1675428136; cSyncDp107=1675428136; cSyncDp110=1675428136; cSyncDp125v3=1675428136; cSyncDp126=1675428136; cSyncDp127=1675428136; cSyncDp129=1675428136; cSyncDp136v2=1675428136; cSyncDp146=1675428136; cSyncDp148=1675428136; cSyncDp149v2=1675428136; cSyncDp151=1675428136; cSyncDp178=1675428136; cSyncDp186=1675428136; cSyncDp221=1675428136; cSyncDp235=1675428136
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
88.198.16.238302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP 88.198.16.238:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1675428137303
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=b0757ce0-6e3b-4828-8bd9-2fddd9bfc09d;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=b0757ce0-6e3b-4828-8bd9-2fddd9bfc09d;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=b0757ce0-6e3b-4828-8bd9-2fddd9bfc09d
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/oci/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=07049755&oid=39e8192718f4ed5a678fc273d654392b
193.3.184.137302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/oci/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=07049755&oid=39e8192718f4ed5a678fc273d654392b
IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /oci/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=07049755&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/oci/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=07049755&oid=39e8192718f4ed5a678fc273d654392b
tools.fiverr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
104.18.254.23200 OK 31 kB URL HTTP/2 tools.fiverr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 104.18.254.23:0
File type ASCII text, with very long lines (65447)
Hash eda1ad07d376932c38bea7853285aab4
df156c37682462dd3d6d3f48e97453ac5a783f57
c07ff656ac950fa1c0455328ae57afe1bad3e33295eee670af2038fc7d82c795
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
etag: W/"632879b8-15e54"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLf%2B%2FTcU3jIX4Rs7I%2BG2YhcrIbtWoPUDgyLsKyOr7FpFINAh7VdJZQc2aourF%2FBLZo9PWZNBo6gBShHcn%2FXmM02KZQsRv6ALDK%2BMOM6ZcHHxgE9WOsveSlBfjHpFi6XBcLU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=407.999754
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3eddca3db521-OSL
X-Firefox-Spdy: h2
pix.bumlam.com/sync/sape/check?sspuid=0100007F2801DD635C1413AA02D7D01E
31.172.81.172302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/check?sspuid=0100007F2801DD635C1413AA02D7D01E
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/check?sspuid=0100007F2801DD635C1413AA02D7D01E HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://sync.bumlam.com/?src=sape
ocsp.globalsign.com/alphasslcasha256g4
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.21.226:0
Hash dccc5f996d3f07f11ed0f8f8fcae384d
c4983a769acd6c42bff3d536b4ab5bd2f12ce0b3
fa9c074fb407ea4529e4b5c6b789c900bd619c87abac7c6c555f2d92b4fb80dc
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Tue, 07 Feb 2023 09:45:31 GMT
ETag: "c4983a769acd6c42bff3d536b4ab5bd2f12ce0b3"
Last-Modified: Fri, 03 Feb 2023 09:45:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1799
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b3ee2edeab524-OSL
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
167.235.33.113301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP 167.235.33.113:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash aabdcf757614d74262ca3824996a0c64
da929aeb7a4103a6d3c6071ef1829de1d09b899a
66ce0b5dfd54c3a526a9e53eaaac34f8ef2a0efdd199fb2b8da4db7b7ca40a09
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=ad47abc4-d5d8-4f8b-78f2-b0ce3a2f5fd8
serverid: TODO
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/assets/@fiverr-private/vendors-5rr/production.e95c4e6919a0d72358d4.js
104.17.47.69200 OK 17 kB URL HTTP/2 npm-assets.fiverrcdn.com/assets/@fiverr-private/vendors-5rr/production.e95c4e6919a0d72358d4.js
IP 104.17.47.69:0
File type ASCII text, with very long lines (44880)
Hash 7d776e0e60135c2ba19b84f48dd7cf68
4c174ff2f3af141bed19d8b7b7a05ff516d0f159
74bce996a0e97c66dac4ea809040ebf19d689d96e795352ba967281443260c64
GET /assets/@fiverr-private/vendors-5rr/production.e95c4e6919a0d72358d4.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sun, 27 Nov 2022 10:16:03 GMT
etag: W/"5c23f2bb1b242b059a76f9ff98483bf7"
cf-cache-status: HIT
age: 2835
expires: Sat, 03 Feb 2024 12:42:16 GMT
cache-control: public, max-age=31536000
set-cookie: __cf_bm=usM2MylnHiH9U9FyYRNboquaMwyHHY7XNzcFwIjcIKU-1675428136-0-Abb8lsPx6uezA9+G7pAcF/0oj1BqkoEecXpNoJsvhr0UzI4CJwrqiGzPos/jeIeSojXZoGxmuo3UAo0jW6pMfJQ=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnHn3u6AsICf2veoH3kc%2BbXfuZ%2BP0OEeVKeTA41QrQznXZBqlqwhVB7oCC5kYKxFI0ICIum3UZco%2F8oqIUjmLU9d5XGlsGEVdlHJwwf9HCMJ29XeEdX%2FtflFpNyqP61WkFYcyzf50vgnnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3eddca3fb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Libre+Baskerville:400%7CLibre+Franklin:400,600,700,500,400italic&display=swap
142.250.74.106200 OK 13 kB URL HTTP/2 fonts.googleapis.com/css?family=Libre+Baskerville:400%7CLibre+Franklin:400,600,700,500,400italic&display=swap
IP 142.250.74.106:0
Hash c51d83558ea4c4a78953b8740b6939d5
688a4e308880b1d1ea50f86389098d295a15f816
7fbd63b6a93848870c05e359afe253a5f591890448c66862caef8a51ebf932e7
GET /css?family=Libre+Baskerville:400%7CLibre+Franklin:400,600,700,500,400italic&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 12:42:15 GMT
date: Fri, 03 Feb 2023 12:42:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/assets/@fiverr-private/vendors-react17/production.ae3a8d7993e863f5c2b1.js
104.17.47.69200 OK 47 kB URL HTTP/2 npm-assets.fiverrcdn.com/assets/@fiverr-private/vendors-react17/production.ae3a8d7993e863f5c2b1.js
IP 104.17.47.69:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 54dd415b330050d867caad5a373db129
cc82fb03132dc62dbfc3313c8fa90c7913fe54c5
a6199fd65052a71c7f90bf083ad1f95bae306933af9f8499806b4df3de71b852
GET /assets/@fiverr-private/vendors-react17/production.ae3a8d7993e863f5c2b1.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sun, 27 Nov 2022 10:16:01 GMT
etag: W/"52a7f1b78c39d163f0c43d94479a5d06"
cf-cache-status: HIT
age: 2835
expires: Sat, 03 Feb 2024 12:42:16 GMT
cache-control: public, max-age=31536000
set-cookie: __cf_bm=y7CXCPw49sH41MwKla.lTPbPIgD77rXktWmUiNwBQ5w-1675428136-0-ATSXv8F5DYbPD4NkjRLm+6wlZzw2O22FiaABYy5cAm9G/s/qqDOI7nhqagY96T3k/NNaZxrusRadsmHC6nYvHKA=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCLgNtfbE4i5%2B12L%2FNDuRvgy4gEkhcbfx1ntANczt9LA0pBrmP3rE5pfC9z2hoAHQyZaIS810eyfguze488xKTV7iczP0X1O4mYHUaoVfmbBVTAadDF6gF1LnDvlMF5cw7B7vW5bcl%2FakA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3eddca40b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 29cbed0f6d8c99166782eb19e3b3b40a
a79f0c9f23b25cd341b7810ae7c65b4f2c606193
17b752520814b21a538551090467600dc8cefa1ca4da6f660c8046c729ccf316
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17B752520814B21A538551090467600DC8CEFA1CA4DA6F660C8046C729CCF316"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18390
Expires: Fri, 03 Feb 2023 17:48:47 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 567a77d32078f8c056112c4b4f4c3aeb
d25a2c066a19b96052c8cf886b9d942df1297cdc
44102bb97a1b5d4d7b29801e622fcbaf459b7b648d3369e09c682782044d3da5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3670
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 12:42:17 GMT
Last-Modified: Fri, 03 Feb 2023 11:41:07 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16703
Expires: Fri, 03 Feb 2023 17:20:40 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
www.acint.net/match?dp=95&euid=KNLHSCSK
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=KNLHSCSK
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=KNLHSCSK HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPdASiqExRcHtDXApU2QwlvFNgFsuT8UBrKnip0UTAF; cSyncDp7v2=1675428136; cSyncDp14v3=1675428136; cSyncDp17=1675428136; cSyncDp32=1675428136; cSyncDp45v3=1675428136; cSyncDp53v2=1675428136; cSyncDp62=1675428136; cSyncDp67v2=1675428136; cSyncDp68=1675428136; cSyncDp71=1675428136; cSyncDp85=1675428136; cSyncDp95v3=1675428136; cSyncDp98v2=1675428136; cSyncDp101=1675428136; cSyncDp104v2=1675428136; cSyncDp107=1675428136; cSyncDp110=1675428136; cSyncDp125v3=1675428136; cSyncDp126=1675428136; cSyncDp127=1675428136; cSyncDp129=1675428136; cSyncDp136v2=1675428136; cSyncDp146=1675428136; cSyncDp148=1675428136; cSyncDp149v2=1675428136; cSyncDp151=1675428136; cSyncDp178=1675428136; cSyncDp186=1675428136; cSyncDp221=1675428136; cSyncDp235=1675428136
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/domainedisplay-mediumItalic/stylesheet.css
104.18.254.23200 OK 11 kB URL HTTP/2 tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/domainedisplay-mediumItalic/stylesheet.css
IP 104.18.254.23:0
Hash 2d4172499945d1c58c4fc1ad3c61f9d8
929ab9fe40586272f1ad0c6b3fba04745c923e18
b119a03198a2ab1eed947d84051dde67b57052940da399f4c4a4f30c62b20fec
GET /wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/domainedisplay-mediumItalic/stylesheet.css HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/css/searchbox-iframe.css?ver=1
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 28 Mar 2021 04:31:22 GMT
etag: W/"6060069a-1cf"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaZLG8Y8RyGfox2iToMs5eeW3xLkB1DYBFKV9nVAW7ZOpGBZOkSFtQ%2Fywoq%2FnrKqhcbbXJDH%2Bcx56f8zw%2BxsepGzn6vqWRiLZMD4qoGOaUU1TNfGUdcocp%2Fqy%2FTsutKCT2k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=126.999855
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3ee13ed4b521-OSL
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/assets/@fiverr/gig_widgets_perseus/apps/228f8ceae2a940b6ccfcef4d21bf0684.js
104.17.47.69200 OK 876 B URL HTTP/2 npm-assets.fiverrcdn.com/assets/@fiverr/gig_widgets_perseus/apps/228f8ceae2a940b6ccfcef4d21bf0684.js
IP 104.17.47.69:0
Hash 0f6d3d82a4cf2087703c90145b858314
bca9107519e85d0b09cc9efa0f0a75d78d6cb4aa
fe534d9190da961e4158f0e51036f8ce271b2276cbc7373b76c65f0da3647a23
GET /assets/@fiverr/gig_widgets_perseus/apps/228f8ceae2a940b6ccfcef4d21bf0684.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://afeera.net/
Connection: keep-alive
Cookie: __cf_bm=eWxdGRD516.L73cmihogyeXD.Qr8DJwQcoOTG01hqW0-1675428136-0-AVGzbhGQqU7IpCW0JSI/eV/hdyXvnobFxLVr50XSLXUsEezPnLuKc21m28qUzC/l8JxeTm1nSLgZBKl7r8NkpxI=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: application/javascript
x-amz-id-2: bceRIu8bZi+9/uSi1pueSV4KgmLSlqA77zj+yALqIfqU4baijCo651t7sA3DOpwuNtA1j2RGGAo=
x-amz-request-id: X8HWHW08Q92NHE6V
last-modified: Wed, 23 Feb 2022 14:39:29 GMT
etag: W/"228f8ceae2a940b6ccfcef4d21bf0684"
cf-cache-status: HIT
age: 1132
expires: Sat, 03 Feb 2024 12:42:17 GMT
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XT4E7P42%2F%2BKGGf0k8v8zuOfSZ9LKIR6L7vPQPiMrT3ppX2O7K8ep4e4imrHaDL%2B3emot0keWzLc08Bk%2Fn8RMwcaOotTNFprf103fPyQk2g7D2GWcXbD6bkCxoT2uwtcv4F5WpKqnMebQiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793b3ee2a894b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16703
Expires: Fri, 03 Feb 2023 17:20:40 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
npm-assets.fiverrcdn.com/translations-hub/v2/published/categories_chimera/v1/categories-en-US.75477e505a05dbe715a12378f6480a46.js
104.17.47.69200 OK 1.1 kB URL HTTP/2 npm-assets.fiverrcdn.com/translations-hub/v2/published/categories_chimera/v1/categories-en-US.75477e505a05dbe715a12378f6480a46.js
IP 104.17.47.69:0
File type Unicode text, UTF-8 text, with very long lines (2859), with no line terminators
Hash ef1e9d4a6e38c39f7f663ea60d8316c4
7ea33de4dd981f49a27df65a8b9f5c1c0c7c66df
e8c8751a6395f83bb93760e3b794b0a4e67785648356eca7b195ab185a2b0c6e
GET /translations-hub/v2/published/categories_chimera/v1/categories-en-US.75477e505a05dbe715a12378f6480a46.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: minify
etag: W/"75477e505a05dbe715a12378f6480a46"
last-modified: Tue, 24 Jan 2023 00:10:55 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 2835
expires: Mon, 06 Mar 2023 12:42:16 GMT
cache-control: public, max-age=2678400
set-cookie: __cf_bm=g3.qnJjuDrIdqIjC3uAd8y4qdLij0zubav0kwnLHQGI-1675428136-0-AT+AIU3sXwFTxfIxYppsvhc4GG7Shw/VmMqEoXqULUm/dC6Ql2cVQXYcEnJ+6F0iFjfUR/8v2JCFKLAijAsy3AA=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4o06zFWKKEvBl2uZo0QoJHiQhNczgRcbBolqaaE1EEFL3paxlLHWw3nsPk3sIxvoNBDlUCHpu5lXIbKm5ln6vej3TB59dgyaqsveVAuoOuG84ppYkA2xTx%2FZ0oTYhzXiSDSXx5z%2BcnwjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3eddca44b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16703
Expires: Fri, 03 Feb 2023 17:20:40 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
www.acint.net/match?dp=71&euid=b0757ce0-6e3b-4828-8bd9-2fddd9bfc09d
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=b0757ce0-6e3b-4828-8bd9-2fddd9bfc09d
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=b0757ce0-6e3b-4828-8bd9-2fddd9bfc09d HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPdASiqExRcHtDXApU2QwlvFNgFsuT8UBrKnip0UTAF; cSyncDp7v2=1675428136; cSyncDp14v3=1675428136; cSyncDp17=1675428136; cSyncDp32=1675428136; cSyncDp45v3=1675428136; cSyncDp53v2=1675428136; cSyncDp62=1675428136; cSyncDp67v2=1675428136; cSyncDp68=1675428136; cSyncDp71=1675428136; cSyncDp85=1675428136; cSyncDp95v3=1675428136; cSyncDp98v2=1675428136; cSyncDp101=1675428136; cSyncDp104v2=1675428136; cSyncDp107=1675428136; cSyncDp110=1675428136; cSyncDp125v3=1675428136; cSyncDp126=1675428136; cSyncDp127=1675428136; cSyncDp129=1675428136; cSyncDp136v2=1675428136; cSyncDp146=1675428136; cSyncDp148=1675428136; cSyncDp149v2=1675428136; cSyncDp151=1675428136; cSyncDp178=1675428136; cSyncDp186=1675428136; cSyncDp221=1675428136; cSyncDp235=1675428136
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/oci/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=07049755&oid=39e8192718f4ed5a678fc273d654392b
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/oci/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=07049755&oid=39e8192718f4ed5a678fc273d654392b
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /oci/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=07049755&oid=39e8192718f4ed5a678fc273d654392b HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://afeera.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPdASiqExRcHtDXApU2QwlvFNgFsuT8UBrKnip0UTAF; cSyncDp7v2=1675428136; cSyncDp14v3=1675428136; cSyncDp17=1675428136; cSyncDp32=1675428136; cSyncDp45v3=1675428136; cSyncDp53v2=1675428136; cSyncDp62=1675428136; cSyncDp67v2=1675428136; cSyncDp68=1675428136; cSyncDp71=1675428136; cSyncDp85=1675428136; cSyncDp95v3=1675428136; cSyncDp98v2=1675428136; cSyncDp101=1675428136; cSyncDp104v2=1675428136; cSyncDp107=1675428136; cSyncDp110=1675428136; cSyncDp125v3=1675428136; cSyncDp126=1675428136; cSyncDp127=1675428136; cSyncDp129=1675428136; cSyncDp136v2=1675428136; cSyncDp146=1675428136; cSyncDp148=1675428136; cSyncDp149v2=1675428136; cSyncDp151=1675428136; cSyncDp178=1675428136; cSyncDp186=1675428136; cSyncDp221=1675428136; cSyncDp235=1675428136
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&s_data=CAIQARipgvSeBmIgMDEwMDAwN0YyODAxREQ2MzVDMTQxM0FBMDJEN0QwMUWiARAxR1Yao8AR7YbgACWQwGR8
31.172.81.160200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARipgvSeBmIgMDEwMDAwN0YyODAxREQ2MzVDMTQxM0FBMDJEN0QwMUWiARAxR1Yao8AR7YbgACWQwGR8
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARipgvSeBmIgMDEwMDAwN0YyODAxREQ2MzVDMTQxM0FBMDJEN0QwMUWiARAxR1Yao8AR7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQzMTQ3NTYxYS1hM2MwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQzMTQ3NTYxYS1hM2MwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 29 Jan 2043 12:42:17 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 53656
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hSyEfSDToqgfnFIW68Krz-ANYUNQoUPWhyb-8xDUarI6mnVLXriHDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:59:54 GMT
age: 52943
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
collector.fiverr.com/api/v2/collector
104.16.154.71200 OK 734 B URL HTTP/2 collector.fiverr.com/api/v2/collector
IP 104.16.154.71:0
Hash 20d5e7ebd31b836e04ede1b695756e0e
8ab7660b6e41a4136dc4657833aa8c4676ea86fe
5b362f9e30a48e082d77b8213f44f3227a266a1fcc59117b5a367059345affd3
POST /api/v2/collector HTTP/1.1
Host: collector.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1626
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fiverr.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
timing-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=P9LF0XTFrPA77n3FcNHwvUguyW2b...URL_V2LzCVtI-1675428137-0-AW6RPItDhs0L39FzmAAzVtjjVOJNc+ozrfiqoasIJ7TYnhPqOvth2Zg3mZ8C2efbalYtLrAFa3dnSRNjuu2Hgpg=; path=/; expires=Fri, 03-Feb-23 13:12:17 GMT; domain=.fiverr.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDedbdw0bCj6bc6VD3aBqEqGM%2Frgwsiko3Bje%2BgXxfisTEMX09YZYW7pDmjzNtPwlkyTYCWFIyWQNyOFEFxPrsTX%2BZHGELJZgUe1k1ea0IRadlhlDeaxkILZv%2BD4HLjV7pSCOZVi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=231.999874
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3ee1f94a0b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a92e881554205ebbe3721a7bbaeab40
b620fc82bd15b55b581bd8c3a699e1b16563ad2e
ff753b8411bfa0df54938a5f829ce25acbad863a2a3540b3bacca02baf9a2c7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6398
x-amzn-requestid: 843fefd3-8cf4-44ee-bb7c-a010d4149442
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv1XFXQoAMFe5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2cee-76739fd87b4c0d203eca4114;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cGZEXolULcBUgvrZ55IWnR825LgkHDFmJFJ5i9lcl4KYbDte3-N1g==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:43 GMT
age: 53074
etag: "b620fc82bd15b55b581bd8c3a699e1b16563ad2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:49 GMT
age: 53068
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sync.programmatica.com/match/RTBSape?id=0100007F2801DD635C1413AA02D7D01E&chk=1
167.235.117.42200 OK 43 B URL HTTP/2 sync.programmatica.com/match/RTBSape?id=0100007F2801DD635C1413AA02D7D01E&chk=1
IP 167.235.117.42:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /match/RTBSape?id=0100007F2801DD635C1413AA02D7D01E&chk=1 HTTP/1.1
Host: sync.programmatica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/gif
content-length: 43
set-cookie: pid=NWRmNzExODkzZjgwYTRiOA; expires=Sat, 03 Aug 2024 12:42:17 GMT; domain=.programmatica.com; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
104.18.254.23200 OK 21 kB URL HTTP/2 tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
IP 104.18.254.23:0
Hash fef6ce7bcefc65f25cd28217ef7ee9f1
dd230b48defb701142991872ba6c11dac72c69ef
443afe69466e0ac29ec2aef56fb57ff20cb0ce3ca7ab7c20b49ebf1b89fa60b8
GET /?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
link: <https://tools.fiverr.com/wp-json/>; rel="https://api.w.org/"
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
content-encoding: gzip
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=XuWZsERybSEfj4MfbkHv0V8Ok1hnODrbFf5FGnLF2gE-1675428136-0-AbxbVZPk6TmgTHcTg528YJ8OG02mO54RAiYtFFfIh8x+G4CtX3n2k62SWFWS+kIatIlPrbRkxfD894XrqbJEyuY=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverr.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOxUq0TGKGG%2Bo4fIFVYxK9TE0ZCIXmsz2wtroc10VYmna71gmy9FNOVCfMCj%2BlB0rhV4DBZ65IMZG%2BnQ6sHXwB5Gani9LG%2ByawuWQzzA8IRrLGCqPgmx4FWLMDbwnVj%2BrQQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=144.000053
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3edb0e34b521-OSL
X-Firefox-Spdy: h2
sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D3f7182b8-e87f-4fc1-bd08-2256ec87c4e7
212.76.129.181302 Found 102 B URL HTTP/2 sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D3f7182b8-e87f-4fc1-bd08-2256ec87c4e7
IP 212.76.129.181:0
File type HTML document, ASCII text
Hash 47d33de6ec9309914b0e35edd7c8b025
5440586b4fe6729e173b17fcfaa6303d70348d0e
8855a182493920595f253535ef06d957e582793ea338e5032e16a3f2f9b554b2
GET /check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D3f7182b8-e87f-4fc1-bd08-2256ec87c4e7 HTTP/1.1
Host: sync.adspend.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: as-user=3f7182b8-e87f-4fc1-bd08-2256ec87c4e7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: text/html; charset=utf-8
content-length: 102
location: https://www.acint.net/match?dp=98&euid=3f7182b8-e87f-4fc1-bd08-2256ec87c4e7
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sape
31.172.81.160302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sape
IP 31.172.81.160:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQzMTQ3NTYxYS1hM2MwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQzMTQ3NTYxYS1hM2MwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Thu, 29 Jan 2043 12:42:17 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://pix.bumlam.com/sync/sape/sync_ok?guid=3147561a-a3c0-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Origin: https://acint.net
Access-Control-Allow-Credentials: true
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 1afd3517ebc844038700db8c82d69ae3
1327e511903b229cd36c1647fdb71c17d4ce7bdd
ff3430f1affa22881cd632c75d9f51cb97deb53a2cd76f3ee3be5e4b0518192a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 23:26:49 GMT
Expires: Wed, 08 Feb 2023 23:26:48 GMT
Etag: "1327e511903b229cd36c1647fdb71c17d4ce7bdd"
Cache-Control: max-age=470070,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793b3ee2aa95b529-OSL
pix.bumlam.com/sync/sape/sync_ok?guid=3147561a-a3c0-11ed-86e0-002590c0647c
31.172.81.172302 Found 0 B URL HTTP/1.1 pix.bumlam.com/sync/sape/sync_ok?guid=3147561a-a3c0-11ed-86e0-002590c0647c
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/sape/sync_ok?guid=3147561a-a3c0-11ed-86e0-002590c0647c HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQzMTQ3NTYxYS1hM2MwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: https://3147561a-a3c0-11ed-86e0-002590c0647c.n7.sync.bumlam.com/?src=sape
www.acint.net/match?dp=186&euid=8935b8ab-6a7f-451c-933f-5464462dfa88
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=8935b8ab-6a7f-451c-933f-5464462dfa88
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=8935b8ab-6a7f-451c-933f-5464462dfa88 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPdASiqExRcHtDXApU2QwlvFNgFsuT8UBrKnip0UTAF; cSyncDp7v2=1675428136; cSyncDp14v3=1675428136; cSyncDp17=1675428136; cSyncDp32=1675428136; cSyncDp45v3=1675428136; cSyncDp53v2=1675428136; cSyncDp62=1675428136; cSyncDp67v2=1675428136; cSyncDp68=1675428136; cSyncDp71=1675428136; cSyncDp85=1675428136; cSyncDp95v3=1675428136; cSyncDp98v2=1675428136; cSyncDp101=1675428136; cSyncDp104v2=1675428136; cSyncDp107=1675428136; cSyncDp110=1675428136; cSyncDp125v3=1675428136; cSyncDp126=1675428136; cSyncDp127=1675428136; cSyncDp129=1675428136; cSyncDp136v2=1675428136; cSyncDp146=1675428136; cSyncDp148=1675428136; cSyncDp149v2=1675428136; cSyncDp151=1675428136; cSyncDp178=1675428136; cSyncDp186=1675428136; cSyncDp221=1675428136; cSyncDp235=1675428136
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=0100007F2801DD635C1413AA02D7D01E
167.235.32.7302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=0100007F2801DD635C1413AA02D7D01E
IP 167.235.32.7:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007F2801DD635C1413AA02D7D01E HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 03 Feb 2023 12:42:17 GMT
content-length: 0
location: https://dmp.gotechnology.io/match/sape?id=0100007F2801DD635C1413AA02D7D01E&chk=1
set-cookie: chk=1; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.acint.net/match?dp=98&euid=3f7182b8-e87f-4fc1-bd08-2256ec87c4e7
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=98&euid=3f7182b8-e87f-4fc1-bd08-2256ec87c4e7
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=98&euid=3f7182b8-e87f-4fc1-bd08-2256ec87c4e7 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPdASiqExRcHtDXApU2QwlvFNgFsuT8UBrKnip0UTAF; cSyncDp7v2=1675428136; cSyncDp14v3=1675428136; cSyncDp17=1675428136; cSyncDp32=1675428136; cSyncDp45v3=1675428136; cSyncDp53v2=1675428136; cSyncDp62=1675428136; cSyncDp67v2=1675428136; cSyncDp68=1675428136; cSyncDp71=1675428136; cSyncDp85=1675428136; cSyncDp95v3=1675428136; cSyncDp98v2=1675428136; cSyncDp101=1675428136; cSyncDp104v2=1675428136; cSyncDp107=1675428136; cSyncDp110=1675428136; cSyncDp125v3=1675428136; cSyncDp126=1675428136; cSyncDp127=1675428136; cSyncDp129=1675428136; cSyncDp136v2=1675428136; cSyncDp146=1675428136; cSyncDp148=1675428136; cSyncDp149v2=1675428136; cSyncDp151=1675428136; cSyncDp178=1675428136; cSyncDp186=1675428136; cSyncDp221=1675428136; cSyncDp235=1675428136
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/macan/Macan-Bold_1.woff2
104.18.254.23200 OK 39 kB URL HTTP/2 tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/macan/Macan-Bold_1.woff2
IP 104.18.254.23:0
File type Web Open Font Format (Version 2), TrueType, length 38992, version 1.0\012- data
Hash 86859a24f742e5bbcbc66670609e27d2
600bc51aa85ce82781756be664ad6e5227869d42
110434416d0cc50ff1cd809d68ea8635606150ecfbbd6b5e8be2b125d78a646e
GET /wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/macan/Macan-Bold_1.woff2 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/macan/stylesheet.css
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: font/woff2
content-length: 38992
last-modified: Sun, 28 Mar 2021 04:31:22 GMT
etag: "6060069a-9850"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbThZrl8x9Nk75M5hzAckFAne5B%2BJky%2BaHfZmI3ThvOwbcjeR2Zj9UO9vNeWnwJSRM%2Fp8yDoEOBSqb%2BAOK8uK1XKpl1Gp9iDMo9L6mH%2F3BzfAzNgF1wBlZgpm9kIDsuEZV4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=137.000084
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3ee3298db521-OSL
X-Firefox-Spdy: h2
relay.fiverr.com/v1/relay
104.18.254.23200 OK 6 B URL HTTP/2 relay.fiverr.com/v1/relay
IP 104.18.254.23:0
File type ASCII text, with no line terminators
Hash 226bdcd273dd7af5204671e7383fa080
6e64097755b3c8dab773549d19e169a452cd112f
9238d3f28f8aca5587641a0451b20ba1b105128b954f9e62837283802f8ac803
POST /v1/relay HTTP/1.1
Host: relay.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 315
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: text/plain; charset=utf-8
content-length: 6
access-control-allow-credentials: true
access-control-allow-origin: https://www.fiverr.com
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4bywzAod6ORCprZVMMnb0UMigdhVUs8LLvcYaJMD40x0ZJXwVoZZuSxXC0JDOdQ0%2BQPliAIHireXJrf3ZUi%2Ffs7%2FMmT1Qy7IVoP7AepjOum%2BE%2BCKfb3ZKHzSgZi%2B%2FYA5Xg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: relayed-items; dur=1; desc="Items relayed by relay service", app; dur=0.379963; desc="Application Response Time", lb;dur=4;desc="External Load Balancer", cfRequestDuration;dur=118.000031
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3ee389f9b521-OSL
X-Firefox-Spdy: h2
dmp.gotechnology.io/match/sape?id=0100007F2801DD635C1413AA02D7D01E&chk=1
167.235.32.7302 Found 0 B URL HTTP/2 dmp.gotechnology.io/match/sape?id=0100007F2801DD635C1413AA02D7D01E&chk=1
IP 167.235.32.7:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0100007F2801DD635C1413AA02D7D01E&chk=1 HTTP/1.1
Host: dmp.gotechnology.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: chk=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 03 Feb 2023 12:42:17 GMT
content-length: 0
location: https://an.yandex.ru/mapuid/gonetdspis/N2Y1NmRiNjAyMTk1MjAzYQ
set-cookie: pid=N2Y1NmRiNjAyMTk1MjAzYQ; expires=Sat, 03 Feb 2024 12:42:17 GMT; domain=.gotechnology.io; path=/; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.k4EubO_g8sw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqso9EOrOP64PthfqJk228DmwkZLA/m=el_main
142.250.74.138200 OK 76 kB URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.k4EubO_g8sw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqso9EOrOP64PthfqJk228DmwkZLA/m=el_main
IP 142.250.74.138:0
File type ASCII text, with very long lines (2057)
Hash 0e8adf0cb4a760f69a0cc7db3e06d42d
7b62952ff254f5eb934d9867f4929a5dc2bb54ce
978cada354ff18ed044c01a86bdfb44df71d474d026d587a5e6a9001138de7a2
GET /_/translate_http/_/js/k=translate_http.tr.no.k4EubO_g8sw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqso9EOrOP64PthfqJk228DmwkZLA/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75962
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 20:43:43 GMT
expires: Fri, 02 Feb 2024 20:43:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 06:11:41 GMT
content-type: text/javascript; charset=UTF-8
age: 57514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c26c9d885fe65989ba4f45bfa689c80d
02ebe3e544d04cc2c645b7f2c1f3bf82cf30533b
031f14f6f03d79abbce3ea6477942637731b1bd284baac7430607804fa25e18d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "031F14F6F03D79ABBCE3EA6477942637731B1BD284BAAC7430607804FA25E18D"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18573
Expires: Fri, 03 Feb 2023 17:51:50 GMT
Date: Fri, 03 Feb 2023 12:42:17 GMT
Connection: keep-alive
tools.fiverr.com/wp-content/themes/twentytwenty/print.css?ver=1.6
104.18.254.23200 OK 38 kB URL HTTP/2 tools.fiverr.com/wp-content/themes/twentytwenty/print.css?ver=1.6
IP 104.18.254.23:0
Hash f93607ff264fef3049fb93c198789a75
76e0567a47dbf514f58044f44beb49be6da0c34a
56b1121702f508de8fa73b89c0e46aabc799ce195b87833735748c25f46c9239
GET /wp-content/themes/twentytwenty/print.css?ver=1.6 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 28 Mar 2021 04:31:22 GMT
etag: W/"6060069a-ab3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQ0SS046JLd2HbZll73dQYyrMn7l2EA1G7pc18HagwMxEZ1hXmTePzt2xrVeprlcN69%2FrMEiX1Sqvyt946s724S%2BzckId2oPzEhAZ6NvKNWWqADCqNxL9gS%2BAjVygXNUA30%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=129.999876
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3ee24853b521-OSL
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 65d8dbf6dc6f3e4da4766a46c4332420
3fa51c7463fe15e0f14cb614df6a8fc1f9d26784
46099d3e534207e5bbb1a76724265e4468fa27c831abfaeda7bc4db360278928
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 07 Feb 2023 10:01:07 GMT
ETag: "3fa51c7463fe15e0f14cb614df6a8fc1f9d26784"
Last-Modified: Fri, 03 Feb 2023 10:01:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2536
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b3ee5ea5ab524-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 65d8dbf6dc6f3e4da4766a46c4332420
3fa51c7463fe15e0f14cb614df6a8fc1f9d26784
46099d3e534207e5bbb1a76724265e4468fa27c831abfaeda7bc4db360278928
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Tue, 07 Feb 2023 10:01:07 GMT
ETag: "3fa51c7463fe15e0f14cb614df6a8fc1f9d26784"
Last-Modified: Fri, 03 Feb 2023 10:01:08 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2536
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b3ee60a90b524-OSL
3147561a-a3c0-11ed-86e0-002590c0647c.n7.sync.bumlam.com/?src=sape
80.87.198.24302 Found 0 B URL HTTP/2 3147561a-a3c0-11ed-86e0-002590c0647c.n7.sync.bumlam.com/?src=sape
IP 80.87.198.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sape HTTP/1.1
Host: 3147561a-a3c0-11ed-86e0-002590c0647c.n7.sync.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQzMTQ3NTYxYS1hM2MwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.1
date: Fri, 03 Feb 2023 12:42:17 GMT
content-length: 0
location: https://pix.bumlam.com/sync/sape/done
X-Firefox-Spdy: h2
tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/macan/Macan-Regular_1.woff2
104.18.254.23200 OK 39 kB URL HTTP/2 tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/macan/Macan-Regular_1.woff2
IP 104.18.254.23:0
File type Web Open Font Format (Version 2), TrueType, length 38664, version 1.0\012- data
Hash 523984eb198e5f39c6cab65586785e46
95071319f3fa43dd5ecafdff43aa6926346571b7
b5b0e64f55d90972ba9ba6e5e362ef1cb42f6606217edc94a9b00a8f39c0a621
GET /wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/macan/Macan-Regular_1.woff2 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/macan/stylesheet.css
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: font/woff2
content-length: 38664
last-modified: Sun, 28 Mar 2021 04:31:22 GMT
etag: "6060069a-9708"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmpVPtI1djuKLu0V9qmQbBoTXFZsjkuEvMWQIhlCZg%2BugF1yfHlY3unIcMvcXmIACDCW1F2CwWSgT7dLoajPnTET48lmqByL%2BTuelT0agljDtNfsP9YZWL9oTLGjeX8pY2Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=450.999975
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3ee3298bb521-OSL
X-Firefox-Spdy: h2
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
195.209.108.48302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP 195.209.108.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-4503358054; expires=Sun, 02 Feb 2025 12:42:17 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4503358054
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 46e530ce3930380aa0e6d3fd4777dab5
2d31802fd2ab824e8ea875aed406148ed875ad90
67205fa173ff65243041f4f2f2d38e6ceb850dc99d5b1f48d2ace6a102993990
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Tue, 07 Feb 2023 10:44:33 GMT
ETag: "2d31802fd2ab824e8ea875aed406148ed875ad90"
Last-Modified: Fri, 03 Feb 2023 10:44:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1524
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b3ee63aedb524-OSL
pix.bumlam.com/sync/sape/done
31.172.81.172200 OK 43 B URL HTTP/1.1 pix.bumlam.com/sync/sape/done
IP 31.172.81.172:0
ASN #44066 diva-e Datacenters GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sync/sape/done HTTP/1.1
Host: pix.bumlam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQzMTQ3NTYxYS1hM2MwLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: https://www.acint.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Expires: 05-Jun-2005 22:00:00 GMT
X-Xss-Protection: 0
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F2801DD635C1413AA02D7D01E
81.222.128.214200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F2801DD635C1413AA02D7D01E
IP 81.222.128.214:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F2801DD635C1413AA02D7D01E HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:17 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/macan/Macan-Semibold_1.woff2
104.18.254.23200 OK 39 kB URL HTTP/2 tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/macan/Macan-Semibold_1.woff2
IP 104.18.254.23:0
File type Web Open Font Format (Version 2), TrueType, length 38732, version 1.0\012- data
Hash 215d39c8dcee42826f273d4bba94eb3c
2985897e1a8124377f4a4eb03b25b5f77ac2f7d3
193e7bb92bfcd1ef79424ed561564c36e0e667c5df1181e48694b7aabc19af91
GET /wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/macan/Macan-Semibold_1.woff2 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/fonts/macan/stylesheet.css
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: font/woff2
content-length: 38732
last-modified: Sun, 28 Mar 2021 04:31:22 GMT
etag: "6060069a-974c"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9y2t616zbFpgk%2FjQH%2F3DNQYrS5qRRZ5o62J48Z4fGhoBPkI91P1TodEKnWbsYqtvnhepLYzJvzMO2lg9mUETx0XgoRDAiActmEKyzFxcElBtdk0Pej0ruKcsl57js1%2B1cg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=444.999933
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3ee33995b521-OSL
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 6ab3de826937ebebaab872a71a17a7d4
9caf4bc2548ab324dfca2d1c2088e353f0ef2f7a
a242c964ddab845d4b43a4f8fa6c1d91016eba08c597cff962bea02277a8c9c7
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Tue, 07 Feb 2023 10:33:56 GMT
ETag: "9caf4bc2548ab324dfca2d1c2088e353f0ef2f7a"
Last-Modified: Fri, 03 Feb 2023 10:33:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 128
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b3ee67b4fb524-OSL
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 51ab5a8626b70c7594e57366f659f93d
b306da2759928ddd7895083be1196fae9f634197
2eb603282049d073ffcd2928301736eb6d72e02c0ea9e4a884e103c73debd5de
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 16:18:21 GMT
Expires: Thu, 09 Feb 2023 16:18:20 GMT
Etag: "b306da2759928ddd7895083be1196fae9f634197"
Cache-Control: max-age=604041,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 61
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b3ee67eaab4f4-OSL
ocsp.globalsign.com/alphasslcasha256g4
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.21.226:0
Hash be9fb16bd61006fa1181f2d6feca0553
4e1a6837793c5305b9e15446fb6434c57436c391
2fb26db0a974f4e4ae924c6d465205b2aa6eef8d6803f4031513ce2aee771fc4
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Tue, 07 Feb 2023 12:02:03 GMT
ETag: "4e1a6837793c5305b9e15446fb6434c57436c391"
Last-Modified: Fri, 03 Feb 2023 12:02:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1218
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b3ee6ab88b524-OSL
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4503358054
195.209.108.48302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4503358054
IP 195.209.108.48:0
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4503358054 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Sun, 02 Feb 2025 12:42:18 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 09905a9da2b8c534b2a2339f7ed3ea0f
c9757e32b8d0032fe15e166141f832a9133d575f
48f74cadddfc2aaa06f4831abb571ce1717243a159508098f25922762d694c15
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48F74CADDDFC2AAA06F4831ABB571CE1717243A159508098F25922762D694C15"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8124
Expires: Fri, 03 Feb 2023 14:57:42 GMT
Date: Fri, 03 Feb 2023 12:42:18 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 47104af366e237afec3af30f37af7dba
b24492f724ba1d4395df66bc2e0de1bdabc4264d
59c7255b4bd417487377052a2b4ec75029319525bad73a5ef43dce28d79efbbb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 14:18:45 GMT
Expires: Tue, 07 Feb 2023 14:18:44 GMT
Etag: "b24492f724ba1d4395df66bc2e0de1bdabc4264d"
Cache-Control: max-age=350785,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793b3ee68d49b4ee-OSL
sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
77.245.57.72400 Bad Request 22 B URL HTTP/1.1 sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
IP 77.245.57.72:0
ASN #36057 WEBAIR-INTERNET-MTL
File type ASCII text, with no line terminators
Hash b0b11e1c78b526b61477f8e9ee540be0
d5e73002987ff54626542b116d98a8f4aa9ee2eb
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
GET /user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D HTTP/1.1
Host: sync.adkernel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Length: 22
Connection: close
Cache-Control: no-store
Age: 0
Pragma: no-cache
sape-sync.rutarget.ru/sync
46.243.142.48302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP 46.243.142.48:0
ASN #208677 Cloud technology Limited (Ltd.)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=rF-hOrzY3rjJ
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=rF-hOrzY3rjJ; Path=/; Domain=.rutarget.ru; Expires=Wed, 02 Aug 2023 12:42:18 GMT; SameSite=None; Secure
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 14a633088f88e709b2046db49d45112d
d392d3da031acb435b53612b92eec2c386b032f7
af9e4e2f581bb428894b80c97ca707b506e8e0f585d70d85565224a5cf620dc5
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 10:05:36 GMT
ETag: "d392d3da031acb435b53612b92eec2c386b032f7"
Last-Modified: Fri, 03 Feb 2023 10:05:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 289
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b3ee6ebe7b524-OSL
ad.mail.ru/cm.gif?p=48&id=0100007F2801DD635C1413AA02D7D01E
95.163.41.56200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=0100007F2801DD635C1413AA02D7D01E
IP 95.163.41.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=0100007F2801DD635C1413AA02D7D01E HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:18 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=0EohrF2L8SYF0022Gk1U40YF:::0-0-0-8f759ea:CAASECdAOwyJxm-6ns7XOGKxgDgaYO_ehlKGkYFjKSmrhcfgCPvLvs9pv71j0idIvJu-jtQjQdBZRaNSkDEQgqq5ndg8f_LQZ7HWu_ZAWpjrb-SvYdGRPBkhVuFtgkiW0B0CBCVcfVH0JgtF2oAiQq5MDQPHLg; path=/; expires=Sun, 04-Feb-24 12:42:18 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Fri, 03 Feb 2023 18:42:18 GMT
cache-control: max-age=21600
last-modified: Fri, 03 Feb 2023 12:42:18 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
193.3.184.137302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPdASiqExRcHtDXApU2QwlvFNgFsuT8UBrKnip0UTAF; cSyncDp7v2=1675428136; cSyncDp14v3=1675428136; cSyncDp17=1675428136; cSyncDp32=1675428136; cSyncDp45v3=1675428136; cSyncDp53v2=1675428136; cSyncDp62=1675428136; cSyncDp67v2=1675428136; cSyncDp68=1675428136; cSyncDp71=1675428136; cSyncDp85=1675428136; cSyncDp95v3=1675428136; cSyncDp98v2=1675428136; cSyncDp101=1675428136; cSyncDp104v2=1675428136; cSyncDp107=1675428136; cSyncDp110=1675428136; cSyncDp125v3=1675428136; cSyncDp126=1675428136; cSyncDp127=1675428136; cSyncDp129=1675428136; cSyncDp136v2=1675428136; cSyncDp146=1675428136; cSyncDp148=1675428136; cSyncDp149v2=1675428136; cSyncDp151=1675428136; cSyncDp178=1675428136; cSyncDp186=1675428136; cSyncDp221=1675428136; cSyncDp235=1675428136
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 03 Feb 2023 12:42:18 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F2801DD635C1413AA02D7D01E
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=104&euid=rF-hOrzY3rjJ
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=rF-hOrzY3rjJ
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=rF-hOrzY3rjJ HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPdASiqExRcHtDXApU2QwlvFNgFsuT8UBrKnip0UTAF; cSyncDp7v2=1675428136; cSyncDp14v3=1675428136; cSyncDp17=1675428136; cSyncDp32=1675428136; cSyncDp45v3=1675428136; cSyncDp53v2=1675428136; cSyncDp62=1675428136; cSyncDp67v2=1675428136; cSyncDp68=1675428136; cSyncDp71=1675428136; cSyncDp85=1675428136; cSyncDp95v3=1675428136; cSyncDp98v2=1675428136; cSyncDp101=1675428136; cSyncDp104v2=1675428136; cSyncDp107=1675428136; cSyncDp110=1675428136; cSyncDp125v3=1675428136; cSyncDp126=1675428136; cSyncDp127=1675428136; cSyncDp129=1675428136; cSyncDp136v2=1675428136; cSyncDp146=1675428136; cSyncDp148=1675428136; cSyncDp149v2=1675428136; cSyncDp151=1675428136; cSyncDp178=1675428136; cSyncDp186=1675428136; cSyncDp221=1675428136; cSyncDp235=1675428136
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:18 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
fromermediagroup.com/index.php/api/?id=79&i=1&secure=c86e902a7360a684bed029c133ff781bbbcc4cbb
144.202.100.52200 OK 7.8 kB URL HTTP/2 fromermediagroup.com/index.php/api/?id=79&i=1&secure=c86e902a7360a684bed029c133ff781bbbcc4cbb
IP 144.202.100.52:0
File type HTML document, ASCII text, with very long lines (1175), with CRLF, LF line terminators
Hash 8011e8917044d88c9581c7e352f184ed
3dcbc30ba84131747d564d2d6ea2ab02d87101de
8891f7277e53886df5fbe3f059ab43bbad09af6fe0f2e60c9214e8c0b753a23d
GET /index.php/api/?id=79&i=1&secure=c86e902a7360a684bed029c133ff781bbbcc4cbb HTTP/1.1
Host: fromermediagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:18 GMT
content-type: text/html; charset=UTF-8
content-length: 7813
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: "*"
link: <https://fromermediagroup.com/index.php/wp-json/>; rel="https://api.w.org/", <https://fromermediagroup.com/index.php/wp-json/wp/v2/pages/24130>; rel="alternate"; type="application/json", <https://fromermediagroup.com/?p=24130>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=393065,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793b3ee61f9bb529-OSL
sm.rtb.mts.ru/p?ssp=sape&id=0100007F2801DD635C1413AA02D7D01E
217.66.147.35301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=0100007F2801DD635C1413AA02D7D01E
IP 217.66.147.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=0100007F2801DD635C1413AA02D7D01E HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F2801DD635C1413AA02D7D01E
Set-Cookie: dspid=d83b5b99-f5a1-4617-8760-92b9576ce724; expires=Thu, 25 Jan 2024 12:42:18 GMT; domain=.mts.ru; path=/; secure; SameSite=None
tag.digitaltarget.ru/adcm.js
185.15.175.174200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP 185.15.175.174:0
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Fri, 03 Feb 2023 12:34:29 GMT
Connection: keep-alive
ETag: "63dcff55-beb"
Accept-Ranges: bytes
x01.aidata.io/0.gif?pid=9401454&id=0100007F2801DD635C1413AA02D7D01E
89.108.119.43302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007F2801DD635C1413AA02D7D01E
IP 89.108.119.43:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007F2801DD635C1413AA02D7D01E HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 03 Feb 2023 12:42:18 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=0100007F2801DD635C1413AA02D7D01E&bounce=1
expires: Fri, 03 Feb 2023 12:42:17 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 03 Feb 2023 12:42:17 GMT
set-cookie: __upin=KfOAlUZJi9Mxy6W3qHd9IQ;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675428138;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2f59b9826b587ec88c538c4e0fdda68f
a9569ad568776c896099e2e7b4291dbe7101cb9b
76812d4ae48f41904eb3722fb49c463d4287d81fa7a9ea5d28687ddb3a546931
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:03:25 GMT
Expires: Wed, 08 Feb 2023 02:03:24 GMT
Etag: "a9569ad568776c896099e2e7b4291dbe7101cb9b"
Cache-Control: max-age=393065,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793b3ee62e2d0afe-OSL
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7249f3063c5cc97019b81bdc916c06c3
0de6910dda1611b6ea0c6076a4fb327c270776e7
1ec97333fc0ff62959d279c267ed14ca106b225d58047160802c492b99309a2d
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 626
Cache-Control: max-age=112614
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 12:42:18 GMT
Etag: "63dc139e-1d7"
Expires: Sat, 04 Feb 2023 19:59:12 GMT
Last-Modified: Thu, 02 Feb 2023 19:48:46 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
cdn9.forter.com/vchk2/v1/2bba53926f19257c3f26b14f18fa55b8f8e5c8032a8f4333e9e0620eeec1c241ac7f4bc9661355efd8f34edda672
143.204.55.68200 OK 42 B URL HTTP/2 cdn9.forter.com/vchk2/v1/2bba53926f19257c3f26b14f18fa55b8f8e5c8032a8f4333e9e0620eeec1c241ac7f4bc9661355efd8f34edda672
IP 143.204.55.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /vchk2/v1/2bba53926f19257c3f26b14f18fa55b8f8e5c8032a8f4333e9e0620eeec1c241ac7f4bc9661355efd8f34edda672 HTTP/1.1
Host: cdn9.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: eyJyIjowLjY4OTg0OTk3Nzg4MDU3MDcsInUiOiJlNTk5Y2M5NzIyM2U0ZGM3OGZmODQ3NWZhNjNhYTUwZSIsInMiOiI1M2UxMjcwNTQxZjUifQ==
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Referer: https://www.fiverr.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:18 GMT
access-control-allow-origin: *
timing-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dUffLUHIOIq3QgbiooPTU69b9I8txjfFen8MpjUMTV2LUsdj3zqzBA==
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F2801DD635C1413AA02D7D01E
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F2801DD635C1413AA02D7D01E
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=0100007F2801DD635C1413AA02D7D01E HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=0100007F2801DD635C1413AA02D7D01E&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 03 Feb 2024 12:42:18 GMT; Path=/; Domain=.betweendigital.com
tuuid=5dac3349-d3d2-5222-80ee-6e13e3336f39; Max-Age=31536000; Expires=Sat, 03 Feb 2024 12:42:18 GMT; Path=/; Domain=.betweendigital.com
ut=Y90BKgACfLhN2mIPAQurvGx6ORB_MrtgzHNASg==; Max-Age=31536000; Expires=Sat, 03 Feb 2024 12:42:18 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 03 Feb 2024 12:42:18 GMT; Path=/; Domain=.betweendigital.com
tuuid=a29a9d6c-e778-5222-a694-e8abc549e981; Max-Age=31536000; Expires=Sat, 03 Feb 2024 12:42:18 GMT; Path=/; Domain=.betweendigital.com
ut=Y90BKgACo8hwF754WCKnAHRNAl2KpFzJ6opbMg==; Max-Age=31536000; Expires=Sat, 03 Feb 2024 12:42:18 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=0100007F2801DD635C1413AA02D7D01E&bounce=1
89.108.119.43204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0100007F2801DD635C1413AA02D7D01E&bounce=1
IP 89.108.119.43:0
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0100007F2801DD635C1413AA02D7D01E&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 03 Feb 2023 12:42:18 GMT
expires: Fri, 03 Feb 2023 12:42:17 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Fri, 03 Feb 2023 12:42:17 GMT
set-cookie: __upin=X7cptbdMSMClpU2nj0cgvw;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1675428138;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F2801DD635C1413AA02D7D01E&crf=1
188.42.196.115200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F2801DD635C1413AA02D7D01E&crf=1
IP 188.42.196.115:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=0100007F2801DD635C1413AA02D7D01E&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 03 Feb 2024 12:42:18 GMT; Path=/; Domain=.betweendigital.com
tuuid=ecfa7e86-c29b-5222-9d28-2c16fef52d3c; Max-Age=31536000; Expires=Sat, 03 Feb 2024 12:42:18 GMT; Path=/; Domain=.betweendigital.com
ut=Y90BKgADHODuXoYH6okaQVDAQRfSRsnCjUkA4Q==; Max-Age=31536000; Expires=Sat, 03 Feb 2024 12:42:18 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
188.42.196.115200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.196.115:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sat, 03 Feb 2024 12:42:18 GMT; Path=/; Domain=.betweendigital.com
tuuid=6f681f0f-6171-5222-8ffe-fdf8ec23fcd2; Max-Age=31536000; Expires=Sat, 03 Feb 2024 12:42:18 GMT; Path=/; Domain=.betweendigital.com
ut=Y90BKgADMGgAJeL6TQGxH75etuOkVOba855Cag==; Max-Age=31536000; Expires=Sat, 03 Feb 2024 12:42:18 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F2801DD635C1413AA02D7D01E
217.66.147.35200 OK 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F2801DD635C1413AA02D7D01E
IP 217.66.147.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=0100007F2801DD635C1413AA02D7D01E HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
e599cc97223e4dc78ff8475fa63aa50e-53e1270541f5.cdn.forter.com/prop.json
3.234.25.89200 OK 2 B URL HTTP/1.1 e599cc97223e4dc78ff8475fa63aa50e-53e1270541f5.cdn.forter.com/prop.json
IP 3.234.25.89:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /prop.json HTTP/1.1
Host: e599cc97223e4dc78ff8475fa63aa50e-53e1270541f5.cdn.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:18 GMT
Server: Apache
Last-Modified: Fri, 03 Feb 2023 12:08:59 GMT
ETag: "2-5f3ca8be43ed3"
Accept-Ranges: bytes
Content-Length: 2
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Access-Control-Allow-Origin: https://www.fiverr.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Connection: close
Content-Type: application/json
tag.digitaltarget.ru/processor.js?i=770660079954551
185.15.175.174200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=770660079954551
IP 185.15.175.174:0
File type ASCII text, with very long lines (15892), with no line terminators
Hash 736e2fb1da94f3277e3f931048c1b9f3
196387db95a17da825b629de3542eff901b09905
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc
GET /processor.js?i=770660079954551 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: application/javascript
Content-Length: 15892
Last-Modified: Fri, 03 Feb 2023 12:34:31 GMT
Connection: keep-alive
ETag: "63dcff57-3e14"
Accept-Ranges: bytes
fromermediagroup.com/wp-content/uploads/bfi_thumb/1653683945-60797_355%20(2)-pubywrvrbxquh379jopf8obkkieq8r2vh835a1k3us.jpeg
144.202.100.52200 OK 18 kB URL HTTP/2 fromermediagroup.com/wp-content/uploads/bfi_thumb/1653683945-60797_355%20(2)-pubywrvrbxquh379jopf8obkkieq8r2vh835a1k3us.jpeg
IP 144.202.100.52:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 728x90, components 3\012- data
Hash 52c116721d5b230003e5f95cd5761860
637cf9d0cf33ade6eae8c153f780e9b9bcb86777
b9e8b3c46b5d0190c185933f44e83b3a5d04af50f3aa1f9f7563ef2d22e0a1d0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/bfi_thumb/1653683945-60797_355%20(2)-pubywrvrbxquh379jopf8obkkieq8r2vh835a1k3us.jpeg HTTP/1.1
Host: fromermediagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fromermediagroup.com/index.php/api/?id=79&i=1&secure=c86e902a7360a684bed029c133ff781bbbcc4cbb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:18 GMT
content-type: image/jpeg
content-length: 18479
last-modified: Mon, 05 Sep 2022 21:49:12 GMT
etag: "63166ed8-482f"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d132fc3241a2d974e0951cca93d9e828
74c9eb6072fc07ccf0eec7d78c30b58052b05dd8
28d6d764a99953f0d39d62c688594d0a0e8969d8d87a5fbe13917b90e23071ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28D6D764A99953F0D39D62C688594D0A0E8969D8D87A5FBE13917B90E23071CA"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4345
Expires: Fri, 03 Feb 2023 13:54:43 GMT
Date: Fri, 03 Feb 2023 12:42:18 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d132fc3241a2d974e0951cca93d9e828
74c9eb6072fc07ccf0eec7d78c30b58052b05dd8
28d6d764a99953f0d39d62c688594d0a0e8969d8d87a5fbe13917b90e23071ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28D6D764A99953F0D39D62C688594D0A0E8969D8D87A5FBE13917B90E23071CA"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4345
Expires: Fri, 03 Feb 2023 13:54:43 GMT
Date: Fri, 03 Feb 2023 12:42:18 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 87af2addfde32a176e34f86b1e7b562f
14c01598bbc9cc17daa41df377af0144b6da3c8f
ff07c4faa2cf5c3faa7ed94b90fa1e65dd59880d34b8761e325ce56e7cadb3b4
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 11:05:28 GMT
ETag: "14c01598bbc9cc17daa41df377af0144b6da3c8f"
Last-Modified: Fri, 03 Feb 2023 11:05:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1451
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b3ee91f5bb524-OSL
fromermediagroup.com/index.php/api/?id=38&i=1&secure=8e84ebea3f16daa3750bf664f7cedbe73d3fa84e
144.202.100.52200 OK 7.8 kB URL HTTP/2 fromermediagroup.com/index.php/api/?id=38&i=1&secure=8e84ebea3f16daa3750bf664f7cedbe73d3fa84e
IP 144.202.100.52:0
File type HTML document, ASCII text, with very long lines (1179), with CRLF, LF line terminators
Hash b14ddc814c3f5824c5b1bbbc1940839c
2fd1451a1cd0c3562692aa1dd3c6df71d068345a
e2be622d21eaa9cc07d2f408d9d7d3db936b87e5adca14ded12707258760349d
GET /index.php/api/?id=38&i=1&secure=8e84ebea3f16daa3750bf664f7cedbe73d3fa84e HTTP/1.1
Host: fromermediagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:18 GMT
content-type: text/html; charset=UTF-8
content-length: 7814
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: "*"
link: <https://fromermediagroup.com/index.php/wp-json/>; rel="https://api.w.org/", <https://fromermediagroup.com/index.php/wp-json/wp/v2/pages/24130>; rel="alternate"; type="application/json", <https://fromermediagroup.com/?p=24130>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
fromermediagroup.com/index.php/api/?id=203&i=1&secure=73049ca372c5ad55182eec80e170c53a472215e8
144.202.100.52200 OK 7.8 kB URL HTTP/2 fromermediagroup.com/index.php/api/?id=203&i=1&secure=73049ca372c5ad55182eec80e170c53a472215e8
IP 144.202.100.52:0
File type HTML document, ASCII text, with very long lines (1179), with CRLF, LF line terminators
Hash 19b9c1ae4bb28a6d444f883d35aea974
3797f1e0e5d68d1839301d7451c11e66b244360f
fcb782ab283eb1c53e1bfe4d532677cad3c221af3b5bef9f6ba304b15d3ed704
GET /index.php/api/?id=203&i=1&secure=73049ca372c5ad55182eec80e170c53a472215e8 HTTP/1.1
Host: fromermediagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:18 GMT
content-type: text/html; charset=UTF-8
content-length: 7816
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: "*"
link: <https://fromermediagroup.com/index.php/wp-json/>; rel="https://api.w.org/", <https://fromermediagroup.com/index.php/wp-json/wp/v2/pages/24130>; rel="alternate"; type="application/json", <https://fromermediagroup.com/?p=24130>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/1/1093/i/i?i=217290144807630.534134367676731&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.147307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=217290144807630.534134367676731&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=217290144807630.534134367676731&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675428138442&i=217290144807630.534134367676731&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=5UcO6YfbXqWLD6A7qadB; Max-Age=93312000; Expires=Sun, 18 Jan 2026 12:42:18 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=217290144807630.845210935003997&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.147307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=217290144807630.845210935003997&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=217290144807630.845210935003997&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675428138450&i=217290144807630.845210935003997&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=ksOc9F2bUyblFTv7JK-z; Max-Age=93312000; Expires=Sun, 18 Jan 2026 12:42:18 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
cdn.webcop.co/widget/plugins/text-to-speech/articulate.js
165.227.196.157200 OK 32 kB URL HTTP/1.1 cdn.webcop.co/widget/plugins/text-to-speech/articulate.js
IP 165.227.196.157:0
ASN #14061 DIGITALOCEAN-ASN
Hash 1a3857eb6fa243a5b2806a770ce03085
4394a519117dd8a02dd7f0145c2ee54b6257ee6e
d03a003b87f6ec3f7d37368a3ab6292f3677f1c8409ec5d47613568d48d7fad3
GET /widget/plugins/text-to-speech/articulate.js HTTP/1.1
Host: cdn.webcop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 32523
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 24 Mar 2022 00:44:34 GMT
ETag: W/"7f0b-17fb961e1ac"
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675428138442&i=217290144807630.534134367676731&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_noorient
185.15.175.147200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675428138442&i=217290144807630.534134367676731&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP 185.15.175.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675428138442&i=217290144807630.534134367676731&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675428138450&i=217290144807630.845210935003997&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
185.15.175.147200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1675428138450&i=217290144807630.845210935003997&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP 185.15.175.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&ts=1675428138450&i=217290144807630.845210935003997&a=77&e=0100007F2801DD635C1413AA02D7D01E&pref=http%3A%2F%2Fafeera.net%2F&c=ss:77.up:0100007F2801DD635C1413AA02D7D01E.sync:up.xdua:dumQyAnZKxJ1L3QSy9dayJPz.xps:xpskrw1iOxewDla06WCojDLA5.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
fromermediagroup.com/index.php/api/?id=24&i=1&secure=584ea7b3f962cab4629e6c98b919a99113bc26d4
144.202.100.52200 OK 7.8 kB URL HTTP/2 fromermediagroup.com/index.php/api/?id=24&i=1&secure=584ea7b3f962cab4629e6c98b919a99113bc26d4
IP 144.202.100.52:0
File type HTML document, ASCII text, with very long lines (1178), with CRLF, LF line terminators
Hash 4138837c72ef7160ee3f6ca4b9db57c2
097921fff09dd7f9686f63e05fab4ee690e348bf
65060955596908b88041aa4fd0789f43de2ce4cfe5cf723a981fa3e54fdfdce3
GET /index.php/api/?id=24&i=1&secure=584ea7b3f962cab4629e6c98b919a99113bc26d4 HTTP/1.1
Host: fromermediagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:18 GMT
content-type: text/html; charset=UTF-8
content-length: 7812
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: "*"
link: <https://fromermediagroup.com/index.php/wp-json/>; rel="https://api.w.org/", <https://fromermediagroup.com/index.php/wp-json/wp/v2/pages/24130>; rel="alternate"; type="application/json", <https://fromermediagroup.com/?p=24130>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
age: 0
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.webcop.co/widget/assets/police-badge.svg
165.227.196.157200 OK 6.0 kB URL HTTP/1.1 cdn.webcop.co/widget/assets/police-badge.svg
IP 165.227.196.157:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5800)
Hash 5a83df7a31ee60b513453950f157d711
99c3cfb5e77e965896d9319c814938aeba8754b9
4a1e1d01081a80a7cb34203593ac6e4fa892e6a79eaae2c85171d171aa4cf782
GET /widget/assets/police-badge.svg HTTP/1.1
Host: cdn.webcop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://afeera.net/
Origin: http://afeera.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 03 Feb 2023 12:42:18 GMT
Content-Type: image/svg+xml
Content-Length: 5970
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 24 Mar 2022 00:44:34 GMT
ETag: W/"1752-17fb961e1a8"
fromermediagroup.com/wp-content/uploads/bfi_thumb/1652975259-header-729x90-afeera-pubywrvrbxquh379jopf8obkkieq8r2vh835a1k3us.jpg
144.202.100.52200 OK 18 kB URL HTTP/2 fromermediagroup.com/wp-content/uploads/bfi_thumb/1652975259-header-729x90-afeera-pubywrvrbxquh379jopf8obkkieq8r2vh835a1k3us.jpg
IP 144.202.100.52:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 728x90, components 3\012- data
Hash 52c116721d5b230003e5f95cd5761860
637cf9d0cf33ade6eae8c153f780e9b9bcb86777
b9e8b3c46b5d0190c185933f44e83b3a5d04af50f3aa1f9f7563ef2d22e0a1d0
GET /wp-content/uploads/bfi_thumb/1652975259-header-729x90-afeera-pubywrvrbxquh379jopf8obkkieq8r2vh835a1k3us.jpg HTTP/1.1
Host: fromermediagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fromermediagroup.com/index.php/api/?id=38&i=1&secure=8e84ebea3f16daa3750bf664f7cedbe73d3fa84e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:18 GMT
content-type: image/jpeg
content-length: 18479
last-modified: Mon, 05 Sep 2022 21:49:12 GMT
etag: "63166ed8-482f"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=0100007F2801DD635C1413AA02D7D01E
194.190.76.45302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007F2801DD635C1413AA02D7D01E
IP 194.190.76.45:0
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=0100007F2801DD635C1413AA02D7D01E HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 03 Feb 2023 12:42:18 GMT
content-length: 0
x-backend-id: f23-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=upjybqXphhO.AikABlGGF0yOqw;Path=/;Domain=.adhigh.net;Expires=Sat, 03-Feb-2024 12:42:18 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0100007F2801DD635C1413AA02D7D01E&bounced=1
X-Firefox-Spdy: h2
fromermediagroup.com/wp-content/uploads/bfi_thumb/1653684820-1653249679-720-pubywrvrbxquh379jopf8obkkieq8r2vh835a1k3us.png
144.202.100.52200 OK 60 kB URL HTTP/2 fromermediagroup.com/wp-content/uploads/bfi_thumb/1653684820-1653249679-720-pubywrvrbxquh379jopf8obkkieq8r2vh835a1k3us.png
IP 144.202.100.52:0
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 73df7dc28242e49b993344f3f80a9cff
af91106705514c96a4aed44970cb75d5b532c918
ea9eae81d8454f68afc2ef9c8636aa5dbcb1248541c51675b7bb0e26f3c4d0e1
GET /wp-content/uploads/bfi_thumb/1653684820-1653249679-720-pubywrvrbxquh379jopf8obkkieq8r2vh835a1k3us.png HTTP/1.1
Host: fromermediagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fromermediagroup.com/index.php/api/?id=203&i=1&secure=73049ca372c5ad55182eec80e170c53a472215e8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:18 GMT
content-type: image/png
content-length: 59603
last-modified: Mon, 05 Sep 2022 21:49:12 GMT
etag: "63166ed8-e8d3"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=0100007F2801DD635C1413AA02D7D01E&bounced=1
194.190.76.45200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0100007F2801DD635C1413AA02D7D01E&bounced=1
IP 194.190.76.45:0
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=0100007F2801DD635C1413AA02D7D01E&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:18 GMT
content-type: image/gif
content-length: 49
x-backend-id: f23-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
fromermediagroup.com/wp-content/uploads/bfi_thumb/1656430001-banner_LM_728x90-pubywtrfpltf4b4j8piodnuhra5go5ac5he48lhbic.jpeg
144.202.100.52200 OK 20 kB URL HTTP/2 fromermediagroup.com/wp-content/uploads/bfi_thumb/1656430001-banner_LM_728x90-pubywtrfpltf4b4j8piodnuhra5go5ac5he48lhbic.jpeg
IP 144.202.100.52:0
File type gzip compressed data, max compression\012- data
Hash a2b9b8b642f5d001e8f4c6799af83e38
df448658b0499a9d9cd093d43bf64e0267caa4a2
6bbd77b8a06348ae7635440917e1cbf925f696eb07a8e270a039892a363f0972
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/bfi_thumb/1656430001-banner_LM_728x90-pubywtrfpltf4b4j8piodnuhra5go5ac5he48lhbic.jpeg HTTP/1.1
Host: fromermediagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fromermediagroup.com/index.php/api/?id=24&i=1&secure=584ea7b3f962cab4629e6c98b919a99113bc26d4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:42:18 GMT
content-type: image/jpeg
content-length: 19162
last-modified: Mon, 05 Sep 2022 21:50:47 GMT
etag: "63166f37-4ada"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f69fa811e3fb5e84694a75b82f8d141
23fa33680829eb8af2c7c5b56463d68987b77a31
a20e11e19645ffd2b1a3410c2e67ca363b363a453e8abb11b04cdd3ab290ad7e
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5737
Cache-Control: max-age=97182
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 12:42:18 GMT
Etag: "63dbc35f-1d7"
Expires: Sat, 04 Feb 2023 15:42:00 GMT
Last-Modified: Thu, 02 Feb 2023 14:06:23 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
afeera.net/?wc-ajax=get_refreshed_fragments
178.128.249.233200 OK 182 B URL HTTP/1.1 afeera.net/?wc-ajax=get_refreshed_fragments
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash 307d7563d7eb34d836c921b0223eae27
13133b7c527787775b9db115070100e57cd8a628
48e4e6f783ebfb80ce080983e01a37a2d23e5f9e829dadd68e1d1935bba1b90f
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://afeera.net
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s; fid=4366f358-85ae-4872-a398-8e71978ae7fd
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:19 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Pragma: no-cache
Access-Control-Allow-Origin: http://afeera.net
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Encoding: gzip
collector.fiverr.com/api/v2/collector
104.16.154.71200 OK 517 B URL HTTP/2 collector.fiverr.com/api/v2/collector
IP 104.16.154.71:0
Hash 0804dd6a69a8bb66e184429c04bc35ec
d83678c37aef30fb7673336a9464107deba3e474
be5ca379f6b14eaa2674e6a45b14c4c1c679fccf063e5bf6c60dc7784132b863
POST /api/v2/collector HTTP/1.1
Host: collector.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 6597
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:18 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.fiverr.com
timing-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=uOIqc7lhh2znqMYvvAm8OfrHUz7qD89Y9ZcelW5vWkQ-1675428138-0-AS9zBEdlOD7GFKw8rZJ0iX6pNGj0kUA9FD5goFnjkPhFMc7Z7sL39yVu0dYZwoDKntMgEFQMkm7Y4AUC4N1rd8c=; path=/; expires=Fri, 03-Feb-23 13:12:18 GMT; domain=.fiverr.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEXzf5sZ1SWPbEdBdvhedcF3F%2Bhq70GQB1fmNUvmulUX%2FnxzwLvbAuMld88AiNr%2Bnh4XZZ9AfU022TxT26I6MWmd0q81JsHZeYsSImSUCKakZ98udHKwOiVYECl1cQ08%2F9LQRfSu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=86.999893
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3eea699f0b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.acint.net/ping/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=00092544&dT=2023-02-03T12%3A42%3A50.320
193.3.184.137302 Moved Temporarily 142 B URL HTTP/1.1 www.acint.net/ping/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=00092544&dT=2023-02-03T12%3A42%3A50.320
IP 193.3.184.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ping/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=00092544&dT=2023-02-03T12%3A42%3A50.320 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Fri, 03 Feb 2023 12:42:19 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/ping/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=00092544&dT=2023-02-03T12%3A42%3A50.320
cdn0.forter.com/53e1270541f5/e599cc97223e4dc78ff8475fa63aa50e/prop.json?_=1675428170129
54.243.108.33200 OK 20 B URL HTTP/1.1 cdn0.forter.com/53e1270541f5/e599cc97223e4dc78ff8475fa63aa50e/prop.json?_=1675428170129
IP 54.243.108.33:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /53e1270541f5/e599cc97223e4dc78ff8475fa63aa50e/prop.json?_=1675428170129 HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://www.fiverr.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Content-Type: application/json
Connection: keep-alive
Date: Fri, 03 Feb 2023 12:42:19 GMT
Transfer-Encoding: chunked
www.acint.net/ping/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=00092544&dT=2023-02-03T12%3A42%3A50.320
193.3.184.137200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=00092544&dT=2023-02-03T12%3A42%3A50.320
IP 193.3.184.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.5.1&uid=2233fc00-c415-4cea-9b0c-6e2dacb2b30e&dp=10&tz=%2B00%3A00&nc=00092544&dT=2023-02-03T12%3A42%3A50.320 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://afeera.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=fwAAAWPdASiqExRcHtDXApU2QwlvFNgFsuT8UBrKnip0UTAF; cSyncDp7v2=1675428136; cSyncDp14v3=1675428136; cSyncDp17=1675428136; cSyncDp32=1675428136; cSyncDp45v3=1675428136; cSyncDp53v2=1675428136; cSyncDp62=1675428136; cSyncDp67v2=1675428136; cSyncDp68=1675428136; cSyncDp71=1675428136; cSyncDp85=1675428136; cSyncDp95v3=1675428136; cSyncDp98v2=1675428136; cSyncDp101=1675428136; cSyncDp104v2=1675428136; cSyncDp107=1675428136; cSyncDp110=1675428136; cSyncDp125v3=1675428136; cSyncDp126=1675428136; cSyncDp127=1675428136; cSyncDp129=1675428136; cSyncDp136v2=1675428136; cSyncDp146=1675428136; cSyncDp148=1675428136; cSyncDp149v2=1675428136; cSyncDp151=1675428136; cSyncDp178=1675428136; cSyncDp186=1675428136; cSyncDp221=1675428136; cSyncDp235=1675428136
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 12:42:19 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
cdn0.forter.com/53e1270541f5/e599cc97223e4dc78ff8475fa63aa50e/prop.json?_=1675428170364
54.243.108.33200 OK 20 B URL HTTP/1.1 cdn0.forter.com/53e1270541f5/e599cc97223e4dc78ff8475fa63aa50e/prop.json?_=1675428170364
IP 54.243.108.33:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /53e1270541f5/e599cc97223e4dc78ff8475fa63aa50e/prop.json?_=1675428170364 HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://www.fiverr.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Content-Type: application/json
Connection: keep-alive
Date: Fri, 03 Feb 2023 12:42:19 GMT
Transfer-Encoding: chunked
cdn0.forter.com/53e1270541f5/e599cc97223e4dc78ff8475fa63aa50e/wpt.json
54.243.108.33204 No Content 0 B URL HTTP/1.1 cdn0.forter.com/53e1270541f5/e599cc97223e4dc78ff8475fa63aa50e/wpt.json
IP 54.243.108.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /53e1270541f5/e599cc97223e4dc78ff8475fa63aa50e/wpt.json HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.fiverr.com/
Origin: https://www.fiverr.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type
Content-Length: 0
Date: Fri, 03 Feb 2023 12:42:19 GMT
Connection: keep-alive
cdn0.forter.com/53e1270541f5/e599cc97223e4dc78ff8475fa63aa50e/wpt.json
54.243.108.33200 OK 20 B URL HTTP/1.1 cdn0.forter.com/53e1270541f5/e599cc97223e4dc78ff8475fa63aa50e/wpt.json
IP 54.243.108.33:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST /53e1270541f5/e599cc97223e4dc78ff8475fa63aa50e/wpt.json HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 26
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://www.fiverr.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
Expires: -1
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Content-Length: 20
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Date: Fri, 03 Feb 2023 12:42:19 GMT
Connection: keep-alive
use.fontawesome.com/releases/v5.2.0/css/all.css?ver=5.2.0
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.2.0/css/all.css?ver=5.2.0
IP 172.64.133.15:0
GET /releases/v5.2.0/css/all.css?ver=5.2.0 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:15 GMT
content-type: text/css
x-amz-id-2: UbpEsaFpkv2TCFsvF+0CyV/+pGnnp70swo+kaK6QjpyhQ2SkLxOFxMko0YS0rT5KpdStKNod1wI=
x-amz-request-id: 56MAZRQX909M2CDM
last-modified: Wed, 30 Jun 2021 15:41:36 GMT
etag: W/"20a9ce516eaea76da29a23adc43e8998"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 681604
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrGf8lpCpPqVnP%2FadyBWwCK%2BeiJNk%2BSGgEwmx3kP1WRYN8Kr5vXjZKrM5RS64lryPNwr%2FoRELuY7g%2Fv6hqGyugfxDVuR%2Bn912o7h75NHdmymxVlua%2B7YQfAiy89LoRd3%2B69%2B%2BtLl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793b3ed74d4f8862-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/assets/layout-server/LocalizationEvent.8de3218bb8a8528a6226.js
104.17.47.69200 OK 0 B URL HTTP/2 npm-assets.fiverrcdn.com/assets/layout-server/LocalizationEvent.8de3218bb8a8528a6226.js
IP 104.17.47.69:0
GET /assets/layout-server/LocalizationEvent.8de3218bb8a8528a6226.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 30 Jan 2023 11:03:13 GMT
etag: W/"09b4a5fdaa9137cce53322c76cf637e3"
cf-cache-status: HIT
age: 4116
expires: Sat, 03 Feb 2024 12:42:16 GMT
cache-control: public, max-age=31536000
set-cookie: __cf_bm=1LBUlm7qVzPVmTsNfdKLb3NJpCOkbtq1GZPtqXv5jtg-1675428136-0-AXrNXS+rrLtc4nnC6Pz4/IQ5RPuwD9/G+J7lp8ePTGal+hfAgND7jIWccQEpDzXLjrOEIOvGNgCj2GIfzgwe+Lw=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5GjJf8%2BcddkBH51Tibae0vlWqZuMG5T4tM8ibu%2B78Hwuv7W4B7%2BxBR1TedwF8EHmw5MbVAk3ci22AvzSi4ChmhAE41rkJ9KNzbKpCac1%2FKodNmQvYWfqmqh9kmJm6%2FUEjb7GpD1E3C2ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3eddda4fb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/assets/@fiverr/gig_widgets_perseus/apps/gig_widgets/index.e4b6fa05a21d7f349db9.css
104.17.47.69200 OK 0 B URL HTTP/2 npm-assets.fiverrcdn.com/assets/@fiverr/gig_widgets_perseus/apps/gig_widgets/index.e4b6fa05a21d7f349db9.css
IP 104.17.47.69:0
GET /assets/@fiverr/gig_widgets_perseus/apps/gig_widgets/index.e4b6fa05a21d7f349db9.css HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 11:37:15 GMT
etag: W/"c3a0dec4df4b8c6b65b63d8292fc3aa3"
cf-cache-status: HIT
age: 1133
expires: Sat, 03 Feb 2024 12:42:16 GMT
cache-control: public, max-age=31536000
set-cookie: __cf_bm=eWxdGRD516.L73cmihogyeXD.Qr8DJwQcoOTG01hqW0-1675428136-0-AVGzbhGQqU7IpCW0JSI/eV/hdyXvnobFxLVr50XSLXUsEezPnLuKc21m28qUzC/l8JxeTm1nSLgZBKl7r8NkpxI=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn77I1GKnCJhhaKtrjND2eRBYe6p%2Bunkob%2BEf6ZhKKO%2BJ2ZoDHQtvLnT2xhYWbT7zqn0BS2eyUTZVwnVrdZ9c9CIyY4EFmDNpDIB6fEJonIHhcNIZCOmL4w7%2BQjStvIopMY9yLE5o09z8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3ede5a0eb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
tools.fiverr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
104.18.254.23200 OK 0 B URL HTTP/2 tools.fiverr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 104.18.254.23:0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: W/"5fb4e3fe-2bd8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UF9TbYWTLcVsZj9UGcaAFc8Gb0j9%2FD7jQnsS2CNdU3vvj73r5NSwRoJQp4bZFuSujLrFLqL5ynwSpAbMBzjRUj4PaFU1Dvjyb8Fiixdrw15dZCblAcJDrflPXvgYYVP5uxM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=406.999826
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3eddca40b521-OSL
X-Firefox-Spdy: h2
tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/js/searchbox-iframe.js
104.18.254.23200 OK 0 B URL HTTP/2 tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/js/searchbox-iframe.js
IP 104.18.254.23:0
GET /wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/js/searchbox-iframe.js HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 28 Mar 2021 04:31:22 GMT
etag: W/"6060069a-1507"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUTsavSQ5E6YFCG1HOg5I1rA3orUFJy7Y8gL0RpZ3aGdZacpaixiPzQRBEUNSKodd3fnRVAlersMfRv7gBSttwEWgiOKH8016b5myY4lpwD4UfS6p4LQ6Pek%2Blk8mQ%2F1sMw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=447.999954
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3ede2ac4b521-OSL
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/N2Y1NmRiNjAyMTk1MjAzYQ?redir-setuniq=1
213.180.204.90200 OK 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/N2Y1NmRiNjAyMTk1MjAzYQ?redir-setuniq=1
IP 213.180.204.90:0
GET /mapuid/gonetdspis/N2Y1NmRiNjAyMTk1MjAzYQ?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Fri, 03 Feb 2023 12:42:18 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 12:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 03 Feb 2023 12:42:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
afeera.net/wp-content/bs-booster-cache/f4ba002074c62bf4a032369ab5268b76.css
178.128.249.233200 OK 0 B URL HTTP/1.1 afeera.net/wp-content/bs-booster-cache/f4ba002074c62bf4a032369ab5268b76.css
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-content/bs-booster-cache/f4ba002074c62bf4a032369ab5268b76.css HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=e5u1vd7qppdq2f225767h3dl5s
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:15 GMT
Content-Type: text/css
Last-Modified: Thu, 26 Jan 2023 13:19:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63d27df9-c0f65"
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
cdn9.forter.com/vchk2
143.204.55.68301 Moved Permanently 0 B IP 143.204.55.68:0
GET /vchk2 HTTP/1.1
Host: cdn9.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: eyJyIjowLjY4OTg0OTk3Nzg4MDU3MDcsInUiOiJlNTk5Y2M5NzIyM2U0ZGM3OGZmODQ3NWZhNjNhYTUwZSIsInMiOiI1M2UxMjcwNTQxZjUifQ==
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://cdn9.forter.com/vchk2/v1/2bba53926f19257c3f26b14f18fa55b8f8e5c8032a8f4333e9e0620eeec1c241ac7f4bc9661355efd8f34edda672
date: Fri, 03 Feb 2023 12:42:17 GMT
access-control-allow-origin: *
timing-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _NFXjnsyHIxaifYe53I_IoMMy3zVkhDyCVLSQ4cnmj_JozLmGh2QcQ==
X-Firefox-Spdy: h2
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
5.200.43.243302 Found 0 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP 5.200.43.243:0
ASN #48096 Enterprise Cloud Ltd.
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://acint.net/match?dp=110&euid=492bd993482b4236953f637522db161b
server: Microsoft-IIS/10.0
set-cookie: adlm_userId=492bd993482b4236953f637522db161b; expires=Fri, 02 Feb 2024 21:00:00 GMT; path=/; SameSite=None; secure; samesite=lax
date: Fri, 03 Feb 2023 12:42:16 GMT
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/gonetdspis/N2Y1NmRiNjAyMTk1MjAzYQ
213.180.204.90302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/gonetdspis/N2Y1NmRiNjAyMTk1MjAzYQ
IP 213.180.204.90:0
GET /mapuid/gonetdspis/N2Y1NmRiNjAyMTk1MjAzYQ HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/gonetdspis/N2Y1NmRiNjAyMTk1MjAzYQ?redir-setuniq=1
date: Fri, 03 Feb 2023 12:42:18 GMT
set-cookie: yandexuid=9140657341675428138; domain=.yandex.ru; path=/; expires=Mon, 31-Jan-2033 12:42:18 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Fri, 03 Feb 2023 12:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Fri, 03 Feb 2023 12:42:18 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/assets/layout-server/GlobalModules.2c441ed2d9abc156d2b6.js
104.17.47.69200 OK 0 B URL HTTP/2 npm-assets.fiverrcdn.com/assets/layout-server/GlobalModules.2c441ed2d9abc156d2b6.js
IP 104.17.47.69:0
GET /assets/layout-server/GlobalModules.2c441ed2d9abc156d2b6.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 30 Jan 2023 11:03:13 GMT
etag: W/"6bc42c8b1311a00ee94fccf32c986bc0"
cf-cache-status: HIT
age: 3773
expires: Sat, 03 Feb 2024 12:42:16 GMT
cache-control: public, max-age=31536000
set-cookie: __cf_bm=nr09janTc7a01ryClyXn5t.7bERwa3JlwSwWSuXCkII-1675428136-0-AZAYpgZaLZvTEYBe3xYlU2dSMFRceJipDbJaEAPXHqAqWD8Eb/Nex7J/Olz6tayATaw9+o0CLBOf0HN0TKRTD3g=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hen5%2FPq6Xh1UGM509iAay9zbPZS3Tundtae5edA%2FW2hBh%2B%2FFv5%2FyF4dkXTtmCm%2Fuqy%2BhjNo74ASPBZ931Mj6NLmMlxPuXQnGua9cLT%2FfXYEC3vybFoKWK1Sh4jMAMgXIF1fqsUuKyA8cwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3eddca4bb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/assets/@fiverr/gig_widgets_perseus/apps/gig_widgets/index.modern.d852ef804bfe85b6c93a.js
104.17.47.69200 OK 0 B URL HTTP/2 npm-assets.fiverrcdn.com/assets/@fiverr/gig_widgets_perseus/apps/gig_widgets/index.modern.d852ef804bfe85b6c93a.js
IP 104.17.47.69:0
GET /assets/@fiverr/gig_widgets_perseus/apps/gig_widgets/index.modern.d852ef804bfe85b6c93a.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 15 Aug 2022 11:37:15 GMT
etag: W/"e9de2c4c9491494ef2f955fc39f1b4e1"
cf-cache-status: HIT
age: 1133
expires: Sat, 03 Feb 2024 12:42:16 GMT
cache-control: public, max-age=31536000
set-cookie: __cf_bm=IAIO3efj._Y0NmTU.CQ1EEEEG6osS3JcT.FgQGozXnQ-1675428136-0-AS8GpRX47jrVzCu8JcIi4rpw/MDKInbWUHqepoZTBjJD21XAFLLZgBCOh8Oo/GH0BXAy4QANcBSyUyd98jrfzoY=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9Cyl0aBK18BPgPqNzkkI3fbkIUy9EeI4ww2UKtlMp0yrokQN7t6DhuIC%2B0k94gvHrBv69a32TWaY4dG4gS%2BUkmAuYeGG4bY0joMTZPQNHj0j2GT5%2B%2FLTvRfPKIGaKrfPhbvWdz5rmGf7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3eddda4cb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
afeera.net/classifieds/browse-ads/58/assets/cross.svg
178.128.249.233200 OK 0 B URL HTTP/1.1 afeera.net/classifieds/browse-ads/58/assets/cross.svg
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert fortinet Phishing
GET /classifieds/browse-ads/58/assets/cross.svg HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://afeera.net/classifieds/browse-ads/58/water-coolers
Cookie: PHPSESSID=bn8gfe56v772mjekciib63t9pq; fid=4366f358-85ae-4872-a398-8e71978ae7fd; _ac_oid=39e8192718f4ed5a678fc273d654392b%3A1675431768216
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:42:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Link: <https://afeera.net/wp-json/>; rel="https://api.w.org/", <https://afeera.net/wp-json/wp/v2/pages/22525>; rel="alternate"; type="application/json", <https://afeera.net/?p=22525>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
npm-assets.fiverrcdn.com/translations-hub/v2/published/copies/currencies-en-US.c623873c4732d27aabc82f9210157690.js
104.17.47.69200 OK 0 B URL HTTP/2 npm-assets.fiverrcdn.com/translations-hub/v2/published/copies/currencies-en-US.c623873c4732d27aabc82f9210157690.js
IP 104.17.47.69:0
GET /translations-hub/v2/published/copies/currencies-en-US.c623873c4732d27aabc82f9210157690.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: minify
etag: W/"c623873c4732d27aabc82f9210157690"
last-modified: Tue, 03 Jan 2023 09:52:38 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 718
expires: Mon, 06 Mar 2023 12:42:16 GMT
cache-control: public, max-age=2678400
set-cookie: __cf_bm=DBeiarnnE.1Hb6xdVu3o3WvUcGeBaRckpD_5f4nj2xA-1675428136-0-AXtfiTDtlbSJgDOF8fGlQ3+56Xp9niTQon66yTfB6dKdP8midO9IQ/nyZJZ1V9WWq9eBwjpBy/rmn0MHLBRlzlk=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0bpo0kUNzdKsJ%2BL0dpadHIGYXXKdH3Jg0Jy85Dabj0LI0xMO3DzeslHOxjK0sHCQrrCTjlAGfmsUopO0UJ%2B4LojClQO5ci5Tcfr1MZ%2FZOqsTB12LC9HLLAdenYSR5HPRfFhAOj%2FC1inIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3eddca47b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin//assets/css/base.css?ver=1
104.18.254.23200 OK 0 B URL HTTP/2 tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin//assets/css/base.css?ver=1
IP 104.18.254.23:0
GET /wp-content/plugins/nn-fiverr-plugin//assets/css/base.css?ver=1 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 28 Mar 2021 04:31:23 GMT
etag: W/"6060069b-2d089"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKtm9luIgWlvlEfWdyOZeKmWFGzb3%2FH9bHV5yS5D544zMg5RRgTGY%2Fkku3dt564OIW%2FrN4j1NIThD6RTWKZ09BVR8kDHdZPN9lceSE4MJ%2Bp6v%2FcAkDg%2BYxEELyGT83%2FvUHM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=190.999985
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3eddba1db521-OSL
X-Firefox-Spdy: h2
tools.fiverr.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
104.18.254.23200 OK 0 B URL HTTP/2 tools.fiverr.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 104.18.254.23:0
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
etag: W/"636e62ad-172a9"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCi11qLO63K9USscTdMH0rArKqD7474%2F8tFr8gP24kvbXEdTrEE0dQiQyOJdvaPnmVdEOZxFfK2mXgd%2BwUL4jTkwe11w46M5IoppCvGIx5saaeKE4ZOtpRAWpg1cWYZiGjs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=620.000124
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3eddba11b521-OSL
X-Firefox-Spdy: h2
www.fiverr.com/gig_widgets?id=U2FsdGVkX18+dzmnbDd/W4q6EZGR4hMt7nWWB7HjL3CaKBlKlqaYZPqy/yXjIQpneL4R7Qkyg7alflszMVQhGHbqBX8bbGfmaeHHZSUFR3BDclYvDA3TDQVHNngyxaLInqW9v6zCLqZBCj+2LapyD2RAA0Fg+aGqa36RKIALVJ33I29mcjGfRmA9L+0bCgo4wK/k9AubWzmdHeUM0tOiM91LpWsR80R5SBbFd8sNaJrdp23MChloFsY8RW4rRt1pU+iSOi2LMogpDYvfRNRLg/3LDoboSIlIMyDrYu0NBR4pqNWPSH18sG4GmLRmkJHm8gtOFYSxctnU89IXb6TPbhTHssFfSmRUW3znzjZ67plPJ3fhUVYlwO+qx3f0f/OFYDq6QQIOcwdA+rXM4LiV1EVPdOo7GhkSnai+Jvu+8HHb/QQHu3kfmsK8IidMzqVMXq69RIiTWjr1X5HxvUYFz71E1tF7zqIAZPNUQVrWzButSRr0TWg6BILnXDoW6NUBatB49xV9PKV5D45wwzceEndXwEQVotJvKtyJrFNtMmNFFV4PFI9uNuNjJ7x7zfl+EBN3a9gdRqoR1Aba1Gt5TQeyFSyn9UV8us5kcZbwstDaOh+WEIz6zeM8uAMRnAeOzsib+uBepOmtBSSafTB/umchklkywkOjYN6IwuQZd4M=&affiliate_id=153556&strip_google_tagmanager=true
104.18.254.23200 OK 0 B URL HTTP/2 www.fiverr.com/gig_widgets?id=U2FsdGVkX18+dzmnbDd/W4q6EZGR4hMt7nWWB7HjL3CaKBlKlqaYZPqy/yXjIQpneL4R7Qkyg7alflszMVQhGHbqBX8bbGfmaeHHZSUFR3BDclYvDA3TDQVHNngyxaLInqW9v6zCLqZBCj+2LapyD2RAA0Fg+aGqa36RKIALVJ33I29mcjGfRmA9L+0bCgo4wK/k9AubWzmdHeUM0tOiM91LpWsR80R5SBbFd8sNaJrdp23MChloFsY8RW4rRt1pU+iSOi2LMogpDYvfRNRLg/3LDoboSIlIMyDrYu0NBR4pqNWPSH18sG4GmLRmkJHm8gtOFYSxctnU89IXb6TPbhTHssFfSmRUW3znzjZ67plPJ3fhUVYlwO+qx3f0f/OFYDq6QQIOcwdA+rXM4LiV1EVPdOo7GhkSnai+Jvu+8HHb/QQHu3kfmsK8IidMzqVMXq69RIiTWjr1X5HxvUYFz71E1tF7zqIAZPNUQVrWzButSRr0TWg6BILnXDoW6NUBatB49xV9PKV5D45wwzceEndXwEQVotJvKtyJrFNtMmNFFV4PFI9uNuNjJ7x7zfl+EBN3a9gdRqoR1Aba1Gt5TQeyFSyn9UV8us5kcZbwstDaOh+WEIz6zeM8uAMRnAeOzsib+uBepOmtBSSafTB/umchklkywkOjYN6IwuQZd4M=&affiliate_id=153556&strip_google_tagmanager=true
IP 104.18.254.23:0
GET /gig_widgets?id=U2FsdGVkX18+dzmnbDd/W4q6EZGR4hMt7nWWB7HjL3CaKBlKlqaYZPqy/yXjIQpneL4R7Qkyg7alflszMVQhGHbqBX8bbGfmaeHHZSUFR3BDclYvDA3TDQVHNngyxaLInqW9v6zCLqZBCj+2LapyD2RAA0Fg+aGqa36RKIALVJ33I29mcjGfRmA9L+0bCgo4wK/k9AubWzmdHeUM0tOiM91LpWsR80R5SBbFd8sNaJrdp23MChloFsY8RW4rRt1pU+iSOi2LMogpDYvfRNRLg/3LDoboSIlIMyDrYu0NBR4pqNWPSH18sG4GmLRmkJHm8gtOFYSxctnU89IXb6TPbhTHssFfSmRUW3znzjZ67plPJ3fhUVYlwO+qx3f0f/OFYDq6QQIOcwdA+rXM4LiV1EVPdOo7GhkSnai+Jvu+8HHb/QQHu3kfmsK8IidMzqVMXq69RIiTWjr1X5HxvUYFz71E1tF7zqIAZPNUQVrWzButSRr0TWg6BILnXDoW6NUBatB49xV9PKV5D45wwzceEndXwEQVotJvKtyJrFNtMmNFFV4PFI9uNuNjJ7x7zfl+EBN3a9gdRqoR1Aba1Gt5TQeyFSyn9UV8us5kcZbwstDaOh+WEIz6zeM8uAMRnAeOzsib+uBepOmtBSSafTB/umchklkywkOjYN6IwuQZd4M=&affiliate_id=153556&strip_google_tagmanager=true HTTP/1.1
Host: www.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: text/html; charset=utf-8
etag: W/"40672-Z/j47C6YiESLFcAmCXwC6SOtUIQ"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOzQPYShyu11F4LXXWsrBy3sBHaoUWWBGIIkONWia4BxlNllWMsAR%2F1sJB7yM%2FUFZPuE0VEbB32AAAU6mtNQiBiqN%2F23buHpnhGD7l0%2BZNsvGRME6yUjNBsdfmrFvnFU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: _pxhd=1vPZNdd83XrBGLiIhMqhyEQw3S7Qqmum9H03qC96J7dvJ28-oPswZCGDnVNtZnhQaqqgwT42k5poSxn8WVHh5A==:u1rBjGf5/s9knVXqNXokXzUxlJmCt6wEFa12je42qCxmKhFQVHc731Y4OVfTJuYb8dPBEgHfkLPOhLETHNLz5EwGE9ELcfUzarel/C7x6nk=; Expires=Sat, 03-Feb-24 12:42:16 GMT; Path=/
u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; Max-Age=31536000; Domain=.fiverr.com; Path=/; Secure; SameSite=None
logged_out_currency=EUR; Domain=.fiverr.com; Path=/
flashes=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
__cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverr.com; HttpOnly; Secure; SameSite=None
__cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136; path=/; domain=.fiverr.com; HttpOnly; Secure; SameSite=None
server-timing: app; dur=30.887026; desc="Application Response Time", gw; dur=36; desc="API gateway", lb;dur=40;desc="External Load Balancer", nx;dur=0.075;desc="External Load Balancer", cfRequestDuration;dur=226.000071
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3edaee08b521-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/img/logo-circle.svg
104.18.254.23200 OK 0 B URL HTTP/2 tools.fiverr.com/wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/img/logo-circle.svg
IP 104.18.254.23:0
GET /wp-content/plugins/nn-fiverr-plugin/searchbox-dashboard/assets/img/logo-circle.svg HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:17 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 28 Mar 2021 04:31:22 GMT
etag: W/"6060069a-1e7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSSklKbXnSaR99ljtuemH6nma4lep%2Bbo%2B34rDXIzywc8CIVo1XXAF0Hkt2WxxxGhYLsIGexP6cVOlCEWyIJFI7NAuuzz3DaYHajskbs%2BK0SqOl6M3Bd3mKOW7fbZ53N4UZ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=395.999908
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3eddda5bb521-OSL
X-Firefox-Spdy: h2
afeera.net/wp-content/uploads/2022/04/cropped-afree-logo-192x192.png
178.128.249.233404 Not Found 0 B URL HTTP/2 afeera.net/wp-content/uploads/2022/04/cropped-afree-logo-192x192.png
IP 178.128.249.233:0
ASN #14061 DIGITALOCEAN-ASN
GET /wp-content/uploads/2022/04/cropped-afree-logo-192x192.png HTTP/1.1
Host: afeera.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://afeera.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Fri, 03 Feb 2023 12:42:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://afeera.net/wp-json/>; rel="https://api.w.org/"
set-cookie: PHPSESSID=p2qfnnih65d0ejrjb21e4bhjln; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/translations-hub/v2/published/copies/countries-en-US.0b36898a2dd4adf760c01087de0fe19a.js
104.17.47.69200 OK 0 B URL HTTP/2 npm-assets.fiverrcdn.com/translations-hub/v2/published/copies/countries-en-US.0b36898a2dd4adf760c01087de0fe19a.js
IP 104.17.47.69:0
GET /translations-hub/v2/published/copies/countries-en-US.0b36898a2dd4adf760c01087de0fe19a.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: minify
etag: W/"0b36898a2dd4adf760c01087de0fe19a"
last-modified: Tue, 03 Jan 2023 09:52:38 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 5376
expires: Mon, 06 Mar 2023 12:42:16 GMT
cache-control: public, max-age=2678400
set-cookie: __cf_bm=kK1eugKIHrzDCnT6PyAFZFViFUPDl4nRTHmF37K3uwM-1675428136-0-AWxYiTYOtM582+R1ngwJPbvX5FepYTwcRVMuBxnJmACCit1U96362upt9CKIBeu8WLYNVW3+2M8jLot4FAhPnxo=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72Ld9selkCjtO6hQlAwX4ZHH5FCo%2FzCTBse0wL%2FBYKldjz%2BJkgOVDtcNFbocTsx0fn4B2QLY1j41rgBxIiy7KUcKRuD0ymJ0qKo87MB6%2B9uOBdlzdujfsdabZmnOVhvGTDKVRSwBeaZPbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3eddca46b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
53e1270541f5.cdn4.forter.com/snS/53e1270541f5/sha256-6FMuNcGvRNbLH%2Fa2Mmio38gtcmbGx81jMajq6pIzKYc%3D/script.js
143.204.55.87200 OK 0 B URL HTTP/2 53e1270541f5.cdn4.forter.com/snS/53e1270541f5/sha256-6FMuNcGvRNbLH%2Fa2Mmio38gtcmbGx81jMajq6pIzKYc%3D/script.js
IP 143.204.55.87:0
GET /snS/53e1270541f5/sha256-6FMuNcGvRNbLH%2Fa2Mmio38gtcmbGx81jMajq6pIzKYc%3D/script.js HTTP/1.1
Host: 53e1270541f5.cdn4.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Fri, 03 Feb 2023 12:42:17 GMT
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
timing-allow-origin: *
set-cookie: forterSId=c737dc8165b548bc9b5ec95090e90424_1675428137404; Max-Age=31536000; Domain=.53e1270541f5.cdn4.forter.com; Path=/; Expires=Sat, 03 Feb 2024 12:42:17 GMT; HttpOnly; Secure; SameSite=None
last-modified: Fri, 03 Feb 2023 12:42:17 GMT
expires: Fri, 03 Feb 2023 12:47:17 GMT
cache-control: private, max-age=300
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QK4QMugcGiMuVXbKSuWSdKqOx6YE4eFU3XoUi1u2evyAeCGpY6kabA==
X-Firefox-Spdy: h2
tools.fiverr.com/wp-content/themes/twentytwenty/assets/js/index.js?ver=1.6
104.18.254.23200 OK 0 B URL HTTP/2 tools.fiverr.com/wp-content/themes/twentytwenty/assets/js/index.js?ver=1.6
IP 104.18.254.23:0
GET /wp-content/themes/twentytwenty/assets/js/index.js?ver=1.6 HTTP/1.1
Host: tools.fiverr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tools.fiverr.com/?searchbox-iframe=1&affid=153556&widget-commission=fiverrhybrid&widget-style=2
Cookie: __cf_bm=8AQjw_pdYUnMlASAWOp4sND.KKuyb6Bm4fOUgp.ipuM-1675428136-0-ARnxZQ2wrXkTEcYSiElpjqVrEy1MQqpH8UcNfO0p/HdMTNDYNLhE6U1nQeT7Odt3/DdSHGNClfwVxSEj707BqeA=; u_guid=1675428137000-b6817dce54d6d8cbd537b607cd5f7fb2bfc42c79; __cfruid=65bbaf87514e380ddd3f789533f406e46498190a-1675428136
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 28 Mar 2021 04:31:22 GMT
etag: W/"6060069a-6713"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKfF2l1kVYdbOIj6955vs9hO9SmRQHQ97TMUCekrobX7qRSdD%2BujcL6imXQzC7uJ6kLtOUmlPoq5LvT1Up4pW6Psyi%2Bujym89B5hwHcJxiwJriuj9NoFHi7hFZ1EhzzBWPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=187.999964
accept-ch: UA,Sec-CH-UA-Mobile,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,ECT
server: cloudflare
cf-ray: 793b3eddba22b521-OSL
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/assets/@fiverr-private/vendors-lodash/production.c056bf9bbb5e88ae3381.js
104.17.47.69200 OK 0 B URL HTTP/2 npm-assets.fiverrcdn.com/assets/@fiverr-private/vendors-lodash/production.c056bf9bbb5e88ae3381.js
IP 104.17.47.69:0
GET /assets/@fiverr-private/vendors-lodash/production.c056bf9bbb5e88ae3381.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sun, 27 Nov 2022 10:16:01 GMT
etag: W/"6526b36e61f057c13239848835901405"
cf-cache-status: HIT
age: 2835
expires: Sat, 03 Feb 2024 12:42:16 GMT
cache-control: public, max-age=31536000
set-cookie: __cf_bm=be7qHq_b9mPLTLCLG2Jgnkp5jVf.LrwBtU4CDTJJ.do-1675428136-0-AVpyp/uljda6QNSUVpiAetfawiqF52grr7ylrh/mXCP7vxzd4RbfNm8iNMuoysHpCLhhfebkQ4dj7wnp6KDSlm4=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZEfi6z3StRGyOXGTkRe0pidxuiImA%2Bpi%2BWwbDyqlYfueZ38Ys9s4LtIf1onitXeNH%2B6MPyusQDJhS%2FCOfSTldzmERGPcoOWf0zC8t5lfixTsmHQ2vm2IcV76BAXXIyiRF7KlV1gy57FwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3eddca41b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
npm-assets.fiverrcdn.com/translations-hub/v2/published/categories_chimera/v1/sub_categories-en-US.a0baa0276fb6f3a6a4dfdce55268958d.js
104.17.47.69200 OK 0 B URL HTTP/2 npm-assets.fiverrcdn.com/translations-hub/v2/published/categories_chimera/v1/sub_categories-en-US.a0baa0276fb6f3a6a4dfdce55268958d.js
IP 104.17.47.69:0
GET /translations-hub/v2/published/categories_chimera/v1/sub_categories-en-US.a0baa0276fb6f3a6a4dfdce55268958d.js HTTP/1.1
Host: npm-assets.fiverrcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fiverr.com
Connection: keep-alive
Referer: https://www.fiverr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 12:42:16 GMT
content-type: application/javascript
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: minify
etag: W/"a0baa0276fb6f3a6a4dfdce55268958d"
last-modified: Tue, 31 Jan 2023 09:37:44 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 2835
expires: Mon, 06 Mar 2023 12:42:16 GMT
cache-control: public, max-age=2678400
set-cookie: __cf_bm=pBOJWoXPkYlsWHXp3JDHiz6dYZaizjA9NuYE_bySNzY-1675428136-0-AQczQlfHRIgDOvkMNVP35Hxp09CkXHBo2x+BxATjPICnUyfoKerZ3rzRXrnL3JSDqumA1zjoNBBM3743zCx9CJs=; path=/; expires=Fri, 03-Feb-23 13:12:16 GMT; domain=.fiverrcdn.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0xBpIRt%2BcVQ%2BRTwKYveGC3PWMk8OcpRPve70Ldc8EnaWst7By4obtsVMStNcxHhNM8jX7SVqbhMdsQvBB3JnmsmK%2B9FsU2iTC2n%2BwI5R3uzJpLVERfdwrGOtVx5OMtcs9N0Vi71Z9pjmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
server: cloudflare
cf-ray: 793b3eddca45b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2