g0td0main.com/Purb99d0745f9c8757824933c881516f6b51678e7f13f?q=En%20Windows%208%20X86%20Dvd%20915417%20Prod&s3=En%20Windows%208%20X86%20Dvd%20915417%20Prod&s2=mmaa&s1=mfHsiY20iOiJNYWMiLCJzcyI6IjE2NTgyMTk0NzMiLCJycyI6IjI1OTAiLCJkcyI6IjY3NzQ0MiJ9fA
188.72.236.136200 OK 5.4 kB URL HTTP/1.1 g0td0main.com/Purb99d0745f9c8757824933c881516f6b51678e7f13f?q=En%20Windows%208%20X86%20Dvd%20915417%20Prod&s3=En%20Windows%208%20X86%20Dvd%20915417%20Prod&s2=mmaa&s1=mfHsiY20iOiJNYWMiLCJzcyI6IjE2NTgyMTk0NzMiLCJycyI6IjI1OTAiLCJkcyI6IjY3NzQ0MiJ9fA
IP 188.72.236.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5354), with no line terminators
Hash 0c6b2dd22cf2b8cc6c19e7bd7ed00589
a571c023b4bb2f2d3ba162f1b17c7086f53e240e
e554e9a6da348b15f7455323d4273b6332732ded6b987ff6eea4f004f1e73be8
Analyzer Verdict Alert quad9 Sinkholed
GET /Purb99d0745f9c8757824933c881516f6b51678e7f13f?q=En%20Windows%208%20X86%20Dvd%20915417%20Prod&s3=En%20Windows%208%20X86%20Dvd%20915417%20Prod&s2=mmaa&s1=mfHsiY20iOiJNYWMiLCJzcyI6IjE2NTgyMTk0NzMiLCJycyI6IjI1OTAiLCJkcyI6IjY3NzQ0MiJ9fA HTTP/1.1
Host: g0td0main.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 01:04:04 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bd_context=cNIeWZNPPbcTNUpDeMrvna/s5SYKsZMxRQBu+TL6aIoc+yeDh0DLPZNbdhFEfhvupklr4FV54GVAImIJv3e+zAf6V6Q/VXmkIm/zdXYz3INrjg1u+gWx0Ewg3J8j+H6ik8vaqH2/0b32VZMWsY8TUIUPjjUJgD7mqBiAK1mv1Qk9tZtHBNPBsmaWvlPKGotlLVQL+lVtMDa9GeOKjSa+8ZD/0e263Ln/okKdcLKocCUcPlpRcg38JhD+dC7xSS7y4g0OfhEH6C25jVCkuHeLGrJfRHiyDPCgkYw0eRStIOilaNe4X7w4Ki8fE0Df0KBZUFTnUfPRdq/ZdyPjn6BCBigu; Expires=Wed, 22 Nov 2023 01:04:05 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17364
Expires: Tue, 22 Nov 2022 05:53:29 GMT
Date: Tue, 22 Nov 2022 01:04:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4843de3bf95411e6aa89834def44bb86
1f1882351ac63fba73a22014382f69df5e02ec96
1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3304
Cache-Control: max-age=123736
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:05 GMT
Etag: "637b5375-1d7"
Expires: Wed, 23 Nov 2022 11:26:21 GMT
Last-Modified: Mon, 21 Nov 2022 10:31:17 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 00:09:17 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3288
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13326
Expires: Tue, 22 Nov 2022 04:46:11 GMT
Date: Tue, 22 Nov 2022 01:04:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eWokECfmokdypjbeCOiQuWQPgAFlPLN3F6DO8lod5I8z/GSTyqMGy1sp4da0ESa74yCyudgFJ0s=
x-amz-request-id: 2B53YAZS5KJ9WGKN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 00:39:21 GMT
age: 1484
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 01:04:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
g0td0main.com/favicon.ico
188.72.236.136200 OK 43 B URL HTTP/1.1 g0td0main.com/favicon.ico
IP 188.72.236.136:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: g0td0main.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://g0td0main.com/
Connection: keep-alive
Cookie: bd_context=cNIeWZNPPbcTNUpDeMrvna/s5SYKsZMxRQBu+TL6aIoc+yeDh0DLPZNbdhFEfhvupklr4FV54GVAImIJv3e+zAf6V6Q/VXmkIm/zdXYz3INrjg1u+gWx0Ewg3J8j+H6ik8vaqH2/0b32VZMWsY8TUIUPjjUJgD7mqBiAK1mv1Qk9tZtHBNPBsmaWvlPKGotlLVQL+lVtMDa9GeOKjSa+8ZD/0e263Ln/okKdcLKocCUcPlpRcg38JhD+dC7xSS7y4g0OfhEH6C25jVCkuHeLGrJfRHiyDPCgkYw0eRStIOilaNe4X7w4Ki8fE0Df0KBZUFTnUfPRdq/ZdyPjn6BCBigu
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 01:04:05 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 6defd56699a6a7331729bde3e4a04319
aaa77fb2b25981c501d46c66772ebb443da411bb
d65deadb4ab50e33a582a7fa3e414c639cb58296f73323e71fab14feaf54eca1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4337
Cache-Control: max-age=86253
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:05 GMT
Etag: "637abd01-139"
Expires: Wed, 23 Nov 2022 01:01:38 GMT
Last-Modified: Sun, 20 Nov 2022 23:49:21 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 80fe37b1afea405eec40b83696f4a49d
cd035b2154b84b04f8021752564d4bdf733e939e
472ef6f8c1a0bdf0b56e912e16a46249b3cb533052262ed59a5f98054b96ccec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "472EF6F8C1A0BDF0B56E912E16A46249B3CB533052262ED59A5F98054B96CCEC"
Last-Modified: Mon, 21 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6587
Expires: Tue, 22 Nov 2022 02:53:53 GMT
Date: Tue, 22 Nov 2022 01:04:06 GMT
Connection: keep-alive
startd0wnload22x.com/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3580_35040&s3=637c20056aa21800019a8b27
188.72.236.34200 OK 5.4 kB URL HTTP/1.1 startd0wnload22x.com/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3580_35040&s3=637c20056aa21800019a8b27
IP 188.72.236.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5398), with no line terminators
Hash 42a69d4f4119fc1b0f84b6c5ac04c7a8
6a7de675b2c8a028b03e78f8d79cc369790393ce
332751ae22bf3cd22eecc00b170e2bd0d65ca4e564e41ff88cc6f6369f5bb45a
GET /GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3580_35040&s3=637c20056aa21800019a8b27 HTTP/1.1
Host: startd0wnload22x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 01:04:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bd_context=t/ho4blU5VpBSQTs3ADaZg6BqWFqJWkFlBeYBpG86XrTu6F5rJUNoCYNrKkbhM97MXd5w1yCIvvLi15obHj1Zj6q5h/qwhZnU5s30Cl5JTB6Ub6U4nE2skCVqy1bLaIdjnziDl9i+IgvPX7V7webJsPkt3FtX8dt4/S9+RebqmRtym+PDjO/pNBfRg/sCnXzbYHORkpXGmgWlYvEXve+YWYzZk1Xd0kmx/BARCkUXGXkI2/nwFkq8Kjyw8hRUV//bIKX7gZlh8DKfgjDS/dJnCmvpQJHRoResHve7APlNjBZOUnHRrzCPvi9d/rcx2OIGl08jnJdathHuA==; Expires=Wed, 22 Nov 2023 01:04:06 GMT
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 00:08:53 GMT
cache-control: public,max-age=3600
age: 3313
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a07e6bea9d7138bcc9e2b0bcfe078704
c61bb3525bd3964de8b954f1f784191200fb46dc
0bda0318ac74a8c590248715f4c1514278f06c9023ce0431c14946fe79f5110f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0BDA0318AC74A8C590248715F4C1514278F06C9023CE0431C14946FE79F5110F"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=103
Expires: Tue, 22 Nov 2022 01:05:49 GMT
Date: Tue, 22 Nov 2022 01:04:06 GMT
Connection: keep-alive
startd0wnload22x.com/favicon.ico
188.72.236.34200 OK 43 B URL HTTP/1.1 startd0wnload22x.com/favicon.ico
IP 188.72.236.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /favicon.ico HTTP/1.1
Host: startd0wnload22x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://startd0wnload22x.com/
Connection: keep-alive
Cookie: bd_context=t/ho4blU5VpBSQTs3ADaZg6BqWFqJWkFlBeYBpG86XrTu6F5rJUNoCYNrKkbhM97MXd5w1yCIvvLi15obHj1Zj6q5h/qwhZnU5s30Cl5JTB6Ub6U4nE2skCVqy1bLaIdjnziDl9i+IgvPX7V7webJsPkt3FtX8dt4/S9+RebqmRtym+PDjO/pNBfRg/sCnXzbYHORkpXGmgWlYvEXve+YWYzZk1Xd0kmx/BARCkUXGXkI2/nwFkq8Kjyw8hRUV//bIKX7gZlh8DKfgjDS/dJnCmvpQJHRoResHve7APlNjBZOUnHRrzCPvi9d/rcx2OIGl08jnJdathHuA==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 01:04:05 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2db0ebb9efcf3be3c92f23b61de5c065
dd830565723f18a7944c26d24b0fb142d06a71a5
8615316184c4d1d64db923a5364363bbb3d25e146a042c5fbd5bf0cfcec8effb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5979
Cache-Control: max-age=121347
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:06 GMT
Etag: "637b3fae-1d7"
Expires: Wed, 23 Nov 2022 10:46:33 GMT
Last-Modified: Mon, 21 Nov 2022 09:06:54 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a07e6bea9d7138bcc9e2b0bcfe078704
c61bb3525bd3964de8b954f1f784191200fb46dc
0bda0318ac74a8c590248715f4c1514278f06c9023ce0431c14946fe79f5110f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0BDA0318AC74A8C590248715F4C1514278F06C9023CE0431C14946FE79F5110F"
Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2960
Expires: Tue, 22 Nov 2022 01:53:26 GMT
Date: Tue, 22 Nov 2022 01:04:06 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash df4b4e8f12f68676bd08c18ba31bf888
b1e1e236bdd13575d6fa01e4097f96e3e86f6de6
bf4891a2d979e8eb791a4e10a8c5e809759a524a2cd075d3de7ad1aec44530d5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BF4891A2D979E8EB791A4E10A8C5E809759A524A2CD075D3DE7AD1AEC44530D5"
Last-Modified: Mon, 21 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4431
Expires: Tue, 22 Nov 2022 02:17:57 GMT
Date: Tue, 22 Nov 2022 01:04:06 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash df4b4e8f12f68676bd08c18ba31bf888
b1e1e236bdd13575d6fa01e4097f96e3e86f6de6
bf4891a2d979e8eb791a4e10a8c5e809759a524a2cd075d3de7ad1aec44530d5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BF4891A2D979E8EB791A4E10A8C5E809759A524A2CD075D3DE7AD1AEC44530D5"
Last-Modified: Mon, 21 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4431
Expires: Tue, 22 Nov 2022 02:17:57 GMT
Date: Tue, 22 Nov 2022 01:04:06 GMT
Connection: keep-alive
push.services.mozilla.com/
52.41.91.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.91.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IZwR6GnAidPZAgyDMv1aUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vqjpVipyQqFY3CLnlFESg9l2RYo=
aditmedia.g2afse.com/click?pid=3580&offer_id=17211&sub2=35040&sub1=AAUgfGPgiAAApE8CAE5PFwAMAApQPHMA
34.141.179.97200 OK 19 kB URL HTTP/2 aditmedia.g2afse.com/click?pid=3580&offer_id=17211&sub2=35040&sub1=AAUgfGPgiAAApE8CAE5PFwAMAApQPHMA
IP 34.141.179.97:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 3d7d63debe4bd630553a29f318814101
9e088ed8403f17bb95b4facd50c6796199da01b2
0d2acd02783b7cd8947a69d6cb9e6b9054bea831f088828a6d6b42c950ea392c
GET /click?pid=3580&offer_id=17211&sub2=35040&sub1=AAUgfGPgiAAApE8CAE5PFwAMAApQPHMA HTTP/1.1
Host: aditmedia.g2afse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://g0td0main.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 01:04:05 GMT
content-type: text/html; charset=utf-8
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=637c20056aa21800019a8b27; expires=Wed, 22 Nov 2023 01:04:05 GMT; secure; SameSite=None
afoffers={"17211":1669079045}; expires=Wed, 22 Nov 2023 01:04:05 GMT; secure; SameSite=None
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2e4fc2212719e20e177883ce2286464b
3a33c00c7c5c7bad18b7f805c4b976158664f4fb
b08ab97197e32413ae72e6f75372876d806315867b37190bc9635ab106fa7c76
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5548
Cache-Control: max-age=141802
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:06 GMT
Etag: "637b9144-117"
Expires: Wed, 23 Nov 2022 16:27:28 GMT
Last-Modified: Mon, 21 Nov 2022 14:55:00 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2e4fc2212719e20e177883ce2286464b
3a33c00c7c5c7bad18b7f805c4b976158664f4fb
b08ab97197e32413ae72e6f75372876d806315867b37190bc9635ab106fa7c76
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5548
Cache-Control: max-age=141802
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:06 GMT
Etag: "637b9144-117"
Expires: Wed, 23 Nov 2022 16:27:28 GMT
Last-Modified: Mon, 21 Nov 2022 14:55:00 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.js
104.17.25.14200 OK 1.1 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.js
IP 104.17.25.14:0
Hash 4f44a0c228bda5c64ea8efbd21b7774e
8e0c9785d312d61059dcae563c8b1b7515148267
997de5837e81b616a6b928041c2a9a5c2d1934ccfbad5e0b5344f7008d36820a
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://instl-soft.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 01:04:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 1119
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-c31"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 7790378
expires: Sun, 12 Nov 2023 01:04:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YcfdMdBIpQxH6ILJHnkyvG2TucmFcdHBtobtJyG1tTmHdDieh2DDyYPclBysOz50FLo%2BbyqhPfqBfP%2B41V4qqfsODCa0Ar1SHb0ezf67BZSkCykXjyW0fw3fQno5B3zGjA2ublA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ddbfc9ddb3b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.1.js
69.16.175.10200 OK 85 kB URL HTTP/2 code.jquery.com/jquery-3.6.1.js
IP 69.16.175.10:0
Hash b63967b6aab16e49428df804b8494312
3f2eada3db80465d5daa6685cd8d7334e7abcdfd
c78725cf3d2dbc6f77aaa809b17258bafb341d632c494404ce71c7ee08f4e777
GET /jquery-3.6.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://instl-soft.com
Connection: keep-alive
Referer: https://instl-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 01:04:06 GMT
content-encoding: gzip
content-length: 85058
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
accept-ranges: bytes
server: nginx
etag: W/"63090485-46c14"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669079046.dop206.sk1.t,1669079046.cds259.sk1.hn,1669079046.cds251.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=TAG_ID
142.250.74.168200 OK 37 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=TAG_ID
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 611f432a51d23982bc6307f6df436df7
e39d3d16c84720c6dd8c5e4c4d8cf9f25402337f
1251c55177f59f9593d6f05a9c0f06ebca670a884b42c44fa8683bd042a95839
GET /gtag/js?id=TAG_ID HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instl-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 22 Nov 2022 01:04:06 GMT
expires: Tue, 22 Nov 2022 01:04:06 GMT
cache-control: private, max-age=900
last-modified: Tue, 22 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37436
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 662c6190c63609f87a23660fc808a650
a4178dd92d6f8a4f7c4da846a08d4104575f3636
93a8fd2af027f09640a8f5c3e2f10603d8b7aff4c74bc274cdbea7deeb396f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2
104.17.25.14200 OK 150 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2
IP 104.17.25.14:0
File type Web Open Font Format (Version 2), TrueType, length 150472, version 770.256\012- data
Size 150 kB (150472 bytes)
Hash 3e50e269ee627bb2279f91d18c085167
a7fca574d24e9ffa5ee0e0589ffe17277ae4ec27
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
GET /ajax/libs/font-awesome/6.2.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://instl-soft.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 01:04:07 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150472
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "630e6e62-24bc8"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3469499
expires: Sun, 12 Nov 2023 01:04:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJt9axrjHqE%2F1IzatrRf%2ByXUz7npH%2FCAjuLpaxPHEcFt8CKizFl%2Fm%2Bgxzb4kM3QxmAfI4AJa5qEldd2J%2BMEaV8ocXVZS3WDIjEYB%2BPb050jJcacExL3%2FP8zCJZLBopLTDFjzkS9h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76ddbfccbf07b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/sweetalert2@11
151.101.85.229200 OK 18 kB URL HTTP/2 cdn.jsdelivr.net/npm/sweetalert2@11
IP 151.101.85.229:0
File type ASCII text, with very long lines (43182)
Hash 8c7b583cd6d60c5145fb745415a4ea8a
0b2d611df190cc59a2bc821e3e316292dabe4b90
1f10f2aad5a5f5e3acfa2856ab0778fda0bcec0556d444c2b5a484c204b0c8cd
GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instl-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.6.10
x-jsd-version-type: version
etag: W/"fad8-gzDNzyvDxN+jMYuXjgQcaJor0O4"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 22 Nov 2022 01:04:07 GMT
age: 10001
x-served-by: cache-fra-eddf8230057-FRA, cache-bma1626-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17975
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash e858ed863106a1c40dc789cf3a289385
ba1584619e5f24f58141cfd369ca1e884e6580f4
e2283ee3d1a0e16b92e200f82c3f9ca79504fcf739de08bcfe7a512942686adc
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 01:04:07 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "104120B77DA608043F80C91E14D1410C2953DDF0"
Expires: Tue, 22 Nov 2022 12:00:00 GMT
Last-Modified: Tue, 22 Nov 2022 00:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1441
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ddbfcd4fd0fac8-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cdcd936a1ca3729e5415928204c25f17
2a0d0e6f94f8145a32f98b725bba52a9a6616f2b
e92ab786e674810e9a0faf3a8c98a99eddb356fa27861f965fd688e54b5bf8c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cdcd936a1ca3729e5415928204c25f17
2a0d0e6f94f8145a32f98b725bba52a9a6616f2b
e92ab786e674810e9a0faf3a8c98a99eddb356fa27861f965fd688e54b5bf8c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8796b1bba5e0df458c07179adea64173
b3c3f64718de099805a200e156774ea356a08132
ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
142.250.74.46200 OK 30 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 142.250.74.46:0
File type ASCII text, with very long lines (560)
Hash 6590f731838cd23eacd07f9e99d61f80
6ff2420fae43cc09218f77608c74a9a56fc64208
b77363b89012032b22464bf70ce1891a4b1c10756efdfa00bca192dc5fe58876
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instl-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Nov 2022 01:04:07 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+647; expires=Thu, 21-Nov-2024 01:04:07 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main
216.58.207.234200 OK 75 kB URL HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main
IP 216.58.207.234:0
File type ASCII text, with very long lines (1613)
Hash 110765e1accf41111543c29721c78b52
3eeceb853d592a297162325f20f0420e136c875a
b5fb084ee4491e64fca48643106c0eb338212638caafdad88ff91e0d4198b589
GET /_/translate_http/_/js/k=translate_http.tr.no.qvkLIg6MEVc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoxsXHCM1CnEJ_o5xsmnbdq_po64A/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instl-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75035
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 20:22:39 GMT
expires: Thu, 16 Nov 2023 20:22:39 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 12 Nov 2022 06:10:12 GMT
content-type: text/javascript; charset=UTF-8
age: 448888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d9afe0ae0199aff69fefbe5a55490d31
126f648ad266469bf531b5c08f7f71a973d0eeb0
105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.163200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instl-soft.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 23:08:13 GMT
expires: Tue, 21 Nov 2023 23:08:13 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 6954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.163200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.163:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 23:32:11 GMT
expires: Tue, 21 Nov 2023 23:32:11 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 5516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d9afe0ae0199aff69fefbe5a55490d31
126f648ad266469bf531b5c08f7f71a973d0eeb0
105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
142.250.74.170200 OK 1.4 kB URL HTTP/2 translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP 142.250.74.170:0
Hash 3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instl-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 22 Nov 2022 01:04:07 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Tue, 22 Nov 2022 01:04:07 GMT
set-cookie: NID=511=cIjdOtlFkkLLUIwGSNGNKEEJ9wH_ANrXsqruZCOrGqhf5-Jvxcek3zYHhbb_TnZwtPYLq1Tlypo7abtGx5LvxYoia8KgNVhpmV6U-q8WShOokAjPPu3pe341QJGov49Gw68VpHnpykY1ZwWl2e7xPztrVWEX5m0yf6Ht12Vl-no; expires=Wed, 24-May-2023 01:04:07 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+249; expires=Thu, 21-Nov-2024 01:04:07 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2897
Expires: Tue, 22 Nov 2022 01:52:24 GMT
Date: Tue, 22 Nov 2022 01:04:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2897
Expires: Tue, 22 Nov 2022 01:52:24 GMT
Date: Tue, 22 Nov 2022 01:04:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2897
Expires: Tue, 22 Nov 2022 01:52:24 GMT
Date: Tue, 22 Nov 2022 01:04:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2897
Expires: Tue, 22 Nov 2022 01:52:24 GMT
Date: Tue, 22 Nov 2022 01:04:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2897
Expires: Tue, 22 Nov 2022 01:52:24 GMT
Date: Tue, 22 Nov 2022 01:04:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f7c6319-e9a0-4736-90e8-07c1f2948417.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f7c6319-e9a0-4736-90e8-07c1f2948417.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5bea2f745ca4672047f47dcc4c805c37
0dbf1014e9fed8175c4aa8ca17a52ae96a9b342f
46bbf30736f0b5df73bd8b4ecd668b4a9ddb978715e84351f7584eb3ea335dee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f7c6319-e9a0-4736-90e8-07c1f2948417.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11657
x-amzn-requestid: 381b1e9e-6857-4614-a66a-d746cd713edd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oG1xIAMFf5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-2b5204975c9ea4c60f81ee05;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vpLhU9FlKFStDh_NXAwnj82zdqpGLW7nxOWkYgSv8N-ZZf3TIrYwQQ==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:12:16 GMT
age: 10311
etag: "0dbf1014e9fed8175c4aa8ca17a52ae96a9b342f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb52ad6b-bc3e-4cc6-8c74-7f367173fbdc.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb52ad6b-bc3e-4cc6-8c74-7f367173fbdc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b52c578c918c74f35f3c0a3f0c5dd2be
39d9b60a2b11b95c0ae37f35deb9a594d8e61d08
48a67feefffe59d04660c0e7de58234f184bded9cbb121da8157387ebd24f8f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb52ad6b-bc3e-4cc6-8c74-7f367173fbdc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4269
x-amzn-requestid: 9e70b9ad-7fb2-4f2d-bc87-d703abeb4888
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I62ERzIAMFcvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeab-6de953ea2d2aee071fea324b;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:31 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9mu3P-liZS9j6mn71xiWE2JRWpZHSans7w-zGZVERGs24wxCkfR5Ww==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:02:57 GMT
etag: "39d9b60a2b11b95c0ae37f35deb9a594d8e61d08"
content-type: image/jpeg
age: 10870
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iGM_HV13dzz5eOswbOJfjj14jlFW4jy2YsW7eJumS_TM5TxxG8VMwQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 03:49:10 GMT
age: 76497
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 472ceca597feefba355fbd65998977b7
f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a
e201f706ba38f04ef07d74a67eec187ad8b882027b96b0e4e700162f96da422f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55f882f4-a410-42f1-919d-e59d9058875d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7751
x-amzn-requestid: 577947ab-4fbe-4b07-944a-2b65cf5ed6d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b4UE9GJ9IAMFVtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63799a1f-1a26961e20c88cd54a613ddb;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 03:08:15 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: _uTNBC7xn6_KPmHG3KVP_GwL0xL33XuFWqoAm6zf9LqbjU5qnqCr0Q==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 03:26:47 GMT
age: 77840
etag: "f3f2e5a8d14e009d0eaa3d7637730c4c525e3a9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4585277-93e1-4477-a3fd-7902d8def50a.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4585277-93e1-4477-a3fd-7902d8def50a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed56d033b6595fa91a4c513c0ed7cdd4
ef87cc22637f94451f116905bfe096fff3e73d86
02f79fe867a07f3fdd1ad932da67a9a2df8c07ad4172b0aad2f61ee6b67a72fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4585277-93e1-4477-a3fd-7902d8def50a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9355
x-amzn-requestid: 648e28c6-95fe-4f9c-8af7-47ea898ba9de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-LXLGLYoAMFuAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bf294-7c76fe07440fb34273e26e98;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:50:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -ZrUYiE5vAneQQte9ZKG_pdch62RPh-zM_Ap55wnNkzd_0RVBYgwPw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:16:50 GMT
etag: "ef87cc22637f94451f116905bfe096fff3e73d86"
content-type: image/jpeg
age: 10037
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b591bcc9d645eed0ea6ebc5dae07d31
97278cc5c5a1be7926d53fd8daf9e802bfb6cbdb
82dde9a4d139bdfae1d8859f4d7a77f92182c65ad630e25d0cc52f346dd1dfad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11793
x-amzn-requestid: 7edbd95e-83c8-4162-886f-b0bf88deee5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oFrQIAMFnYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-4f1317ec61500d713816830d;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hd2a0sbw7fzVnkVpCOEAnu_W-Z0EajArOracSTImr6jbhOFwKbDKpw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:44:56 GMT
age: 11951
etag: "97278cc5c5a1be7926d53fd8daf9e802bfb6cbdb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d5f44030ae728558d0102445d170b873
a9c2e9ce4d20fe2e8a1656f4f457d9a7fe6ee20e
72f2e03c205a810e0ee66b1ee52f2c32ad4d5e5f8b14c5f26810f281761abc0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 01:04:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/images/cleardot.gif
142.250.74.164200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instl-soft.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Tue, 22 Nov 2022 01:04:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-0W2W2GERN1>m=2oeb90&_p=546541862&cid=1220507389.1669079047&ul=en-us&sr=1280x1024&_s=1&sid=1669079047&sct=1&seg=0&dl=https%3A%2F%2Finstl-soft.com%2Fdownload.php%3Ffilename%3DLxRkOSE8cnAzJgUnKC05eQ0rI3UyAxZs%26flow_id%3DBBcIdg%253D%253D%26click_id%3DBgQXIhkGDjo1AxEiKBsXIg1jATALDBYm%26sourcename%3DBjkceAwVBnE%253D&dr=https%3A%2F%2Fstartd0wnload22x.com%2F&dt=Send%20Large%20Files%20-%20Free%20Secure%20File%20Transfer&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-0W2W2GERN1>m=2oeb90&_p=546541862&cid=1220507389.1669079047&ul=en-us&sr=1280x1024&_s=1&sid=1669079047&sct=1&seg=0&dl=https%3A%2F%2Finstl-soft.com%2Fdownload.php%3Ffilename%3DLxRkOSE8cnAzJgUnKC05eQ0rI3UyAxZs%26flow_id%3DBBcIdg%253D%253D%26click_id%3DBgQXIhkGDjo1AxEiKBsXIg1jATALDBYm%26sourcename%3DBjkceAwVBnE%253D&dr=https%3A%2F%2Fstartd0wnload22x.com%2F&dt=Send%20Large%20Files%20-%20Free%20Secure%20File%20Transfer&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0W2W2GERN1>m=2oeb90&_p=546541862&cid=1220507389.1669079047&ul=en-us&sr=1280x1024&_s=1&sid=1669079047&sct=1&seg=0&dl=https%3A%2F%2Finstl-soft.com%2Fdownload.php%3Ffilename%3DLxRkOSE8cnAzJgUnKC05eQ0rI3UyAxZs%26flow_id%3DBBcIdg%253D%253D%26click_id%3DBgQXIhkGDjo1AxEiKBsXIg1jATALDBYm%26sourcename%3DBjkceAwVBnE%253D&dr=https%3A%2F%2Fstartd0wnload22x.com%2F&dt=Send%20Large%20Files%20-%20Free%20Secure%20File%20Transfer&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://instl-soft.com
Connection: keep-alive
Referer: https://instl-soft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://instl-soft.com
date: Tue, 22 Nov 2022 01:04:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/flowbite@1.5.3/dist/flowbite.min.css
104.16.124.175200 OK 0 B URL HTTP/2 unpkg.com/flowbite@1.5.3/dist/flowbite.min.css
IP 104.16.124.175:0
GET /flowbite@1.5.3/dist/flowbite.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://instl-soft.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 01:04:06 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1e167-05seFaTX5Dxlizw780dH6alxLT4"
via: 1.1 fly.io
fly-request-id: 01GE87QQ68JRRAE22AJX4KV995-fra
cf-cache-status: HIT
age: 4502666
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76ddbfc9fb56b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2
back-easy.com/c4fel7k.php?key=n5b278vdjppji3iiw7z4&source=337836&keyword=&external_id=AAYgfGOsJwUA2FQCAE5PFwAMADdk1l8A
104.21.44.195302 Found 0 B URL HTTP/2 back-easy.com/c4fel7k.php?key=n5b278vdjppji3iiw7z4&source=337836&keyword=&external_id=AAYgfGOsJwUA2FQCAE5PFwAMADdk1l8A
IP 104.21.44.195:0
GET /c4fel7k.php?key=n5b278vdjppji3iiw7z4&source=337836&keyword=&external_id=AAYgfGOsJwUA2FQCAE5PFwAMADdk1l8A HTTP/1.1
Host: back-easy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://startd0wnload22x.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 22 Nov 2022 01:04:06 GMT
content-type: text/html; charset=UTF-8
location: https://instl-soft.com/index.php?filename=Unknown&click_id=0abea2ttlqqb7blde0&sourcename=337836&flow_id=96
set-cookie: uclick=2ttlqqb7bl; expires=Wed, 23-Nov-2022 01:04:06 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=2ttlqqb7bl-2ttlqqb7bl-16-0-16-my-9l-e1507e; expires=Wed, 23-Nov-2022 01:04:06 GMT; Max-Age=86400; path=/; secure; SameSite=none
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZOIw0jDl3hFEM%2B6Hprw9HezP%2F6bWK%2F%2BEp3ZxZ%2FeeMjxCWm01TeuBngOiYw%2BhpnuBwlqc%2FxuwCyZUB3xgfEMIWMYYTetw5utQtEhXQJJHIHOSYvWwvUCq%2Bz3RM9C1NDz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ddbfc73e55b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
instl-soft.com/index.php?filename=Unknown&click_id=0abea2ttlqqb7blde0&sourcename=337836&flow_id=96
104.21.71.226302 Found 0 B URL HTTP/2 instl-soft.com/index.php?filename=Unknown&click_id=0abea2ttlqqb7blde0&sourcename=337836&flow_id=96
IP 104.21.71.226:0
GET /index.php?filename=Unknown&click_id=0abea2ttlqqb7blde0&sourcename=337836&flow_id=96 HTTP/1.1
Host: instl-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://startd0wnload22x.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 22 Nov 2022 01:04:06 GMT
content-type: text/html; charset=UTF-8
location: /download.php?filename=LxRkOSE8cnAzJgUnKC05eQ0rI3UyAxZs&flow_id=BBcIdg%3D%3D&click_id=BgQXIhkGDjo1AxEiKBsXIg1jATALDBYm&sourcename=BjkceAwVBnE%3D
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwncFX1VvnjyxCNuqQQCpuLrUkFlhVdkYZi0Otij9BU25MDYv5So7R5kztzMdxQnBT0f4hVQtVaVTm%2BlMJRQvm3S0U8FnbkWenEDsZcNFl1uSazfr6mpANDtC5Q%2FS1MO5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ddbfc81af6b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2