za.gl/0iFJf
104.26.5.66301 Moved Permanently 0 B IP 104.26.5.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0iFJf HTTP/1.1
Host: za.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 18:00:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 03 Feb 2023 19:00:53 GMT
Location: https://za.gl/0iFJf
Server-Timing: cf-q-config;dur=5.9999983932357e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uBr5hznhpBGm896oMony8ND9K%2BBvz0eNr2SPcujPIrSvastevH72lT4%2BwveXmj5rFATNf1aq7QD3xmdUag70DhBgG3t0vsNa9q9gWGWtCEaM3LuAXRg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793d11941b801c12-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4157
Expires: Fri, 03 Feb 2023 19:10:10 GMT
Date: Fri, 03 Feb 2023 18:00:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17836
Expires: Fri, 03 Feb 2023 22:58:09 GMT
Date: Fri, 03 Feb 2023 18:00:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9250
Expires: Fri, 03 Feb 2023 20:35:03 GMT
Date: Fri, 03 Feb 2023 18:00:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 17:43:35 GMT
content-type: application/json
age: 1038
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nB7WoDn34wLM2/0eaLt1M1gux+FStgp932/FKuVQeEfIVOHn4He4YytMEWa+8dCgYHfsWdz4ECnoYrLVBEHeHw==
x-amz-request-id: 3M9E0PH5AB275ME3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 17:23:37 GMT
age: 2236
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 18:00:53 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js
104.17.25.14200 OK 4.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (548)
Hash 4dc1890d39b14772f9579894d823296e
ae5c8609bcf332695e4669f817c91a20a81e3208
e8280ea3c6c000fb1d319cc116e7ebe934818e2091fcf87dd6cc450b62d00b48
GET /ajax/libs/crypto-js/3.1.2/rollups/aes.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 4256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-3430"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 14394
expires: Wed, 24 Jan 2024 18:00:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFf3xBtsGdLjjc11HvNFhVFe1ygaZP4HjujRbT7Z7v4bi2izYu5bVnIbvj72EOMYILjyJpmVmsrG4Gm117bhnFq3sI3Ikoq%2BhCuu2sz%2FvcNoKd0mEOa36PjjYUTC04pXVYxc%2F%2BLW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 793d11997f031c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
za.gl/0iFJf
104.26.5.66200 OK 30 kB IP 104.26.5.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6874), with CRLF, LF line terminators
Hash 1f76a71f254049d486bde8bbf0e82114
dfd2dc3d66abd7e0281694ec0677b6e68d71501a
d5d908fc1f97af74c0469235851d026f17a75c0b42086e06bee0770f8a02f585
GET /0iFJf HTTP/1.1
Host: za.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:53 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: AppSession=tm16grpu81crfc68tndcllrhg6; path=/; HttpOnly
zagl_publisher=472804; expires=Fri, 03-Feb-2023 18:01:53 GMT; Max-Age=60; path=/
scr=0.45; expires=Fri, 03-Feb-2023 18:01:53 GMT; Max-Age=60; path=/
zagl_publisher=472804; expires=Fri, 03-Feb-2023 18:01:53 GMT; Max-Age=60; path=/
scr=0.45; expires=Fri, 03-Feb-2023 18:01:53 GMT; Max-Age=60; path=/
csrfToken=78123b139e1c3852fa7aa89337f1a91db6a162233d3ce329b383eb5d74f05b85d2479e296d013fa86b3d086b025c489469cdb9ba004c7daee8174208947f8200; path=/
visitor=Q2FrZQ%3D%3D.OWZjZGM2ZTM3MTM2ZDYwMDdiYzA3Yzk0Y2EyN2M3NWEyZjI3N2MyNTg1YmE5NDg3Y2JlYzYxMmRlZjg0ZmY4Zgt5W61I7m3yimhszdL%2FV20lcuP6HiZRPzD%2Fg2XA2pES6xNZxIZEubM0fyppCDTevINzmNbVwiKX2U1FsXz6vobPPSIZfV99NqGQuTnLazcc; expires=Sat, 04-Feb-2023 18:00:53 GMT; Max-Age=86400; path=/; HttpOnly
hash=Q2FrZQ%3D%3D.ODE4YWE1ODQyOGQ3YTc5NWUxOGIyMDM4ODE0NDk4ZDZhZmQ1NmJhNTQxMWFhM2IwY2VhYjkyNzM3MmNkNmU2N2OHAQUvbWc3T5t3%2BYmOCzk8eQXVMYNl3JX4d8r6wQLhdJQyij1TJoHFfSULE50kAAG8nI6szPZwmkgsu51%2Fo4Y%3D; expires=Fri, 03-Mar-2023 18:00:53 GMT; Max-Age=2419200; path=/
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iUBQ0y%2FssrRlgtm6RYMrPB2GuIfELt%2FDTW4HQJ66oi1xW3aDiOSDJRzCetMCf%2FyCATS2HICWS871A9VLC3laNKENYTpdR4391CCVtHkRfklqqLuSyUu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793d1196187ab4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16320
Expires: Fri, 03 Feb 2023 22:32:54 GMT
Date: Fri, 03 Feb 2023 18:00:54 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 553 B IP 93.184.220.29:0
Hash 4ad3dcab44fc2948a18d0fd0a7a291b3
e6b296348836342ab3a43654cd71f3a3b0624ce5
d2cca857abce29c42385098a8b8d74c26b0df914f14a89ab49a42099de614e4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4784
Cache-Control: max-age=136890
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Etag: "63dcace0-117"
Expires: Sun, 05 Feb 2023 08:02:24 GMT
Last-Modified: Fri, 03 Feb 2023 06:42:40 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 743 B IP 142.250.74.163:0
Hash 517d529f0f6f62b909277a535f4a8e1e
37a2f7038da710f17f4c31819351a7d955dabe37
7b9afe618899ed0f8473dd1475ae425c94d4f6de4895ddc600e5631de25ca21c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 4cf0ccf2909be74efd7a89dbe4228ffb
b4993da334b48312584d116a3de4be4cd71962cf
e81c8aa45d0707079d9eba798fb447059042453be4834d14467839688ca66f5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
216.58.207.234200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (32058)
Hash fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 19:02:59 GMT
expires: Tue, 30 Jan 2024 19:02:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 341875
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 17:49:06 GMT
age: 708
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.164200 OK 1.5 kB URL HTTP/2 www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.164:0
Hash 0b4f5bbaf04a573d7965f6871ac85c47
1e5f792ec1c68880f1abf782dd4fe982100a3c73
3e4d0b1446dc227027bdd8267667b21967a7549cd937e5b065f4fe203258406c
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 03 Feb 2023 18:00:54 GMT
date: Fri, 03 Feb 2023 18:00:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 581
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-120643151-1
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-120643151-1
IP 172.217.21.168:0
File type ASCII text, with very long lines (1759)
Hash aa39b1a99aa163156e524a39202b0b8d
fdbd62d11c6adbd75144b5db1cb91c905d9caefc
1b088f38260b2a5a5fa76e4cb75e07a730703fb602e2452b9770a0720643cae6
GET /gtag/js?id=UA-120643151-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 18:00:54 GMT
expires: Fri, 03 Feb 2023 18:00:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43912
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3
172.217.21.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-6QVVMFTPT3
IP 172.217.21.168:0
File type ASCII text, with very long lines (19467)
Hash 617ec65820682a3ebabcd290078ff49f
879d36074ee4ceebf8b1973ecbb0cf94bae68cd6
d299adc47da7816274af56886b44088c1a3a364b01f579310618f705f0eddafe
GET /gtag/js?id=G-6QVVMFTPT3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 18:00:54 GMT
expires: Fri, 03 Feb 2023 18:00:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77025
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 2.8 kB IP 142.250.74.163:0
Hash c49291b72e7b02cd0ca9b8988a94a094
5ebe5bcbf1e7bacdf3b5c8e4761be1eae86c2be9
c138146b33f872e3499778948710e67b3dfb0f408075bd6acea1cc5ded14e149
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
polyfill.io/v3/polyfill.js?features=Intl%2Cfetch
151.101.65.26200 OK 613 B URL HTTP/2 polyfill.io/v3/polyfill.js?features=Intl%2Cfetch
IP 151.101.65.26:0
Hash eb61cde893595318156a0e3af4289f9b
60c45f94824809d7f382d9e2042de95875aa5f80
e2ee61f7dfdec30a8c10539aff697f283a23e401b71f5ce18efdfdcdfeb9ea4e
GET /v3/polyfill.js?features=Intl%2Cfetch HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
last-modified: Fri, 03 Feb 2023 05:21:24 GMT
content-encoding: br
useragent_normaliser: firefox/105.0.0
age: 0
date: Fri, 03 Feb 2023 18:00:54 GMT
vary: User-Agent, Accept-Encoding
server-timing: PASS, fastly;desc="Edge time";dur=195
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 32 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash bc1c456b86cae32ec4dff9d5bf61e015
3ce0deac5302657c77bba7750e07ee01fe259fda
2f19b1b18957bd5147d47c4cddb2e7e20d3776e4ed08b2abed59d19217c7855c
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 18:00:54 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "347E140F06BA447E1BFA43ACF670D25E8E7B2BD5"
Expires: Sat, 04 Feb 2023 04:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 16:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2775
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793d119b6df7b51d-OSL
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 4.6 kB IP 142.250.74.163:0
Hash 18790f0c8256cc853392955ceae7b2bb
b85d39e2eea50d0039ea84868e6b1eeb1858743a
4023c07b5b26e847633efddb8e4e9d60b0287de46ea1f07ada0caa40c961be7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.149.156.115101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.156.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rKZJ9ayI/j66e/1P2y8TKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5ocDE/TImKE19jH0nYjmAjpq5d4=
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
216.58.207.227200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 18212, version 1.0\012- data
Hash ca72fb4e277e59be50b8850190822581
159b97b22006fe2a483da0a13d33cfb3cc5aa031
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
GET /s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 10:05:58 GMT
expires: Fri, 02 Feb 2024 10:05:58 GMT
cache-control: public, max-age=31536000
age: 114896
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
216.58.207.227200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 18096, version 1.0\012- data
Hash f29503a1895affee5ed85d0246238af8
f474c6e8a3e4e28fb68cf7fb29bd448cdfeb0278
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
GET /s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 09:47:25 GMT
expires: Wed, 31 Jan 2024 09:47:25 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
content-type: font/woff2
age: 288809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9989815a8a2bea61a8e83ec08d8757be
c326d76322db9fa8cde9c0b6f4866a408ea4bdda
e3f54bdb13f536d747a2d35bbd3dabc9d415a577cbc221226281c2f6e7ff1e53
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3F54BDB13F536D747A2D35BBD3DABC9D415A577CBC221226281C2F6E7FF1E53"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21586
Expires: Sat, 04 Feb 2023 00:00:40 GMT
Date: Fri, 03 Feb 2023 18:00:54 GMT
Connection: keep-alive
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 8f900b4d23d4d09745209ce94f193db7
c6afecb168f239097c2aa94f4f1a812eb5ff7fad
2b0e2bbc284db36cd9ea85b67edb36ac4fd028833acc812e93a3f2d9443f2408
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 18:00:54 GMT
Last-Modified: Fri, 03 Feb 2023 17:25:20 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zmdr8CBvrnI92P50JtlgZ2KtHb_rlUPMJk64uSjyw469je7JY7-fOg==
Age: 2134
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 18:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
metredesculic.com/1clkn/14927
23.109.248.169200 OK 26 B URL HTTP/1.1 metredesculic.com/1clkn/14927
IP 23.109.248.169:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/14927 HTTP/1.1
Host: metredesculic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 18:00:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sat, 04-Feb-2023 18:00:54 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Sat, 04-Feb-2023 18:00:54 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 17:44:08 GMT
expires: Fri, 03 Feb 2023 19:44:08 GMT
cache-control: public, max-age=7200
age: 1006
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 292063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c3ef31517a383dcca1bb77d881c8d5bf
8a76375661b9b424963c88a1dd2f62b9e10e8143
e0a56ceb58d55470d3bbcee3d780a8df6d27a64d806726a2224f92fb6e45211b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0A56CEB58D55470D3BBCEE3D780A8DF6D27A64D806726A2224F92FB6E45211B"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 04 Feb 2023 00:00:55 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 82fd61bd95147238019d385fd2d4fdd0
e6313454e0687f23f42ed0d42d2dbaf286992d3c
26ca3105134b45fb3c8795cdedbabf995eb7d00d99b312b40cc66204535940ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CA3105134B45FB3C8795CDEDBABF995EB7D00D99B312B40CC66204535940ED"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 04 Feb 2023 00:00:55 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-6QVVMFTPT3>m=45je3210&_p=280750025&cid=356934552.1675447286&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675447286&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2F0iFJf&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-6QVVMFTPT3>m=45je3210&_p=280750025&cid=356934552.1675447286&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675447286&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2F0iFJf&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6QVVMFTPT3>m=45je3210&_p=280750025&cid=356934552.1675447286&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675447286&sct=1&seg=0&dl=https%3A%2F%2Fza.gl%2F0iFJf&dt=za.gl&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://za.gl
date: Fri, 03 Feb 2023 18:00:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 fishermanslush.com/3e/c0/90/3ec0905094195898e97f189a6f59b52b.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37172), with no line terminators
Hash 6579205ef008f54d8a5e9bf84a988a53
1912e7db249e984a50adb04690cdf53101a5a060
7aec9d3abda569834100635655e1fc102dc7f60aa8ebca5a6c991ff91b02bc4e
GET /3e/c0/90/3ec0905094195898e97f189a6f59b52b.js HTTP/1.1
Host: fishermanslush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 18:00:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25ded1cc2ada7927103bd5bf6673bd18
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e70e9e5d74eea4fe2727fac986865133
0b1a570e9520def8578d434b6ea0cbf204a58098
ac8d96ba934b1a398256d1b309d27f6f028575ea4dd88678d0c83d2688bf86fb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AC8D96BA934B1A398256D1B309D27F6F028575EA4DD88678D0C83D2688BF86FB"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16611
Expires: Fri, 03 Feb 2023 22:37:46 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive
fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js
192.243.59.20200 OK 23 kB URL HTTP/1.1 fishermanslush.com/ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash 781c8227e442c833c61995cb9519a0d9
30f13dcf609fbece04252b137a82b4465c1b81c3
0c68a5f21f17035112989a77555fa3f39ccd1b3ee5305d2040473cf7ecb2087c
GET /ae/5b/60/ae5b60e24661bf9ec039fadca57ec6c7.js HTTP/1.1
Host: fishermanslush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 03 Feb 2023 18:00:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6c5cf2aafad499cd098486626c99eb2c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 474 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 00dacb8dcfe14ecd6de5965dbc8622d9
9ba4207a00db50dceeaa998c35311567308f7b83
0c64f9090c8c5439c26d0e40a0be7e8795f8417ad6d3afea1afc999fdfed4e54
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 18:00:55 GMT
Last-Modified: Fri, 03 Feb 2023 16:56:17 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: md3tybVf5D_PwD5629o6jWnPVEP79ulNKQoe9ITsZeGmsWMMRsK6TA==
Age: 3878
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash fa3624bc84580086bddb67ca5bbe6262
d4b513ab6ddd508cc7dea13ca61da698bfd0e0bc
d00f09cc774b94c2292539a25f112348d04d6febd5b779b7c8e6da9725e125d2
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://za.gl
access-control-allow-credentials: true
set-cookie: uid_id2=4c2344e2-af03-4684-a6b4-1596f4983cb7:1:1; expires=Mon, 31 Jan 2033 18:00:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 66da7221c719d977bfd9dd068eeb11e7
71116c9bbf15166dc6b1b5cfb7b66c6229071403
0917c25f1dd8137cedd50a2bf9419b08405a2bba9ef4eecf2e9105b04a30813c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:55 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://za.gl
access-control-allow-credentials: true
set-cookie: uid_id2=4df99663-9288-4d6a-8d15-fe075eb12534:3:1; expires=Mon, 31 Jan 2033 18:00:55 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.203.23200 OK 28 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.203.23:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash f02d180e0deac3d69312e6f91743f239
4df63c4403df593849b9eb78cea56abaad14aa37
18e0853c92f1da16372ee313bb402dbfddb0df9e5ab1d7a3c859d1cad9406cc2
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:55 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2f260f2781033cd08ca408155c58abfa
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 Feb 2023 18:00:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjAZRzeiBMTtKVw8AhPSEjAYvmHH8xvNVrbesaUhgnrq5CPX208yIc8Lw%2FvQSZIz7AtOGHHTGtmG%2FniOMX%2F6nZq3fU6uHo69PrATLW13pOmYKn9bR1VPU5qxo%2BwJmibwLZK5M40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793d11a368354084-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cf963d54bd13560b2590d8397b99e265
c1afab79363f559cd3b44d7e88a473638628cae6
f2ecaee084b969c4893660a0da3130da592303384d33c98a70e2ab617335c567
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2ECAEE084B969C4893660A0DA3130DA592303384D33C98A70E2AB617335C567"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13349
Expires: Fri, 03 Feb 2023 21:43:24 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13958
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13958
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13958
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13958
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13958
Expires: Fri, 03 Feb 2023 21:53:33 GMT
Date: Fri, 03 Feb 2023 18:00:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24261df857fd20898ed41615ff44efd2
5ebaae7786e95f6daf7e837ce741f96611a64335
b947696fced12e35736691fb27c5cc4ddb28e4b4781cfbb69b8b4011b84aca5b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F999ec9b9-96eb-4927-a0d5-3e4a89cca4ad.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10971
x-amzn-requestid: 87d6a618-4ddf-4e40-aaeb-f6e38c274c23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: feH0jHisoAMFgpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d58683-2de413f446505ec44ab2a390;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 20:33:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bSK5RmNEDZxTn_J6zk6eGwhUexiPYxHRnvs7h0DtRM-fXMJ1QsmtHw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 09:43:13 GMT
age: 29862
etag: "5ebaae7786e95f6daf7e837ce741f96611a64335"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 70382
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 70326
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aTs6L8dJENFRdtBn7ggAbY5yaYRAzSY2B0bmElV4YNPrJg-KRDAyNA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:56 GMT
age: 72840
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 47255
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 63352
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
naveljutmistress.com/pixel/purst?dl=0&th=0&sc=0&rs=2653&rd=2653&fd=1348&bv=22.10.v.9&tmpl=70
192.243.61.225200 OK 0 B URL HTTP/1.1 naveljutmistress.com/pixel/purst?dl=0&th=0&sc=0&rs=2653&rd=2653&fd=1348&bv=22.10.v.9&tmpl=70
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2653&rd=2653&fd=1348&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: naveljutmistress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fee867d660e7db4f404f9d19666d1a06
db98da7eacd4966c62c7f688e10921fc71579bce
6d54bae814fa49d7b9f10b42371f23af095338193032f711af9eef02dd814534
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D54BAE814FA49D7B9F10B42371F23AF095338193032F711AF9EEF02DD814534"
Last-Modified: Thu, 02 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5046
Expires: Fri, 03 Feb 2023 19:25:02 GMT
Date: Fri, 03 Feb 2023 18:00:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 47d3156a01937914d3788651a5a1df4e
9f757e95fa9ba9ea3949d29f2617040b3088464a
95796fa7ec26c1f9f6f4d1503b0034405e323786758ae835de2ae53f6e378ec5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95796FA7EC26C1F9F6F4D1503B0034405E323786758AE835DE2AE53F6E378EC5"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14676
Expires: Fri, 03 Feb 2023 22:05:32 GMT
Date: Fri, 03 Feb 2023 18:00:56 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=4df99663-9288-4d6a-8d15-fe075eb12534&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=4df99663-9288-4d6a-8d15-fe075eb12534&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=4df99663-9288-4d6a-8d15-fe075eb12534&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=ae5b60e24661bf9ec039fadca57ec6c7&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 93b3f4c6225bca4ab94f4c975b952ae2
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=4df99663-9288-4d6a-8d15-fe075eb12534&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=4df99663-9288-4d6a-8d15-fe075eb12534&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=4df99663-9288-4d6a-8d15-fe075eb12534&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=3ec0905094195898e97f189a6f59b52b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:56 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8c623469559151d157d9b47e73ab3da8
Strict-Transport-Security: max-age=0; includeSubdomains
inflectedminimalbits.com/sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=4c2344e2-af03-4684-a6b4-1596f4983cb7%3A1%3A1
173.233.137.60200 OK 4.4 kB URL HTTP/1.1 inflectedminimalbits.com/sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=4c2344e2-af03-4684-a6b4-1596f4983cb7%3A1%3A1
IP 173.233.137.60:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6037), with no line terminators
Hash f490c33b679868ff0d16a1cfc81be2de
d5b7e7503ca980a1ae2ec26a9a2018dfcfd9fdae
b2aea4b3ea933f0226f2b5ba4db926cd825141d57cb98f2be608e1cbc02aaaad
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=3ec0905094195898e97f189a6f59b52b&uuid=4c2344e2-af03-4684-a6b4-1596f4983cb7%3A1%3A1 HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:56 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://za.gl
Access-Control-Allow-Origin: https://za.gl
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16908321; expires=Sat, 04 Feb 2023 18:00:56 GMT; secure; SameSite=None
uid_id2=4c2344e2-af03-4684-a6b4-1596f4983cb7:1:1; expires=Fri, 10 Feb 2023 18:00:56 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 Feb 2023 18:00:56 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 Feb 2023 18:00:56 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 04 Feb 2023 18:00:56 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 04 Feb 2023 18:00:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d31abc1616e89a0e75d6b6b0d9592a17
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
inflectedminimalbits.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwW8bxReeTfO7%2FJBQQVw4IAziUCTi7Nq7trcVqgglKGpJo7YoFy4zs7POkPHOambX6%2FgUUQnlgKi5cdx8ThoBFaJ%2FABLacEG5UHOAHJp%2FAsEZ2bFkeNLue2%2B%2Bd%2Fje973PD%2FML4iKn51sf6aFUiq4Gdbd2bVsmkS5sbfNBzXPr7o3atkxa%2Fo3aYPoz%2FeueG9Tdt2sfCr6rVxuu57qe69XWpRGxHqzOUMj0SejVQ7fuN%2Bpe4GNg%2Ftvb3IGlDqL%2BBXkZMpr8b%2BeXp5C8QtL74Zawu5lO3%2FmglyuaaYN%2BdPJxspvoIkFvUcbGQZyczKeh7YSQr5egk5P5BtD9o%2BkGYHJCnN89sORkThOsf3zJlCmIBCx6AUW%2FglAVJK3A9UPI6BkBeITNu0h6jze1KejeJUqn6IQs%2F%2F0nZDEhy89fQdL7fk3JQe2%2BVnkmdWIxiEvIQQXZrZDmp8iGDmRxCp59BhkRJL0SMjp%2Fy%2BeNpu%2BLxgqN3eaK3%2Br4K7TF%2FBUvCFuxH3aanLVn0khZQcYVlBiBWgf59JMO8thBnjroRec1GoSx67ZjFjebHZ9z3mxyHnRaURA1%2FU7sIudT7iNk6QhcjcDNPlKzj105gsl%2Fgt0pYSMHNiPoRyUKQVBYgoISFJKgyAiKfnkcKduw5eNI2Zx589yY52Y51ln3kB7rrCsScphekJemgjlL5A3sivNaU3A3dAM39L0w6IQdEbZjrxPSVhyELGgwWFlC2qXZmsOpe786SKe5uApGT2HVKbi8Cpq%2FBlqM2w0XdGfsd1wMk%2BMhrXcVIl0izZaR7TmH6oK8OnPs%2BrsvQvCzm5NHn1z7q3oEbkqkpsSn8meCrjoY39MFObqnC0ue3k0z2ZNDOnXzfkYzceXb22Kv0CbauGVH37zHp8C0fPJA2OwOTSKZdC35bk1GkTDr2nBBftyw24Jt5XZnLTdJnt7Zen99o5caYa3USQUqn9kvwOWE%2FP%2Fgy9mdvv5mCmkqmLxELz8j84DUFXi6D5su2FtNYNRihqUOirwcmwZbPCpJoMSip6yE%2FVfPFvWhPUDXOKDZw9l19k2JvipB1Qg2vzLOUnN287fmLMCUM2bKOEdMGfXVpbRWntdEELuxcBuCxSGL29SNwtgPGQ090WYB9ZDZCX9%2B%2B49%2FAAAA%2F%2F8BAAD%2F%2F1R8u0J%2FBAAA
173.233.137.60200 OK 7 B URL HTTP/1.1 inflectedminimalbits.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwW8bxReeTfO7%2FJBQQVw4IAziUCTi7Nq7trcVqgglKGpJo7YoFy4zs7POkPHOambX6%2FgUUQnlgKi5cdx8ThoBFaJ%2FABLacEG5UHOAHJp%2FAsEZ2bFkeNLue2%2B%2Bd%2Fje973PD%2FML4iKn51sf6aFUiq4Gdbd2bVsmkS5sbfNBzXPr7o3atkxa%2Fo3aYPoz%2FeueG9Tdt2sfCr6rVxuu57qe69XWpRGxHqzOUMj0SejVQ7fuN%2Bpe4GNg%2Ftvb3IGlDqL%2BBXkZMpr8b%2BeXp5C8QtL74Zawu5lO3%2FmglyuaaYN%2BdPJxspvoIkFvUcbGQZyczKeh7YSQr5egk5P5BtD9o%2BkGYHJCnN89sORkThOsf3zJlCmIBCx6AUW%2FglAVJK3A9UPI6BkBeITNu0h6jze1KejeJUqn6IQs%2F%2F0nZDEhy89fQdL7fk3JQe2%2BVnkmdWIxiEvIQQXZrZDmp8iGDmRxCp59BhkRJL0SMjp%2Fy%2BeNpu%2BLxgqN3eaK3%2Br4K7TF%2FBUvCFuxH3aanLVn0khZQcYVlBiBWgf59JMO8thBnjroRec1GoSx67ZjFjebHZ9z3mxyHnRaURA1%2FU7sIudT7iNk6QhcjcDNPlKzj105gsl%2Fgt0pYSMHNiPoRyUKQVBYgoISFJKgyAiKfnkcKduw5eNI2Zx589yY52Y51ln3kB7rrCsScphekJemgjlL5A3sivNaU3A3dAM39L0w6IQdEbZjrxPSVhyELGgwWFlC2qXZmsOpe786SKe5uApGT2HVKbi8Cpq%2FBlqM2w0XdGfsd1wMk%2BMhrXcVIl0izZaR7TmH6oK8OnPs%2BrsvQvCzm5NHn1z7q3oEbkqkpsSn8meCrjoY39MFObqnC0ue3k0z2ZNDOnXzfkYzceXb22Kv0CbauGVH37zHp8C0fPJA2OwOTSKZdC35bk1GkTDr2nBBftyw24Jt5XZnLTdJnt7Zen99o5caYa3USQUqn9kvwOWE%2FP%2Fgy9mdvv5mCmkqmLxELz8j84DUFXi6D5su2FtNYNRihqUOirwcmwZbPCpJoMSip6yE%2FVfPFvWhPUDXOKDZw9l19k2JvipB1Qg2vzLOUnN287fmLMCUM2bKOEdMGfXVpbRWntdEELuxcBuCxSGL29SNwtgPGQ090WYB9ZDZCX9%2B%2B49%2FAAAA%2F%2F8BAAD%2F%2F1R8u0J%2FBAAA
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwW8bxReeTfO7%2FJBQQVw4IAziUCTi7Nq7trcVqgglKGpJo7YoFy4zs7POkPHOambX6%2FgUUQnlgKi5cdx8ThoBFaJ%2FABLacEG5UHOAHJp%2FAsEZ2bFkeNLue2%2B%2Bd%2Fje973PD%2FML4iKn51sf6aFUiq4Gdbd2bVsmkS5sbfNBzXPr7o3atkxa%2Fo3aYPoz%2FeueG9Tdt2sfCr6rVxuu57qe69XWpRGxHqzOUMj0SejVQ7fuN%2Bpe4GNg%2Ftvb3IGlDqL%2BBXkZMpr8b%2BeXp5C8QtL74Zawu5lO3%2FmglyuaaYN%2BdPJxspvoIkFvUcbGQZyczKeh7YSQr5egk5P5BtD9o%2BkGYHJCnN89sORkThOsf3zJlCmIBCx6AUW%2FglAVJK3A9UPI6BkBeITNu0h6jze1KejeJUqn6IQs%2F%2F0nZDEhy89fQdL7fk3JQe2%2BVnkmdWIxiEvIQQXZrZDmp8iGDmRxCp59BhkRJL0SMjp%2Fy%2BeNpu%2BLxgqN3eaK3%2Br4K7TF%2FBUvCFuxH3aanLVn0khZQcYVlBiBWgf59JMO8thBnjroRec1GoSx67ZjFjebHZ9z3mxyHnRaURA1%2FU7sIudT7iNk6QhcjcDNPlKzj105gsl%2Fgt0pYSMHNiPoRyUKQVBYgoISFJKgyAiKfnkcKduw5eNI2Zx589yY52Y51ln3kB7rrCsScphekJemgjlL5A3sivNaU3A3dAM39L0w6IQdEbZjrxPSVhyELGgwWFlC2qXZmsOpe786SKe5uApGT2HVKbi8Cpq%2FBlqM2w0XdGfsd1wMk%2BMhrXcVIl0izZaR7TmH6oK8OnPs%2BrsvQvCzm5NHn1z7q3oEbkqkpsSn8meCrjoY39MFObqnC0ue3k0z2ZNDOnXzfkYzceXb22Kv0CbauGVH37zHp8C0fPJA2OwOTSKZdC35bk1GkTDr2nBBftyw24Jt5XZnLTdJnt7Zen99o5caYa3USQUqn9kvwOWE%2FP%2Fgy9mdvv5mCmkqmLxELz8j84DUFXi6D5su2FtNYNRihqUOirwcmwZbPCpJoMSip6yE%2FVfPFvWhPUDXOKDZw9l19k2JvipB1Qg2vzLOUnN287fmLMCUM2bKOEdMGfXVpbRWntdEELuxcBuCxSGL29SNwtgPGQ090WYB9ZDZCX9%2B%2B49%2FAAAA%2F%2F8BAAD%2F%2F1R8u0J%2FBAAA HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=4c2344e2-af03-4684-a6b4-1596f4983cb7:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2b6adcce8124ddcc444e62e7b8442dc4
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 358c0cc441f7401b74509340db8b0014
19c0c7970d9a01d09daa48fd89a756d3da76a4d8
f4b0f1711cc67ff151c6ce05827d1663b2569b55a669e8bb4a1dd21b3972dfea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4B0F1711CC67FF151C6CE05827D1663B2569B55A669E8BB4A1DD21B3972DFEA"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4673
Expires: Fri, 03 Feb 2023 19:18:50 GMT
Date: Fri, 03 Feb 2023 18:00:57 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e1326b1d0b68cc5f9b8efc40c36f9231
d3578c1a32fbc184b8169373299d315ca68b2f12
25c07b57c23f9ecc3499e3f95c6f44c74a532a1ac521562c689d665a29fc9614
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "25C07B57C23F9ECC3499E3F95C6F44C74A532A1AC521562C689D665A29FC9614"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10347
Expires: Fri, 03 Feb 2023 20:53:24 GMT
Date: Fri, 03 Feb 2023 18:00:57 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e1326b1d0b68cc5f9b8efc40c36f9231
d3578c1a32fbc184b8169373299d315ca68b2f12
25c07b57c23f9ecc3499e3f95c6f44c74a532a1ac521562c689d665a29fc9614
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "25C07B57C23F9ECC3499E3F95C6F44C74A532A1AC521562C689D665A29FC9614"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10347
Expires: Fri, 03 Feb 2023 20:53:24 GMT
Date: Fri, 03 Feb 2023 18:00:57 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e1326b1d0b68cc5f9b8efc40c36f9231
d3578c1a32fbc184b8169373299d315ca68b2f12
25c07b57c23f9ecc3499e3f95c6f44c74a532a1ac521562c689d665a29fc9614
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "25C07B57C23F9ECC3499E3F95C6F44C74A532A1AC521562C689D665A29FC9614"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10347
Expires: Fri, 03 Feb 2023 20:53:24 GMT
Date: Fri, 03 Feb 2023 18:00:57 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e1326b1d0b68cc5f9b8efc40c36f9231
d3578c1a32fbc184b8169373299d315ca68b2f12
25c07b57c23f9ecc3499e3f95c6f44c74a532a1ac521562c689d665a29fc9614
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "25C07B57C23F9ECC3499E3F95C6F44C74A532A1AC521562C689D665A29FC9614"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10347
Expires: Fri, 03 Feb 2023 20:53:24 GMT
Date: Fri, 03 Feb 2023 18:00:57 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
172.64.166.9200 OK 1.1 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP 172.64.166.9:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash edb1d59c5b13639d5887c988790fc2bf
db08b7c62a65d991388dd066e3310e8bb7eccb29
9c35585d5916b83a40ca44cae8b94151456302cccbdc19116673a4ac2532b581
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:57 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 700916
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bp963XT%2BsdhCZZidhJUsnOa0ve9Dq2ZllnZF79aQMd%2BUGGRzN5xrN4bZ%2BXeAUs68%2BdfwLeeIw4kwhbVsJ13CqReWZ9tvHfBwqungpfwbMNiNst5pLI2DTKW8GoCGh2xKJ0QcM5HBIfq8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793d11aedbe9718c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/88/20/d7/8820d768c143122c4a8f72673febf558/1669388682.png
45.133.44.9200 OK 77 kB URL HTTP/2 cdn.cloudimagesb.com/si/88/20/d7/8820d768c143122c4a8f72673febf558/1669388682.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 26cea52015acfd8c5d5a865936fc6a31
54d4ceb358870ea19f8feff669b5d55eb2f1498c
0ad3d172d193c3d75d6df7486d1b2ffa211c553184ad29e3eaba421f01776043
GET /si/88/20/d7/8820d768c143122c4a8f72673febf558/1669388682.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:57 GMT
content-type: image/png
content-length: 76891
server: nginx/1.17.6
last-modified: Fri, 25 Nov 2022 15:04:51 GMT
etag: "6380d993-12c5b"
expires: Sun, 05 Feb 2023 18:00:57 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 276711
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://za.gl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 417537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
inflectedminimalbits.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwY%2FbxBcet%2F1dfkioIC4cEAFxKBKb2rGd2K1QRSlFVUtbtUV74TKeGWeHnXisGTvO5rSiEtoDouHG0ftltyugQvQPQEJeLmgvNBxgD91%2FAsEZJRsp8CT7vTffO3zv%2B97nu%2BUJcVHS47sf6bFUil4M227rwrrMuK5s6%2FaDlue23cutdZl1g8ut0fxnhpc8N2y7b7c%2BFGxTX%2By4nut6rte6Lo1I9ejiAoXMn8ReO3bbQafthQFG5r%2B9LR1Y6oAPT8jLkHz2v41fnkKyBtngh2vCbhY6f%2BeDQalooQ2G%2FODjbDPTVYbBqkyNgzQ7WE5D2xkhX5%2BBzg6WG0AP9%2BYbIJEz4vzuIckOljSRDPdPmSYKIkPCX0A1bCBUA0kbMP0Qkj8jAOO4fQfZ4PFtbSq6dYrSOToj5%2F7%2BE7KakXPPX0E2%2BP6qkqPWfa3KQurMYpTWkKMGst8gLw9RjB3I6hCs%2BAySE2SDGpIfvxWwjh8EorNGU9dfC7pRsEa7SbDmhXE3DeLIZ0lvIY2UDWTaQIkJqHVQzj%2FpoEwdlLmDAT9u0TBOXbeXJqnvRwFjzPcZC6MuD7kfRKmLks25T1DkEzA1ATPbyM02NuUEpvwJdqOG5Q5sQTDkNSpBUFmCihJUkqAqCKphvc%2BV7dj6MVe2TLxl7iyzX0910d%2Bl%2B7roi4zs5ifkpblgzhnyBjbFccsXzI3d0I0DLw6jOBJxL%2FWimHbTME7CTgIra0h7ZrHmeO7erw7yea7OI6GHsOoQTJ4HLV8Draa9jgu6MQ0iF%2BNsf0zbfQWua%2BTFORRbzq46Ia8uHLv07osQ7OjK7NEnF%2F5qHoGZGrmp8an8maCvdqb3dEX27unKkqd38kIO5JjO3bxf0EKc%2Ffam2Kq04Teu2ck377E5MC%2BfPBC2uEUzLrO%2BJd9dlZwLc10bJsiPN%2By6SO6WduNqabIyv3X3%2Fes3BrkR1kqdNaDymf0CTM7I%2F3e%2BXNzp62%2FmkKaBKWsMyiOyDEjdgOXbsPmKvdUERq1mktxBVdZT00lWj0oSKLHqaVLD%2FqtPVvWu3UHfOKDFw8V1Dk2NoapB1QS2PDstcnN05Td%2FEUiUM02UcfYSZdRXp9JaedwKvUBESdRjnCeCca%2FX8SPfdTucB71YeDEKO2PPb%2F7xDwAAAP%2F%2FAQAA%2F%2F9AdDWkfwQAAA%3D%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 inflectedminimalbits.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwY%2FbxBcet%2F1dfkioIC4cEAFxKBKb2rGd2K1QRSlFVUtbtUV74TKeGWeHnXisGTvO5rSiEtoDouHG0ftltyugQvQPQEJeLmgvNBxgD91%2FAsEZJRsp8CT7vTffO3zv%2B97nu%2BUJcVHS47sf6bFUil4M227rwrrMuK5s6%2FaDlue23cutdZl1g8ut0fxnhpc8N2y7b7c%2BFGxTX%2By4nut6rte6Lo1I9ejiAoXMn8ReO3bbQafthQFG5r%2B9LR1Y6oAPT8jLkHz2v41fnkKyBtngh2vCbhY6f%2BeDQalooQ2G%2FODjbDPTVYbBqkyNgzQ7WE5D2xkhX5%2BBzg6WG0AP9%2BYbIJEz4vzuIckOljSRDPdPmSYKIkPCX0A1bCBUA0kbMP0Qkj8jAOO4fQfZ4PFtbSq6dYrSOToj5%2F7%2BE7KakXPPX0E2%2BP6qkqPWfa3KQurMYpTWkKMGst8gLw9RjB3I6hCs%2BAySE2SDGpIfvxWwjh8EorNGU9dfC7pRsEa7SbDmhXE3DeLIZ0lvIY2UDWTaQIkJqHVQzj%2FpoEwdlLmDAT9u0TBOXbeXJqnvRwFjzPcZC6MuD7kfRKmLks25T1DkEzA1ATPbyM02NuUEpvwJdqOG5Q5sQTDkNSpBUFmCihJUkqAqCKphvc%2BV7dj6MVe2TLxl7iyzX0910d%2Bl%2B7roi4zs5ifkpblgzhnyBjbFccsXzI3d0I0DLw6jOBJxL%2FWimHbTME7CTgIra0h7ZrHmeO7erw7yea7OI6GHsOoQTJ4HLV8Draa9jgu6MQ0iF%2BNsf0zbfQWua%2BTFORRbzq46Ia8uHLv07osQ7OjK7NEnF%2F5qHoGZGrmp8an8maCvdqb3dEX27unKkqd38kIO5JjO3bxf0EKc%2Ffam2Kq04Teu2ck377E5MC%2BfPBC2uEUzLrO%2BJd9dlZwLc10bJsiPN%2By6SO6WduNqabIyv3X3%2Fes3BrkR1kqdNaDymf0CTM7I%2F3e%2BXNzp62%2FmkKaBKWsMyiOyDEjdgOXbsPmKvdUERq1mktxBVdZT00lWj0oSKLHqaVLD%2FqtPVvWu3UHfOKDFw8V1Dk2NoapB1QS2PDstcnN05Td%2FEUiUM02UcfYSZdRXp9JaedwKvUBESdRjnCeCca%2FX8SPfdTucB71YeDEKO2PPb%2F7xDwAAAP%2F%2FAQAA%2F%2F9AdDWkfwQAAA%3D%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSwY%2FbxBcet%2F1dfkioIC4cEAFxKBKb2rGd2K1QRSlFVUtbtUV74TKeGWeHnXisGTvO5rSiEtoDouHG0ftltyugQvQPQEJeLmgvNBxgD91%2FAsEZJRsp8CT7vTffO3zv%2B97nu%2BUJcVHS47sf6bFUil4M227rwrrMuK5s6%2FaDlue23cutdZl1g8ut0fxnhpc8N2y7b7c%2BFGxTX%2By4nut6rte6Lo1I9ejiAoXMn8ReO3bbQafthQFG5r%2B9LR1Y6oAPT8jLkHz2v41fnkKyBtngh2vCbhY6f%2BeDQalooQ2G%2FODjbDPTVYbBqkyNgzQ7WE5D2xkhX5%2BBzg6WG0AP9%2BYbIJEz4vzuIckOljSRDPdPmSYKIkPCX0A1bCBUA0kbMP0Qkj8jAOO4fQfZ4PFtbSq6dYrSOToj5%2F7%2BE7KakXPPX0E2%2BP6qkqPWfa3KQurMYpTWkKMGst8gLw9RjB3I6hCs%2BAySE2SDGpIfvxWwjh8EorNGU9dfC7pRsEa7SbDmhXE3DeLIZ0lvIY2UDWTaQIkJqHVQzj%2FpoEwdlLmDAT9u0TBOXbeXJqnvRwFjzPcZC6MuD7kfRKmLks25T1DkEzA1ATPbyM02NuUEpvwJdqOG5Q5sQTDkNSpBUFmCihJUkqAqCKphvc%2BV7dj6MVe2TLxl7iyzX0910d%2Bl%2B7roi4zs5ifkpblgzhnyBjbFccsXzI3d0I0DLw6jOBJxL%2FWimHbTME7CTgIra0h7ZrHmeO7erw7yea7OI6GHsOoQTJ4HLV8Draa9jgu6MQ0iF%2BNsf0zbfQWua%2BTFORRbzq46Ia8uHLv07osQ7OjK7NEnF%2F5qHoGZGrmp8an8maCvdqb3dEX27unKkqd38kIO5JjO3bxf0EKc%2Ffam2Kq04Teu2ck377E5MC%2BfPBC2uEUzLrO%2BJd9dlZwLc10bJsiPN%2By6SO6WduNqabIyv3X3%2Fes3BrkR1kqdNaDymf0CTM7I%2F3e%2BXNzp62%2FmkKaBKWsMyiOyDEjdgOXbsPmKvdUERq1mktxBVdZT00lWj0oSKLHqaVLD%2FqtPVvWu3UHfOKDFw8V1Dk2NoapB1QS2PDstcnN05Td%2FEUiUM02UcfYSZdRXp9JaedwKvUBESdRjnCeCca%2FX8SPfdTucB71YeDEKO2PPb%2F7xDwAAAP%2F%2FAQAA%2F%2F9AdDWkfwQAAA%3D%3D HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=4c2344e2-af03-4684-a6b4-1596f4983cb7:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2c69d98629a60446b0ff3c64ec328580
Strict-Transport-Security: max-age=0; includeSubdomains
inflectedminimalbits.com/pixel/sbs?c=1
173.233.137.60200 OK 0 B URL HTTP/1.1 inflectedminimalbits.com/pixel/sbs?c=1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: inflectedminimalbits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Cookie: u_pl=16908321; uid_id2=4c2344e2-af03-4684-a6b4-1596f4983cb7:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 Feb 2023 18:00:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.googleapis.com/css2?family=DM+Sans:wght@400;700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=DM+Sans:wght@400;700&display=swap
IP 142.250.74.106:0
GET /css2?family=DM+Sans:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 18:00:54 GMT
date: Fri, 03 Feb 2023 18:00:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
openfpcdn.io/fingerprintjs/v3
54.230.111.116200 OK 0 B URL HTTP/2 openfpcdn.io/fingerprintjs/v3
IP 54.230.111.116:0
GET /fingerprintjs/v3 HTTP/1.1
Host: openfpcdn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
server: CloudFront
date: Fri, 03 Feb 2023 16:37:49 GMT
cache-control: public, max-age=581825, s-maxage=10527
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
etag: W/"hgr97TpQKaVAGMaALEadtdFfoCM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: vmomSZo4vdtJvpyenDMUy3DRX04E_kw5uUAku8uw7ZHVIbJNnF4--w==
age: 4985
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:57 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 03 Feb 2023 19:00:57 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP 172.64.166.9:0
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:57 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NStFi1yZw%2BKpBB3JApkC9f3QJohjQeQFXXXqv1q0Q7l%2FbHys9Ny5WOTYHuyBZbbHZFejS7ihxi0xL6rfYlQs0%2F20nYkUQLCPSqgDeD7v1jvKA93rzZ3sKjNBvkBqVDetKTjM7ejuKUR4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793d11ae7b4f7488-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.57.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.57.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:54 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 793d119b0f61b509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP 172.64.166.9:0
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:57 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRQWjw68dDMUafxLwIkgx1bLP1oCCN%2BNHQR5Z8xUaeosIhgf9n70DJUBxaLrqj2PEG8dRMwaGvE%2F8mM4QyUu%2FQphLxKpKD4T%2BhwHQhN9fXCvXOioTeeaGcIPhaGPEnEC0U3RZMywuJxJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793d11ae8b547488-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 172.64.166.9:0
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://za.gl
Connection: keep-alive
Referer: https://za.gl/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 18:00:57 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfpZgGhn%2FKNHdabWKwC%2F7A1eT3AT%2FZn50RyT6WRIBpIGy4UOc3AIjJGS3CGT0%2FI62rS%2B2cs222CdQOWErH%2FJrPgn3cCh%2FTSQJ3yfrz%2FPQ1Ye8yAMU3La2Sjjx9LdEbHt8uqnP8dnqp9h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793d11ae7b4c7488-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2