GET /15GPEG?source={zoneid}&campID={campaignid}&external_id=edfe0bzwfci16f8e HTTP/1.1
Host: gpc.cleaningtooladdon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
 20.113.187.208
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Server: nginx/1.23.0
Date: Wed, 30 Nov 2022 22:06:47 GMT
Content-Length: 906
Connection: keep-alive
X-Powered-By: Express
Set-Cookie: 15GPEGl=20221201011669846891774; domain=.gpc.cleaningtooladdon.com; path=/;expires=Sat, 10 Dec 2022 22:06:47 GMT; httpOnly=true;
_pc_lc_id=15GPEG; domain=.gpc.cleaningtooladdon.com; path=/;expires=Sat, 10 Dec 2022 22:06:47 GMT; httpOnly=true;
__oldc3o=eyIxIjoiMTVHUEVHIiwiMiI6MTMxOTc1OCwiMyI6IldpdGhvdXQgcmVmZXJlciIsIjQiOnsiaSI6WyJzb3VyY2UiLCJjYW1wSUQiLCJleHRlcm5hbF9pZCJdLCJ2IjpbeyJpIjoic291cmNlIiwidiI6Int6b25laWR9In0seyJpIjoiY2FtcElEIiwidiI6IntjYW1wYWlnbmlkfSJ9LHsiaSI6ImV4dGVybmFsX2lkIiwidiI6ImVkZmUwYnp3ZmNpMTZmOGUifV19LCI1IjoiMzI4MzA0IiwiNiI6MSwiOSI6MTY2OTg0NjAwNzYxNCwiMTAiOm51bGwsIjExIjoiMzI2MTQ3IiwiMTIiOjEwLCIxMyI6bnVsbCwiMTQiOjEsIjE1IjowfQ==; domain=.gpc.cleaningtooladdon.com; path=/;expires=Sat, 10 Dec 2022 22:06:47 GMT; httpOnly=true;
peerclickcid=2981d2c22cafd9ae578707aa378fd4f1-40706-1201; domain=.gpc.cleaningtooladdon.com; path=/;expires=Sat, 10 Dec 2022 22:06:47 GMT; httpOnly=true;
_norg=1; domain=.gpc.cleaningtooladdon.com; path=/;expires=Sat, 10 Dec 2022 22:06:47 GMT; httpOnly=true;
Location: https://tomcleaneraddon.com/plpb/prtk/free_memory/?s=2981d2c22cafd9ae578707aa378fd4f1-40706-1201&offer=https://gpc.cleaningtooladdon.com/offer&pr_key=ca2e77306263920ee9ac546753593fb6$YzI4YWVjYWI0YzBjYWUxOQ--egpfSpfJHlo5XtnKsbooMLuypeoOHxbvdt5pzSsdFdD2y.RvTjS6AV3ZDUG3j768ELWRp88WTMrrdoG0EAF0vQb2EkpFQmifNHSN.jvFB5cQFWy43pgRCe6gCaqml2seGtzyus8y533EMd6fqaKOiblOcDT5PmzGH1DTFgOZibwhvfIz7YqtM0WLsR0fcTn1A1g7CZDnqUJQf1cHug_Rlw--
Vary: Accept
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
 95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9009
Expires: Thu, 01 Dec 2022 00:36:56 GMT
Date: Wed, 30 Nov 2022 22:06:47 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 4507
Cache-Control: max-age=135579
Date: Wed, 30 Nov 2022 22:06:47 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:46:26 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
|
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
 34.102.187.140
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 21:19:44 GMT
cache-control: public,max-age=3600
age: 2823
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12036
Expires: Thu, 01 Dec 2022 01:27:23 GMT
Date: Wed, 30 Nov 2022 22:06:47 GMT
Connection: keep-alive
|
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
x-amz-id-2: Z1TXZxYlGTttHa9Ae22jEzpIj5YUl67WY8b9Xm21OgN+saEDhoAEx3cU1/+GO9ExX/dicSD+gsRYFhlexR/GfQ==
x-amz-request-id: 6HHABGRM5V50FCAK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 21:45:23 GMT
age: 1284
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Wed, 30 Nov 2022 22:06:47 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 344
ETag: "865D1560830F42F8A2D8C313DC5D195340BE50797E90AE3F582FF2993E47231C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 01 Dec 2022 04:06:47 GMT
Date: Wed, 30 Nov 2022 22:06:47 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 344
ETag: "865D1560830F42F8A2D8C313DC5D195340BE50797E90AE3F582FF2993E47231C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Thu, 01 Dec 2022 04:06:47 GMT
Date: Wed, 30 Nov 2022 22:06:48 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 4450
Cache-Control: max-age=141257
Date: Wed, 30 Nov 2022 22:06:48 GMT
Etag: "6387475f-117"
Expires: Fri, 02 Dec 2022 13:21:05 GMT
Last-Modified: Wed, 30 Nov 2022 12:06:55 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
|
GET /releases/v5.8.1/webfonts/fa-solid-900.woff HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tomcleaneraddon.com
Connection: keep-alive
Referer: https://tomcleaneraddon.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
172.64.133.15
HTTP/2 200 OK
content-type: font/woff
date: Wed, 30 Nov 2022 22:06:48 GMT
content-length: 96256
x-amz-id-2: sRufhkUxixMN/brC38rkA7El6ehq8JmDhoVEAvcTms5dgq+qlsMiqsRGhdyyJInx9yWt+M/ShAw=
x-amz-request-id: NVA43QVCNXKE3KEB
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
etag: "a7140145ebaaf5fb14e40430af5d25c4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 821975
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoPBJ%2BcEuvcQFYBsE%2FwkS1OvxzST8p40yqZeEG6QLQeNjiK%2BgULMzVwOX6RCCGQ%2FsyLYz8nsieAZCXMsq6kZaonv07F3tPhBOC31KEqDvGSWS1cUTvAXetbh9D2Jh2NgHJ25TbaT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726e46f0e7506c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 4450
Cache-Control: max-age=141257
Date: Wed, 30 Nov 2022 22:06:48 GMT
Etag: "6387475f-117"
Expires: Fri, 02 Dec 2022 13:21:05 GMT
Last-Modified: Wed, 30 Nov 2022 12:06:55 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
|
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 344
ETag: "881CED14D179F53B998E75744684091146AABA29ED759DA76A88EFD1BA0FDBCA"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7670
Expires: Thu, 01 Dec 2022 00:14:38 GMT
Date: Wed, 30 Nov 2022 22:06:48 GMT
Connection: keep-alive
|
GET /s/15051/Segoe%20UI.woff HTTP/1.1
Host: fonts.cdnfonts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tomcleaneraddon.com
Connection: keep-alive
Referer: https://tomcleaneraddon.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
104.26.14.62
HTTP/2 200 OK
content-type: font/woff
date: Wed, 30 Nov 2022 22:06:48 GMT
content-length: 19904
last-modified: Sat, 05 Feb 2022 02:00:37 GMT
etag: "4dc0-5d73bbbd3e296"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 821975
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klrhev5Z3K5cRcWay8yxkzR6sybS9f%2FX0r5uN1HhFXRrkF7vs1lQbvtdWgDLv9zmCJE2Bzv80sYZWk0aYLNqnBOPpoLAU1jv0W%2BKlxghMr0QR3DXZOe3eSShHYtWOb8CUbEcYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7726e47029c1b50b-OSL
X-Firefox-Spdy: h2
|
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.102.187.140
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 21:08:56 GMT
cache-control: public,max-age=3600
age: 3472
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 345
ETag: "372F0E785EBC98B4A64196E7226C131D5366FEC080F2CB04EA571CD6ECE70EAA"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Thu, 01 Dec 2022 04:06:09 GMT
Date: Wed, 30 Nov 2022 22:06:48 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 4503
Cache-Control: max-age=130506
Date: Wed, 30 Nov 2022 22:06:48 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:21:54 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
|
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 345
ETag: "372F0E785EBC98B4A64196E7226C131D5366FEC080F2CB04EA571CD6ECE70EAA"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Thu, 01 Dec 2022 04:06:09 GMT
Date: Wed, 30 Nov 2022 22:06:48 GMT
Connection: keep-alive
|
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FbgOhC5n4A6YxJ6Pz3kvTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
100.20.30.105
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sBtoLePC8N+KzTCAjC2+raA+rt8=
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9057
Expires: Thu, 01 Dec 2022 00:37:46 GMT
Date: Wed, 30 Nov 2022 22:06:49 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9057
Expires: Thu, 01 Dec 2022 00:37:46 GMT
Date: Wed, 30 Nov 2022 22:06:49 GMT
Connection: keep-alive
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 86118
etag: "2f3a39a528d3b759060203931de33c12303592e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7LVxajVjJ1N2W-jxCmKpYHg1rS1MbrRnAVc15QmM0iH94CH1yJnR0w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 04:53:01 GMT
age: 62029
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7mRG070F4NZnewfowUhVhMerJaGjJd4G6O1tvTPiKyvTAzq-Y16-jw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:56:51 GMT
age: 599
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:44:47 GMT
age: 1323
etag: "53650399f9a986ba54addd668b4557109d12003b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GydenCzPtpFdVLqN4ssiZ4dKN48WGneS3mwzEdDE81pobtLznfC4VQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:07:59 GMT
age: 86331
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TEi6NsBKAq6T5MXVBG4ypc1B_ektqFAp9Dc1yY0a2QjRTKybOy_Slw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:43:10 GMT
age: 1420
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /plpb/prtk/free_memory/?s=2981d2c22cafd9ae578707aa378fd4f1-40706-1201&offer=https://gpc.cleaningtooladdon.com/offer&pr_key=ca2e77306263920ee9ac546753593fb6$YzI4YWVjYWI0YzBjYWUxOQ--egpfSpfJHlo5XtnKsbooMLuypeoOHxbvdt5pzSsdFdD2y.RvTjS6AV3ZDUG3j768ELWRp88WTMrrdoG0EAF0vQb2EkpFQmifNHSN.jvFB5cQFWy43pgRCe6gCaqml2seGtzyus8y533EMd6fqaKOiblOcDT5PmzGH1DTFgOZibwhvfIz7YqtM0WLsR0fcTn1A1g7CZDnqUJQf1cHug_Rlw-- HTTP/1.1
Host: tomcleaneraddon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
|
172.67.165.105
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
date: Wed, 30 Nov 2022 22:06:47 GMT
x-powered-by: PHP/7.4.30
cache-control: max-age=600; s-maxage=0; private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vITTUmqtQLT63Gi5MjEdQk2NJ%2FQHfBBYemvNlVRzRErtQoCBaiLNS%2FVNxGcW1YkdPUiaa1TcaRKrRPr6wp5gCzELwGA%2FbCFXeNdKhMh8ZwMG1JonBEmvOb2kNM8%2BjnlRWX3CSif6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726e46d7810fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
Magic:
Size: 0
Md5:
Sha1:
Sha256:
Blocklists:
- quad9: Sinkholed
|
GET /plpb/_pb/commonfr.html?offer=https://gpc.cleaningtooladdon.com/offer&pr_key=ca2e77306263920ee9ac546753593fb6$YzI4YWVjYWI0YzBjYWUxOQ--egpfSpfJHlo5XtnKsbooMLuypeoOHxbvdt5pzSsdFdD2y.RvTjS6AV3ZDUG3j768ELWRp88WTMrrdoG0EAF0vQb2EkpFQmifNHSN.jvFB5cQFWy43pgRCe6gCaqml2seGtzyus8y533EMd6fqaKOiblOcDT5PmzGH1DTFgOZibwhvfIz7YqtM0WLsR0fcTn1A1g7CZDnqUJQf1cHug_Rlw--&s=2981d2c22cafd9ae578707aa378fd4f1-40706-1201 HTTP/1.1
Host: theonlins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
 104.21.68.164
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Wed, 30 Nov 2022 22:06:48 GMT
last-modified: Tue, 10 Aug 2021 12:41:19 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRPrxopXAHPVWdJMsEOByYkfU02gfP4i1V7fmqlllfO89XdWBPnbJDi2RgFc11laJ6VoRpFD0vo9xwouCFz2FRTWwg1nV0rzb1FnFY0Z1YM%2F7WOc7Sc9I%2F%2BZqWLC4rTj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7726e4711a4ab506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
Magic:
Size: 0
Md5:
Sha1:
Sha256:
|
GET /plpb/functions.js?v4 HTTP/1.1
Host: theonlins.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theonlins.com/plpb/_pb/commonfr.html?offer=https://gpc.cleaningtooladdon.com/offer&pr_key=ca2e77306263920ee9ac546753593fb6$YzI4YWVjYWI0YzBjYWUxOQ--egpfSpfJHlo5XtnKsbooMLuypeoOHxbvdt5pzSsdFdD2y.RvTjS6AV3ZDUG3j768ELWRp88WTMrrdoG0EAF0vQb2EkpFQmifNHSN.jvFB5cQFWy43pgRCe6gCaqml2seGtzyus8y533EMd6fqaKOiblOcDT5PmzGH1DTFgOZibwhvfIz7YqtM0WLsR0fcTn1A1g7CZDnqUJQf1cHug_Rlw--&s=2981d2c22cafd9ae578707aa378fd4f1-40706-1201
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
|
104.21.68.164
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 22:06:48 GMT
last-modified: Thu, 24 Nov 2022 19:56:44 GMT
etag: W/"637fcc7c-2de4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JT5fIQtROrlNFKCVwsRaMpvFU40zaiOoK5vYD6TdObtmqJM2F4M7zx11SdV8BTGuTY4Zf2OBgxEbnNE7US1vS2LX%2BvrEobhSA7ApqF%2F%2FQRLPk2DRcJs6TL4s2aXIRFvr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7726e471aaffb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
Magic:
Size: 0
Md5:
Sha1:
Sha256:
|
40.87.152.51
20.215.212.46
20.219.114.194
104.21.70.225
188.114.97.1