| www.protectfreefasteffective.rest/bc424d50-1e42-426e-9130-7446cf6fc5fd/?btd=dHJrLnNoaW5lLWNhci1kZXNlcnQtYWRqZWN0aXZlLnh5eg&exptoken=MTY2NzEyNjM0Mjk2OA==&lang=en&r_countrycode=GB&r_ip=2a01:4b00:8694:700:4831:dd3f:a7b7:e349&r_lang=en&r_okeyword=amazon%C2%A31000&td=dHJrLmZhdC1wbGFpbi1zdGF0ZW1lbnQtbG92ZWx5Lnh5ei9zbndkYXJ0Zg | 104.21.73.147 | 200 OK | 2.5 kB |
URL HTTP/1.1www.protectfreefasteffective.rest/bc424d50-1e42-426e-9130-7446cf6fc5fd/?btd=dHJrLnNoaW5lLWNhci1kZXNlcnQtYWRqZWN0aXZlLnh5eg&exptoken=MTY2NzEyNjM0Mjk2OA==&lang=en&r_countrycode=GB&r_ip=2a01:4b00:8694:700:4831:dd3f:a7b7:e349&r_lang=en&r_okeyword=amazon%C2%A31000&td=dHJrLmZhdC1wbGFpbi1zdGF0ZW1lbnQtbG92ZWx5Lnh5ei9zbndkYXJ0Zg IP104.21.73.147:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text Hasha69e3b30d71d4d2b9179b2d7958f781e 1e9bcaa9048b914d2c3f9ab36b320eb8c35c1443 94e1b818cacac17ab2be0cdb9e0368af09f0b8fcf75e6088012ef5f840c7199e
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bc424d50-1e42-426e-9130-7446cf6fc5fd/?btd=dHJrLnNoaW5lLWNhci1kZXNlcnQtYWRqZWN0aXZlLnh5eg&exptoken=MTY2NzEyNjM0Mjk2OA==&lang=en&r_countrycode=GB&r_ip=2a01:4b00:8694:700:4831:dd3f:a7b7:e349&r_lang=en&r_okeyword=amazon%C2%A31000&td=dHJrLmZhdC1wbGFpbi1zdGF0ZW1lbnQtbG92ZWx5Lnh5ei9zbndkYXJ0Zg HTTP/1.1
Host: www.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 30 Oct 2022 10:40:09 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Origin
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SeQ2FME125zvEJ%2BSFx%2B8x8OycjXF9tDuFSChAKGKs9R4h%2FOnss9wFONfccZ%2Fd4NcCuA8onfGEcHqrOhE7VcDYgIkp%2BlUFM4y74AsMi6C54wwGNiYGDgCoJ9lROhQUMjOerb57dXJJVO3UU7kGcEkOGSj1A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 762387fbaf9fb515-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash08e6c2a84b9de97bdd5a18a3a63ae614 7efc3c3550bf303438e0ec910f78714588f3c72b a3bfd5d99c99a5956cf91510743a0911b300938ae2095bfbadbc7f9485b4e3b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3BFD5D99C99A5956CF91510743A0911B300938AE2095BFBADBC7F9485B4E3B9"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14039
Expires: Sun, 30 Oct 2022 14:34:08 GMT
Date: Sun, 30 Oct 2022 10:40:09 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash856ee3167a1a6efa13187b6d726d61e4 30d121bebc8f164b38d929e94193ca0caa9ce708 c79ab5ce8d207664a2e0b63762e68f1a906d68c31c59139965201c870619063a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3724
Cache-Control: max-age=85977
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 10:40:09 GMT
Etag: "635cf2d6-1d7"
Expires: Mon, 31 Oct 2022 10:33:06 GMT
Last-Modified: Sat, 29 Oct 2022 09:31:02 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash856ee3167a1a6efa13187b6d726d61e4 30d121bebc8f164b38d929e94193ca0caa9ce708 c79ab5ce8d207664a2e0b63762e68f1a906d68c31c59139965201c870619063a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3724
Cache-Control: max-age=85977
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 10:40:09 GMT
Etag: "635cf2d6-1d7"
Expires: Mon, 31 Oct 2022 10:33:06 GMT
Last-Modified: Sat, 29 Oct 2022 09:31:02 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe59d16ee0744a08cb29d0f7e664a3827 f64722982e24ecc948f599edc76e36250ddf5112 2ef6e5bddd86663d50c9c66bc8b46f92534f4d0ef5e490a24fb876355ec006b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EF6E5BDDD86663D50C9C66BC8B46F92534F4D0EF5E490A24FB876355EC006B9"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6474
Expires: Sun, 30 Oct 2022 12:28:03 GMT
Date: Sun, 30 Oct 2022 10:40:09 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tXqkQyUOHDWPl1wNLgbzEdZkh8hfGtxlJ5oK1N7R/lpKA6zwsQwJGvyuZ02K8j9Fk5L/9+3ced0=
x-amz-request-id: 8DAGGN2E1AH4VPEG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 30 Oct 2022 09:44:27 GMT
age: 3342
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 10:40:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/W9c7UrtayLo | 142.250.74.35 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/W9c7UrtayLo IP142.250.74.35:0
Hashb1cc61063e9dfdbe5b6b5eb6985291a2 7eab4a5de0bbb07c6db6f8f14c3f0bfa5a5b2394 d156938c6d3b709799a675794f5cc49a0bd16d0c96fcf4e6898351c0bc4ac356
POST /s/gts1p5/W9c7UrtayLo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 10:40:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1p5/W9c7UrtayLo | 142.250.74.35 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/W9c7UrtayLo IP142.250.74.35:0
Hashb1cc61063e9dfdbe5b6b5eb6985291a2 7eab4a5de0bbb07c6db6f8f14c3f0bfa5a5b2394 d156938c6d3b709799a675794f5cc49a0bd16d0c96fcf4e6898351c0bc4ac356
POST /s/gts1p5/W9c7UrtayLo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 10:40:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1p5/W9c7UrtayLo | 142.250.74.35 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/W9c7UrtayLo IP142.250.74.35:0
Hashb1cc61063e9dfdbe5b6b5eb6985291a2 7eab4a5de0bbb07c6db6f8f14c3f0bfa5a5b2394 d156938c6d3b709799a675794f5cc49a0bd16d0c96fcf4e6898351c0bc4ac356
POST /s/gts1p5/W9c7UrtayLo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 10:40:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1p5/W9c7UrtayLo | 142.250.74.35 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/W9c7UrtayLo IP142.250.74.35:0
Hashb1cc61063e9dfdbe5b6b5eb6985291a2 7eab4a5de0bbb07c6db6f8f14c3f0bfa5a5b2394 d156938c6d3b709799a675794f5cc49a0bd16d0c96fcf4e6898351c0bc4ac356
POST /s/gts1p5/W9c7UrtayLo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 10:40:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1p5/W9c7UrtayLo | 142.250.74.35 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/W9c7UrtayLo IP142.250.74.35:0
Hashb1cc61063e9dfdbe5b6b5eb6985291a2 7eab4a5de0bbb07c6db6f8f14c3f0bfa5a5b2394 d156938c6d3b709799a675794f5cc49a0bd16d0c96fcf4e6898351c0bc4ac356
POST /s/gts1p5/W9c7UrtayLo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 10:40:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_type/gsw2022ii/_style.css | 172.67.145.167 | 200 OK | 41 B |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_type/gsw2022ii/_style.css IP172.67.145.167:0
Hash4e138f3e8428e2b23ffb9d7b8982d418 419d7251869456ea2bbd805e3d66a3496979eec4 9eb9d7cd1eb1a573385364334d1828322f6849a0cb5a0f6d401de9592a1073ab
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_type/gsw2022ii/_style.css HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: text/css
content-length: 41
x-guploader-uploadid: ADPycdsCeItU-V2vDy4RgL1rEJRVm4rPOGfBoY4EMoNuXPsa0VpJtNJRdXbPNkILe6fZ6lnFrcZdfHeCPCEglqOuAQ4TLA
x-goog-generation: 1664729328132597
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 41
x-goog-hash: crc32c=GY3ADg==, md5=ThOPPoQo4rI/+517iYLUGA==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
expires: Sun, 30 Oct 2022 11:40:10 GMT
cache-control: public, max-age=14400
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "4e138f3e8428e2b23ffb9d7b8982d418"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yt8d8%2Bkbpsplge33wjQ%2Ffi5%2FHmium3tSqdezkbYdmMA53Cp53BP9M8gEZcjJW1mWidEiGG7tebb0twlz9cDJDRgyqMz1aumTNLpry3clkmWTfRFB9E%2BerH0YoxDbSfR%2BbU1HjlmkSH3wjDydgY44hIrMMJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a2f1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_initial_m.jpg | 172.67.145.167 | 200 OK | 950 B |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_initial_m.jpg IP172.67.145.167:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data Hash62a261739e9a386d39d542903d5ab050 6cc87f77a580ce13068a1324b397070db3817511 669c7de8cc4685bb673f13db0b8de84fd8142005c4db680cbe35fad7b852c631
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_initial_m.jpg HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/jpeg
content-length: 950
x-guploader-uploadid: ADPycdsoc2gh7u0eqmLry2sAqkljCeXdG55A8VMJpEA1Wuumsj6c3Gy5jpibUxpWYOsv_S3bYD4bG43I68_tZnf67yNwOD1OsRmQ
x-goog-generation: 1664729328166537
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 950
x-goog-hash: crc32c=2LDN9Q==, md5=YqJhc56aOG051UKQPVqwUA==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
expires: Sun, 30 Oct 2022 11:40:10 GMT
cache-control: public, max-age=14400
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "62a261739e9a386d39d542903d5ab050"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTMTRrl69Iquz8QOVjMc%2BefpU%2B73umeopfiaKLaWkc6qy81RewoGzBVDOb9QnM269cpm5HmSxdj3Ob1GILITjpetl%2BUyBq6y2p4pPnMRnYr101reTypn9bjEjHy49mC5B1fcRmPMQP%2BDlYGke7kwLyFjry4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a391c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/confetti.js | 172.67.145.167 | 200 OK | 5.8 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/confetti.js IP172.67.145.167:0
Hash569f8cac29e28c0c0c3840eb3ea57f97 c063225fbdc6653a0881ae93513215ca4cf0e370 620eb11860249bad4de011d39202d9b01ef791565fc332e79047c0e5429e7fba
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/confetti.js HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: application/octet-stream
content-length: 5802
x-guploader-uploadid: ADPycdvNR5fQN92HDRClmegbV6di7LKGP7MiTIuxEUeQxkL1gltNCEyEGygIxLbJk9VdHnCxOMkW1QRN2BeLp41PQ6BqS-m3zyuG
x-goog-generation: 1664729329287214
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5802
x-goog-hash: crc32c=+NDKIg==, md5=Vp+MrCnijAwMOEDrPqV/lw==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
expires: Sun, 30 Oct 2022 11:40:10 GMT
cache-control: public, max-age=14400
last-modified: Sun, 02 Oct 2022 16:48:49 GMT
etag: "569f8cac29e28c0c0c3840eb3ea57f97"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASVY2%2F%2BH0Zl5aY3LJ1n9kh%2F9WbI89DZz6yoceo53yR2h%2FEIU1%2FGxOdP3PWhz%2FZM1hiTfTuEfQCEybd8VoaauwYM7UCWVazmq6E6e4cdUNsy0nJmO9G71lTscAouOnUrhhLWiyGDHZOJzew9Rw%2Bp9xT2LSso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a4d1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/W9c7UrtayLo | 142.250.74.35 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/W9c7UrtayLo IP142.250.74.35:0
Hashb1cc61063e9dfdbe5b6b5eb6985291a2 7eab4a5de0bbb07c6db6f8f14c3f0bfa5a5b2394 d156938c6d3b709799a675794f5cc49a0bd16d0c96fcf4e6898351c0bc4ac356
POST /s/gts1p5/W9c7UrtayLo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 10:40:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/_style01.css | 172.67.145.167 | 200 OK | 2.9 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/_style01.css IP172.67.145.167:0
File typeASCII text, with CRLF line terminators Hash1418fb25c6523650e2d47dede4712206 04d1df9f3e59829e78a01550e14c68b1fe17ee55 76298911eeb95ac6984922064f122752b82f5d3a73df2c5daf97154785b1097a
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/_style01.css HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: text/css
x-guploader-uploadid: ADPycdvza69ohMl-tOu3eBOH8ElLHHBx3PUmpvdFfsi1bmI2wlbsiZ037VtcrYiSZt-oudLc6bu9hIttvYmfrDwx9sCoSQ
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Thu, 27 Oct 2022 18:43:44 GMT
etag: W/"b071f2505e015701d8ef6c695e1de096"
x-goog-generation: 1666896224800664
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10115
x-goog-hash: crc32c=92suyw==, md5=sHHyUF4BVwHY72xpXh3glg==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0v3VtPk7p%2BG1yRSDZCMMY%2BS3kFPRnwf2LOVcMWpNvfkLLDkRiKRp4qyGnOro%2FlbKevghqazxOtnvRr2SOyhL1mr3as6Nu%2FWU8x2lmv5ICP0lhAtfnQpWEtPRvA9KIVbhzVfiaCjjYEZ11PKW6GqMiDGTDNY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff7a6c1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_2.jpg | 172.67.145.167 | 200 OK | 1.3 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_2.jpg IP172.67.145.167:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash95002cd3fbc38552be3bd52eb11e1eda 3233afcc53bb01622592cb14b7fdaa590fca697c b942e9ba4c5f2ae8d8895aff97ab414b4aaef7e5d93097a29bc8570bd4057558
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_2.jpg HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/jpeg
content-length: 1342
x-guploader-uploadid: ADPycduh3mLcSg0fKWnDOz-vFbA8V_ydkVzU1jHN4X-qeYJHpyI7DWPGF0X-Z48HCiq5vx-Rk9uq09bCoHWai2zyZy4ErQ-mfFEu
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "95002cd3fbc38552be3bd52eb11e1eda"
x-goog-generation: 1664729328162441
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1342
x-goog-hash: crc32c=dwqn1Q==, md5=lQAs0/vDhVK+O9UusR4e2g==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCvHv7EDV4jWcJ3GggTuAVxVE9yuZJJ%2FztyOum%2B1HcMHj78xBKxjp488Bz10P2JmhajsTXtRbMyezqp5zqpwjsv9N0ZRYb%2BYBUL5BhAYtG6nfI%2FSXjYmrU6TI7qs1zjsThC59bY8bcT%2F4Xk9Po%2B86oZBZL0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a3e1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_4.jpg | 172.67.145.167 | 200 OK | 1.2 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_4.jpg IP172.67.145.167:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash19fdf1324a5920f70b9be0dcd7a59590 3bf1ae07a2b6cc66a9451e380f5cfe69d5fa0c3a 693cd7b96cc6f528b604624a2ba915041b093203d956986fe4f57f1f230c7ad9
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_4.jpg HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/jpeg
content-length: 1172
x-guploader-uploadid: ADPycdtV_Dyf9JmiYvOxzrrYj3teHip4_t_n75_yE5NVSvi0Lxwsq72p50gzCa18ug46xZ6Sv72MkpUY_u28noKRxAY57YXNUQAh
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "19fdf1324a5920f70b9be0dcd7a59590"
x-goog-generation: 1664729328138038
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1172
x-goog-hash: crc32c=mJlmDw==, md5=Gf3xMkpZIPcLm+Dc16WVkA==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D3rU1W0ZRO8g0nsuzrF4Ags4ZKAyo0NkJZbSkSanPP8j%2FZ8p0MLUG7ls1ieMmrIiHKDPwbW5hAU82xYBOp0lD6Wa4zQS06PAKuKXDsSUqVvCMVLLNTgvYK8tvm9iD1UUaocmX4dYQ6SUbpVaBiR6iljkqs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a461c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_heart.jpg | 172.67.145.167 | 200 OK | 1.3 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_heart.jpg IP172.67.145.167:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hashd3a09cd99db03d6956fc6823501a54ef 4d79137e1c2a2fd217c1afeccc8ad72e837b221c c522456471f528146faf2bd9f46bd771e11fd37016a819cf9106a996e8affcb4
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_heart.jpg HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/jpeg
content-length: 1337
x-guploader-uploadid: ADPycdsT_oV_VUqt_RSrMjM1ov6mj5Gw5bdn64TEKXXqq6GzrfBiCvvsOWbODbteeNMiiEMDA1ZwWnhi5l3dABQ9z_UNVduGCwat
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "d3a09cd99db03d6956fc6823501a54ef"
x-goog-generation: 1664729328142418
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1337
x-goog-hash: crc32c=XCLv6A==, md5=06Cc2Z2wPWlW/GgjUBpU7w==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbOGF62zzwp5DO6Z%2BkWqECJ3NmEEZgAoaFADOXS2Z7y2aN9LqJH5xAxk9JaicHe2yhblpvNng32J%2B3DwlvA%2F%2FL%2Bc65iGJwLZLvug4MjG7dn7ZGyVb5awQiUZslkVnX6WRWHVk%2FBZDUorckuQ3okt%2B7i%2FsSk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a3c1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/loading4.gif | 172.67.145.167 | 200 OK | 7.9 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/loading4.gif IP172.67.145.167:0
File typeGIF image data, version 89a, 50 x 50\012- data Hash2b19ca3439b94b7a398b56ea9b5afa49 d132175327753974c4b00e47f4ee91c0cd2065fb 11894f102437796ba20a1b49a71253e51c340d5ae28ea83e7dcb6fcf9d83e2d1
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/loading4.gif HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: application/octet-stream
content-length: 7916
x-guploader-uploadid: ADPycdtNRWUgp4v5x5GRZR2sbu2NNUPiFVvTLpa1hRI7TBEEYpMcFBF65NYV3sxkbvqNxAMUunLetkhWU618NSFb8vUC0w
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:49 GMT
etag: "2b19ca3439b94b7a398b56ea9b5afa49"
x-goog-generation: 1664729329406085
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7916
x-goog-hash: crc32c=D2nRgA==, md5=KxnKNDm5S3o5i1bqm1r6SQ==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KtTcBial9pV1p0nhFz8uSnK5Ewp7lwAUEI8j2vqnb%2FXs%2BDIMh9OHGw8UNyqQkOViZ1N4%2FbgQJP8tlBq9ddD5wT9CM9EMHlfwy3HTFwWA2OlnIYWnjMcE7vZacw0WOh04yd6YG3hq1MIHjrGJAeuyLNZ%2FLk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a431c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_cat.jpg | 172.67.145.167 | 200 OK | 1.3 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_cat.jpg IP172.67.145.167:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash78fddcaf244f729ef63e328e049f2110 e6f80bbc3c7e2d1c23ddfb9ceaf73c359647ce0f 6ece261ffa4d54c68f8fc1b0441fe423a121d7f4bdfd72613e9187e310944ae1
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_cat.jpg HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/jpeg
content-length: 1340
x-guploader-uploadid: ADPycdsvSG29qS8VF1gxN6bItqoM5f47NCX0IgQMVEdXWqs5IoCrsBnaIU9hKbtFCY4CP9Ke8oqQxMLGDVbT3d99pwI1Jg
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "78fddcaf244f729ef63e328e049f2110"
x-goog-generation: 1664729328150053
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1340
x-goog-hash: crc32c=bJkVcw==, md5=eP3cryRPcp72PjKOBJ8hEA==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0ThjeYUSGEqdoh1swSAY4Caqz4NvycE693zUQak8ZuHYoBr7rA3fUySR1xc36tVFG3AjxcG%2FUQ3gDrh%2BWIpRDv%2BCYdGkHChLpbxYLXQUmH2NGQ7rUVViwJPW8sLFfns7SRgYKwqWvc7g76KRe1jpcGnPCA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a411c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_initial_r.jpg | 172.67.145.167 | 200 OK | 807 B |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_initial_r.jpg IP172.67.145.167:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data Hash3c777668dafeeb70ccc712b2772d7bc5 c896b95b8de6a5773f805862b7eda76afdcee5bf 7fbbaed15a8beaf623f6eaab8c739875e3f90dd929e09a03bcdb2327e486c438
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_initial_r.jpg HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/jpeg
content-length: 807
x-guploader-uploadid: ADPycdtBzwf84zez5-_Ep8Qw3BCfdWEcLO2SxIF1_AQ0a_Hqi86dRPanEIATg9Sfhu2A2uaOWnbuBLS_g2C4EVxzZvKK7g
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "3c777668dafeeb70ccc712b2772d7bc5"
x-goog-generation: 1664729328146977
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 807
x-goog-hash: crc32c=98kVEQ==, md5=PHd2aNr+63DMxxKydy17xQ==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNfCpGFfywsUa3Sv88PoByIrU4LYQB8n%2Bamq0feECL1RHnVwO23jURxMB6lfHKRrvX8DX1UYJxGsmqHe925Yxe%2F%2Bh9QnISe3lDCWsLNwopuPcDAj5o3ldb3lwPxxvxO5hHQS8DWZ1b64XXVVqd31qmzGPzI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a481c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_3.jpg | 172.67.145.167 | 200 OK | 1.3 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_3.jpg IP172.67.145.167:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hashcdf43a51ae38685e65481ccdce3577e5 581a7ab85b933f840aa43b33c6f1b63252b4f0c6 6f56c67fa70da83eee1efc01fc4249d2dbe12787d9b1496cd568ebdaab17ff15
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_3.jpg HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/jpeg
content-length: 1265
x-guploader-uploadid: ADPycduRlLpnoxclt6KUJphvV71my1TZnITnLJBWFR-BZmPnBPwI8l28WOMI-R8gMPNSmP4BB6YAyVckz813U1-XsQUOmQ
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "cdf43a51ae38685e65481ccdce3577e5"
x-goog-generation: 1664729328163479
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1265
x-goog-hash: crc32c=iatI5Q==, md5=zfQ6Ua44aF5lSBzNzjV35Q==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bhJ39JElFWMaTC3RGx7mu7dfGJ%2FAqq25S2bSGaqpnRydPobZpT652CLuhw3aMDk8YCjqgsnx5%2FhrxDueva%2FNsQKS%2BG1zLpucq4o3TZOIGQnzgM2s%2FNqVDeRpRe3r96iOoO5%2FBz1ylPimYqrawSiwPoeMfg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a3a1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_brand/google/logo.png | 172.67.145.167 | 200 OK | 22 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_brand/google/logo.png IP172.67.145.167:0
File typePNG image data, 300 x 112, 8-bit/color RGBA, non-interlaced\012- data Hash5174f0e365f25d1db538eb424cda65f1 64893ed4e3d3a40a89a04552137cc400bd3f0086 d28c8d82a8cd25f75e54a83d258fde5c00d2d13e783b0b49ece6adfc4be7104e
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_brand/google/logo.png HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/png
content-length: 21993
x-guploader-uploadid: ADPycdsWvB7X8tbeCLNIn2AvmGUxgF0SfzgR28iUYjYcvm1kSTMcnKrMPcwJ4HTmAclU8PDpiJQLa2H9uy8P4-Pq7U-dhg
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "5174f0e365f25d1db538eb424cda65f1"
x-goog-generation: 1664729328187281
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21993
x-goog-hash: crc32c=f8SwIw==, md5=UXTw42XyXR21OOtCTNpl8Q==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DuJQfG5pI8fkxrGeGgWbTf4vARRVdd46wrbTEEdqgRm5V3r9%2Fwcx0DLJksus3wPSTLLLVSRa%2Fswjdp56QC0MTGJWDcHDIp0OoOsHU13xaG0ObosFoVKO623Cy3pIoeqxoDvkWqNz%2Be4oN5cRq7uKXbD1yg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a351c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_brand/google/trophy.jpg | 172.67.145.167 | 200 OK | 11 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_brand/google/trophy.jpg IP172.67.145.167:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 276x276, components 3\012- data Hash8e4c1ba9f0874a6a954cf0049b97b99e 2f04b63303ab930d291b2b8efbf92e1c42128501 41fd835af982f40043cd15cea0c03c558e39f4db87c18349157f83a7e5443d76
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_brand/google/trophy.jpg HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/jpeg
content-length: 10902
x-guploader-uploadid: ADPycdt29zDuf0UaOU3UAw_CXSbMfjY_b5VYYV9ikd46r5E2otxRhy60jBwIGDnz5-QKej2nEJSGWQHNYHxlwiyvYDGv5w
x-goog-generation: 1664729328149083
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10902
x-goog-hash: crc32c=lh8pTg==, md5=jkwbqfCHSmqVTPAEm5e5ng==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
expires: Sun, 30 Oct 2022 11:40:10 GMT
cache-control: public, max-age=14400
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "8e4c1ba9f0874a6a954cf0049b97b99e"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJOr1bYhBUuqoeucnZquTdhhO%2FT2H8yLhmpBBvQS4UeZP1P5g4enLW7nT3A8qQwBuQl6ZMyVgI%2Fe7keiCr18Z%2BZljpPQHK%2FgsR%2Bn1HWTKfV5%2B7G%2F%2BLqLtXdBlB6LkOqFPwdTRIhfQ9Yl25EHVY%2FoZmWSBvs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a371c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_cat2.jpg | 172.67.145.167 | 200 OK | 1.1 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_cat2.jpg IP172.67.145.167:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash3f485bf10773a10e38ddafe8c5a8b7d9 e0d0f5a89ae566ef2b31ce067cb212551a1b2f2a 40babb909cb2cf358b9ee157f2e4c3a562cc30c76f95a1c5305270d020391ce2
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_cat2.jpg HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/jpeg
content-length: 1074
x-guploader-uploadid: ADPycdsYvSOmV42sPN9r6PjpZBl4FhBh6aaOwLJ21SrL8YUpC2P97zaRp5VIJ85hmwHs88yzjkxF6p6kz2ATZD8ZBaVRpw
x-goog-generation: 1664729328150101
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1074
x-goog-hash: crc32c=0YMQoQ==, md5=P0hb8QdzoQ443a/oxai32Q==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
expires: Sun, 30 Oct 2022 11:40:10 GMT
cache-control: public, max-age=14400
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "3f485bf10773a10e38ddafe8c5a8b7d9"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ub8vUr87NNUnlyRd%2BHlutImJxhl3rOkH6MHw6D6kvZ6pjjqOw435cgV%2F1uVJwP5usuJAVz3wNdSaysXPVRkbrRJgGTVsy%2BRw5eq8xVEWriRrFEvSId1W3l%2BUjEuqZEGBN7h8QOwWLtrwAHOReV6chCx1Ep8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a3b1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/script1.js | 172.67.145.167 | 200 OK | 4.3 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/script1.js IP172.67.145.167:0
Hashc8a5862f16ecab28c2caf35aaea02b28 4824262641437a629d8bc0fb66adbfc5f8873b11 06b8ddbda4d9ed67ed2c84664117583d5d817fbf8603460d9293c2e6fee1c0b1
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/script1.js HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: application/octet-stream
content-length: 4348
x-guploader-uploadid: ADPycdtkglcUsKEAHZEaSlAXPEDPLpNZpCUtbBvRyY-kZKz8kZDRtSVsdcCKyDwKGMSNcM88BOLKes7oA5VwqapcMtTB0g
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "c8a5862f16ecab28c2caf35aaea02b28"
x-goog-generation: 1664729328150738
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4348
x-goog-hash: crc32c=6BeIDw==, md5=yKWGLxbsqyjCyvNarqArKA==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r02zGRdzrb%2F4OM6chgor2h8XbwzFHUJ8NIxrs9aQ2J5c22weBt%2FZ5xPxuA0CSfMsfxy%2FE1cNTrpd2%2FDmwtTjG0WQ1TJ9R6p4NhJk0sMnI%2BdlM2FBEZ7pUPA4AjZu0V4dPgDy5h1db9oGvSjJehApPp4v6Aw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a321c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash9764c875002c224f81bd966db2995460 dd384811c207f54188bd097e286b2880bfcbc28b 13d0f25b1d045a816fe13b56d04af6ae00a5e2862412c781e53e069c2d33a3a1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4743
Cache-Control: max-age=168340
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 10:40:10 GMT
Etag: "635e3097-1d7"
Expires: Tue, 01 Nov 2022 09:25:50 GMT
Last-Modified: Sun, 30 Oct 2022 08:06:47 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_initial_s.jpg | 172.67.145.167 | 200 OK | 751 B |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_initial_s.jpg IP172.67.145.167:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 48x48, components 3\012- data Hashe8c1454c15c6596bb21d99f4d907f632 60e15b6db64c05951cfdafafe7bf75309f8e8e3f 7125f531b9cdb3ef75f1b5b608b974f492794764638bfe482c4b4c5083acbcdb
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_initial_s.jpg HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/jpeg
content-length: 751
x-guploader-uploadid: ADPycds-22AeURVClbU3nmvZyJMrA8oN-sgHnGLhKQoURrMIIPoRcEIQiIqWUCarWGLMm9xTCwYdjDG8lT6jU6CjLGoaNQ
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "e8c1454c15c6596bb21d99f4d907f632"
x-goog-generation: 1664729328160024
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 751
x-goog-hash: crc32c=xTtf5Q==, md5=6MFFTBXGWWuyHZn02Qf2Mg==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlZFJlkJFC0o7UmHV4ZoHDFgKjl4%2Fd8MDCY5sArjV2yQigS1gnO8t3zue5KhJer1z7z6gnQN%2BOtXHNjxI0Yp3O5pUf%2Frio%2BoUHMfpWhoz22eUFTk8VYWvbZrwShXPp9rncsQLRMpZYVaU3w9KsrheIZE%2Bm0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a401c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/audio1.js | 172.67.145.167 | 200 OK | 349 B |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/audio1.js IP172.67.145.167:0
Hashf18441557cc617ee1b3a0d8be7af32db 24db320f59da11c3c2e41ab24d02f4dad4083bae a066ba39b39fcbd933227e93b5db6c992250c40324eff333c311aaecefa6bb78
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/audio1.js HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: application/octet-stream
content-length: 349
x-guploader-uploadid: ADPycdt0YpCst8FR5CW3gdcaurCnS2Ny_1ltd71jrysQfSAnp5zTHTKLqAeWn7vaqfBCh76CV8uXRazvEK7uFzE8A4T-0A
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "f18441557cc617ee1b3a0d8be7af32db"
x-goog-generation: 1664729328147975
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 349
x-goog-hash: crc32c=EfWotQ==, md5=8YRBVXzGF+4bOg2L568y2w==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAlNQhkfM2F%2BDynTnBLvgJQAiU4zktM6mq1DoDSqbJAuZg%2F%2BY1YYo%2BZs123h%2Fqze27WSWYK6d2dgTplaFP4aFpPBOoe664s4mOttbPRe3mAkLjHl7zKfECooeDWGoDKPmROSX7vmRTKd6abGwD1LMKRBu4w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a331c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_okeyword/amazon%C2%A31000/iphone.jpg | 172.67.145.167 | 200 OK | 6.3 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_okeyword/amazon%C2%A31000/iphone.jpg IP172.67.145.167:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 155x116, components 3\012- data Hashf8cdc9ec2eb60ec7f6453154570f138d 7fd26674097945f0ddd1e8697a7e0a0d05a96d8f 55bd9f098315ba3094a6a7617ffa8daaa9aff99cf69e0eac5d281e8bd7dd11fd
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_okeyword/amazon%C2%A31000/iphone.jpg HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/jpeg
content-length: 6292
x-guploader-uploadid: ADPycdvhnx3NiHUkW-Akb7oG7Mc_Em-wKSEHnH9ainfkaQqNv7hMURujkT2_ZgSkrb6ebPtsLXMKCppQr_kkfc7Wmtglaw
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "f8cdc9ec2eb60ec7f6453154570f138d"
x-goog-generation: 1664729328133965
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6292
x-goog-hash: crc32c=d5WWHQ==, md5=+M3J7C62Dsf2RTFUVw8TjQ==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e3jhpZurpm5FlyUPqd7NApaI3lFvrInz33T5T0UaArCzqlEF2gci8Ioin1ltQ6FM%2BhchfTslB62JxNgqkZZdhCDHAOtEefjrZv%2BRUq5wAlpyly%2BSqzMZgJ1HtQHAcdCXo8IM%2B1Zno1pMCcbCDa8Ft%2FOBJY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a451c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_1.jpg | 172.67.145.167 | 200 OK | 1.2 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_1.jpg IP172.67.145.167:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data Hash309e0c6e696ab0d985dcac8a2043e5a3 e69adc2f0232d33accd670005f52e72431f5893b a501e4ab792d9c068357fef9f2cd69ebaedce0dbb67f4f861696736dc41fbd4f
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/winner_1.jpg HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/jpeg
content-length: 1182
x-guploader-uploadid: ADPycduJ20-4HTA_h3imyngzqouhcEM2Wiuvy54szhQXzVglu0E3cWC9dXen1WXEW8EbW9RBBc83KriJ439a0wzhEV9NXA
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "309e0c6e696ab0d985dcac8a2043e5a3"
x-goog-generation: 1664729328153605
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1182
x-goog-hash: crc32c=VL6e0A==, md5=MJ4MbmlqsNmF3KyKIEPlow==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Js%2FWNjiDISity96bq8BoPRyAnsnsyDAkWmZLgUllF54yc1ZkZSW%2FRt5AwF4OERIDfnFYnNjhxujc2yAL5LuQdZfOMZ%2FZsO6KG3XOA6j8wZlsL9rFqBp%2FsiFwAabnAs%2FmB4PxegFpq3ZlO7zv%2BKpFtIMlWDo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a381c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_brand/google/user.png | 172.67.145.167 | 200 OK | 2.2 kB |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_brand/google/user.png IP172.67.145.167:0
File typePNG image data, 96 x 96, 8-bit colormap, non-interlaced\012- data Hash54f5f2e7c2c3e4eddc04cfdd5360e68d 4cbbe8136fcee8d5ae78a207eff3a5c08dce46a8 7c4575354c41980db26473d56e60e1e4e43da1cff091af0819bdc05acfea442d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_brand/google/user.png HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: image/png
content-length: 2208
x-guploader-uploadid: ADPycduXXskmaAc83Aj4Ud5YSlwFdgzs0I5LxXYhxvio7fIy9ePhdZfX_qTnTR-pAYQQgWYXTNOCg-HwxMuVu90HMOLsjmeyu0jY
cache-control: public, max-age=14400
expires: Sun, 30 Oct 2022 11:40:10 GMT
last-modified: Sun, 02 Oct 2022 16:48:48 GMT
etag: "54f5f2e7c2c3e4eddc04cfdd5360e68d"
x-goog-generation: 1664729328159569
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2208
x-goog-hash: crc32c=ddKJCA==, md5=VPXy58LD5O3cBM/dU2DmjQ==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EC6fP%2BDgBgq%2FSwyM9GDACpG%2FU9%2FhrQ2lX%2Brnzj7Jcuxk76ItiVcfI2%2FukVpHuzB0JEUQxf9ZqZSTjXjvTJiV4wV5bWEcZnpoU5ot51vnjTowpx%2F3aRdJiJacbiJtifkaUr5E%2BdxXq1CEfG0XrE6gU57CFfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a361c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 44.237.51.86 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.237.51.86:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2CLN68LqPB/ruliXUicrog==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b14lCr/D/XrAjFirwWuM+zAaXeI=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash10bb93a98239b802cfec26cfddeccc4d c4f43ee05234b55bd797f96d1659b2411b44af75 be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11687
Expires: Sun, 30 Oct 2022 13:54:59 GMT
Date: Sun, 30 Oct 2022 10:40:12 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash10bb93a98239b802cfec26cfddeccc4d c4f43ee05234b55bd797f96d1659b2411b44af75 be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11687
Expires: Sun, 30 Oct 2022 13:54:59 GMT
Date: Sun, 30 Oct 2022 10:40:12 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash10bb93a98239b802cfec26cfddeccc4d c4f43ee05234b55bd797f96d1659b2411b44af75 be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11687
Expires: Sun, 30 Oct 2022 13:54:59 GMT
Date: Sun, 30 Oct 2022 10:40:12 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash10bb93a98239b802cfec26cfddeccc4d c4f43ee05234b55bd797f96d1659b2411b44af75 be5d3d66888797f522e871f4cfccccadcf2e6a215e73a8b58d1fffc9945a69d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE5D3D66888797F522E871F4CFCCCCADCF2E6A215E73A8B58D1FFFC9945A69D3"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11687
Expires: Sun, 30 Oct 2022 13:54:59 GMT
Date: Sun, 30 Oct 2022 10:40:12 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe3786-c660-4094-863e-c9a825039886.jpeg | 34.120.237.76 | 200 OK | 7.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe3786-c660-4094-863e-c9a825039886.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0c6fc18e90fdc40f230b1a5d3c39012e e9ffd2135ccaa7f5a43cdb4cc6a4141c5e6cde68 a6e604757ce85505fe9752dae525e8ce225bd5939a1ee85141051cee56d50cc1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe3786-c660-4094-863e-c9a825039886.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7399
x-amzn-requestid: 7d50f817-e1b1-409f-bd6e-379bdf6e66f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayWR3EgCoAMFqTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9da5-37041eb3647be5772487941b;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jkr1mCfHMu-iFKDO_YstRDqUikbJuQS4OEWq6a0FJSXc40nqCDy_CA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 21:47:53 GMT
age: 46339
etag: "e9ffd2135ccaa7f5a43cdb4cc6a4141c5e6cde68"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09483ec7-425b-46d9-83ba-7a1eec83ffa7.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09483ec7-425b-46d9-83ba-7a1eec83ffa7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd2c3d66f884108631944e3c3fb4c3656 7ee980a232f0cb09c52d8210e0fe2bdbfc61afec e5920d86c7d7cfae0b51ff7f7dcd3424ef1c387ad5d920ed122443df8a1b872a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09483ec7-425b-46d9-83ba-7a1eec83ffa7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11612
x-amzn-requestid: 580b4255-ed27-470e-a332-1a1f87162938
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayV2QHPMIAMF9Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9cf4-29e90a7c5a3362547bcfffd5;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:36:52 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oftWi38n7q7SuEl3MtEwD2dQ5Vc6d0F3RseaUYQdTHnm80JFeYhhrg==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 22:15:52 GMT
age: 44660
etag: "7ee980a232f0cb09c52d8210e0fe2bdbfc61afec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfb1110221ffc54766308cbf62f94cd9f 926f36919d5875592200b78d286edcb4c3ba884c 8344d57bc8358da2a5911c62a344a3dcf819ce44dac0da0624c73ab40ac1ef44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9460
x-amzn-requestid: bba12ac1-b0d8-46f7-b218-9e2b85c0c650
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aPYZ7GU5oAMF_hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634fa10c-3e2bab543800bfa84c231cf1;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 07:02:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MG0t11rp-RYiUJRFIrNvDOxuZqjVWGy7Pu4t4ERfH9eKA0v7Z6zknA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 23:23:50 GMT
age: 40582
etag: "926f36919d5875592200b78d286edcb4c3ba884c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b59021c-e4a3-4226-8666-11a368e3991c.jpeg | 34.120.237.76 | 200 OK | 5.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b59021c-e4a3-4226-8666-11a368e3991c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash625f12776f86a1abe47242055a954df7 3a987bb297d6b02cae3de5f4da6fc044b701d35a 6f3f3f42c7e0838fca904788eb61bdd83e357f09641afd49464d730344b38e89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b59021c-e4a3-4226-8666-11a368e3991c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5168
x-amzn-requestid: 8a38fa3d-b5b5-4ed6-a477-fc37480c826d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayV34GlhIAMF0mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9cff-002a895c371f1db13f05071c;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eZK3CQnAaQDARHCyy1CHgpi-jyTJ1Lu2XexoVYlPQwvB9VC1_OMqig==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 21:37:16 GMT
age: 46976
etag: "3a987bb297d6b02cae3de5f4da6fc044b701d35a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca9b1449-9118-4f7b-8444-7c8d22164616.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca9b1449-9118-4f7b-8444-7c8d22164616.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6138c205ed582180977c00ae3231e5dd 76e15ea81dc440923032e72c3a8601124d895712 f5e7c84c06192e19ff0d5743031a770f79e89a7b41903ef37dab1bafb3978ac6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca9b1449-9118-4f7b-8444-7c8d22164616.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10683
x-amzn-requestid: e8e77d09-5ea6-4ac8-8327-d18c78168383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayV3aGtsoAMFa-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9cfc-3af1e39158fbc9dd3b1f3cf9;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LQcGQaZ_pYAr1ZAcFoBGWBe6HznR6pzTcRLS56bxA4hcbRgEhme00A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 21:48:29 GMT
age: 46303
etag: "76e15ea81dc440923032e72c3a8601124d895712"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62536f42-fe8b-43e8-b86c-7ba6e78c7317.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62536f42-fe8b-43e8-b86c-7ba6e78c7317.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash14865d370280b14d629c0fb398917860 70445ea4b83456064d60323aad563e8c134d83cc 15533e8170f7fa7d9b26b20b3c1b728070617c9eb839d64545fa9b198dea6f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62536f42-fe8b-43e8-b86c-7ba6e78c7317.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11117
x-amzn-requestid: 85355003-aaf7-4698-a3d2-c311c200bca0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayV2OFhEoAMFw5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9cf4-6e467b7c2cb39637327ea20c;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:36:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TbUpGP9JArE3dOzS_TPYrmzFo2zGqlPicZhgXQpqq9N-m4PHRpbjpw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 22:05:49 GMT
age: 45263
etag: "70445ea4b83456064d60323aad563e8c134d83cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_okeyword/amazon%C2%A31000/_style.css | 172.67.145.167 | 403 Forbidden | 0 B |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_okeyword/amazon%C2%A31000/_style.css IP172.67.145.167:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_okeyword/amazon%C2%A31000/_style.css HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: application/xml; charset=UTF-8
x-guploader-uploadid: ADPycdtTi3iG4j147jDIChKMmLBCRLcru36qIT2Qc6NxT0805_FAzDXj2wA0nmZDGv7_9u95qy7iMVLtWTVFNdMEOa3pbBXiQb7J
access-control-allow-origin: *
access-control-expose-headers: Content-Type
expires: Sun, 30 Oct 2022 10:40:10 GMT
cache-control: private, max-age=0
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7zWjT7rO5tH4HcBjb4%2FOo3HBNw70FbAFka3rJtYo%2B2bTDjjPygBM%2BddUhjF871gRfgKk8tZk7z5gFXJPlV9Zv4ZaXi5erLTjT9e1RXuJxho7SW56HMaRJ7KAIgsxJX4eFhQ9oZh4hdkPLq%2BLIfhu5sy%2FQg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a4c1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_brand/google/_style.css | 172.67.145.167 | 403 Forbidden | 0 B |
URL HTTP/2cdn.protectfreefasteffective.rest/bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_brand/google/_style.css IP172.67.145.167:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /bundles/837dfd7b-6981-4f7a-9791-90f1fd7eb574/static/r_brand/google/_style.css HTTP/1.1
Host: cdn.protectfreefasteffective.rest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.protectfreefasteffective.rest/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 30 Oct 2022 10:40:10 GMT
content-type: application/xml; charset=UTF-8
x-guploader-uploadid: ADPycdvjWyO1mMUBltVXKBoQJWTX9P-URA0WLEOuBoP6-d3-_W4yWP9hzC1IORh4A-oPUQl8X7eYp0A042-nKR5uyZRjkJJwvjgs
access-control-allow-origin: *
access-control-expose-headers: Content-Type
expires: Sun, 30 Oct 2022 10:40:10 GMT
cache-control: private, max-age=0
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yq8XLPfAK9QxOPuWjTtLitWW1hN2NeX284MtRCOauRqseTSBmNQlyrSwcm2ms1H4dwDZiXJAZIV4j9M5KCAZfdnoJOGEmEv7ooqpEPZITyC7ZG7IAcDkUXf6%2FJ06l%2F5ti0DWa8N%2FBrVJv4%2BNHQmtRrpHpLw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 762387ff3a4b1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|