t.anmdr.link/75077/8047/27898/?aff_sub4=_bucket&aff_sub=tracking1711-3&aff_sub2=55609&aff_sub3=wv0a1o90d3cdd93limdtvbqm&source=102014363dac667c195026144ba8bd&bo=2753,2754,2755,2756&aff_sub5=_tracking1711-3&aff_sub4=ALGO_bucket
54.230.111.50301 Moved Permanently 167 B URL HTTP/1.1 t.anmdr.link/75077/8047/27898/?aff_sub4=_bucket&aff_sub=tracking1711-3&aff_sub2=55609&aff_sub3=wv0a1o90d3cdd93limdtvbqm&source=102014363dac667c195026144ba8bd&bo=2753,2754,2755,2756&aff_sub5=_tracking1711-3&aff_sub4=ALGO_bucket
IP 54.230.111.50:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /75077/8047/27898/?aff_sub4=_bucket&aff_sub=tracking1711-3&aff_sub2=55609&aff_sub3=wv0a1o90d3cdd93limdtvbqm&source=102014363dac667c195026144ba8bd&bo=2753,2754,2755,2756&aff_sub5=_tracking1711-3&aff_sub4=ALGO_bucket HTTP/1.1
Host: t.anmdr.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sun, 11 Dec 2022 01:37:11 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://t.anmdr.link/75077/8047/27898/?aff_sub4=_bucket&aff_sub=tracking1711-3&aff_sub2=55609&aff_sub3=wv0a1o90d3cdd93limdtvbqm&source=102014363dac667c195026144ba8bd&bo=2753,2754,2755,2756&aff_sub5=_tracking1711-3&aff_sub4=ALGO_bucket
X-Cache: Redirect from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6Uk5--CWFrdFHb86G62CUZf-_uZngBYOcydPUf4Gpu0ASTWNVa2fpg==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2584
Expires: Sun, 11 Dec 2022 02:20:15 GMT
Date: Sun, 11 Dec 2022 01:37:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19524
Expires: Sun, 11 Dec 2022 07:02:35 GMT
Date: Sun, 11 Dec 2022 01:37:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16417
Expires: Sun, 11 Dec 2022 06:10:48 GMT
Date: Sun, 11 Dec 2022 01:37:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 11 Dec 2022 01:08:28 GMT
content-type: application/json
age: 1723
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CfhlTMs5ZD0LXhTPM0aRtn0tZt+R8ilJQQZCd2Fs71vfcUzGXKf7QWxil0YS0ZRbKK2yo728zVk=
x-amz-request-id: 1GP9VW7ED7KGNE2D
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 11 Dec 2022 00:49:00 GMT
age: 2891
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Dec 2022 01:37:11 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
t.anmdr.link/75077/8047/27898/?aff_sub4=_bucket&aff_sub=tracking1711-3&aff_sub2=55609&aff_sub3=wv0a1o90d3cdd93limdtvbqm&source=102014363dac667c195026144ba8bd&bo=2753,2754,2755,2756&aff_sub5=_tracking1711-3&aff_sub4=ALGO_bucket
54.230.111.117303 See Other 530 B URL HTTP/2 t.anmdr.link/75077/8047/27898/?aff_sub4=_bucket&aff_sub=tracking1711-3&aff_sub2=55609&aff_sub3=wv0a1o90d3cdd93limdtvbqm&source=102014363dac667c195026144ba8bd&bo=2753,2754,2755,2756&aff_sub5=_tracking1711-3&aff_sub4=ALGO_bucket
IP 54.230.111.117:0
File type HTML document, ASCII text, with very long lines (530), with no line terminators
Hash 818b3a085f115b8a2ecc2beb6c037d97
d0ebb881a8e01a630050676699cfac7c5755efd6
b65b6867e4dd3be1e7c58c7b0c9343784a35a453754475d859f2c310123e3772
GET /75077/8047/27898/?aff_sub4=_bucket&aff_sub=tracking1711-3&aff_sub2=55609&aff_sub3=wv0a1o90d3cdd93limdtvbqm&source=102014363dac667c195026144ba8bd&bo=2753,2754,2755,2756&aff_sub5=_tracking1711-3&aff_sub4=ALGO_bucket HTTP/1.1
Host: t.anmdr.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 303 See Other
content-type: text/html; charset=utf-8
content-length: 530
location: https://t.crdefault.link/75077/1?aff_sub=tracking1711-3&aff_sub2=55609&aff_sub3=wv0a1o90d3cdd93limdtvbqm&aff_sub4=ALGO_bucket&aff_sub5=_tracking1711-3&source=102014363dac667c195026144ba8bd&bo=2753%2C2754%2C2755%2C2756
server: nginx/1.19.0
date: Sun, 11 Dec 2022 01:37:11 GMT
set-cookie: aff_ran_url_8047=27898; Path=/; Expires=Mon, 12 Dec 2022 01:37:11 GMT; Secure
enc_aff_session_8042=ENC03e8d568e786848fa14ddfedaf853b1d6990d855e183a920b5eeb0afa5a88190af59a19bc7ca917df2756bc5e850c383ee326fb7ed090d595425502f80d19f1a6cf1a76eac70eb8c888027c573cbf8912ce6a7e75608565a135bc4801d3cf17e542c24a8657627ee1342fdb8063cbccfa5b1e50e0ce07c47871328655e07a9a54713a2274221a23f0a1d78df870bf55ed318b6077cd3123005d90cbf445474467ce036acf1d43ad2d57f644d77739090b5160d40d9203269c017d3efeb227adffd0a977a27; Path=/; Expires=Wed, 11 Jan 2023 01:37:11 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Tue, 04 Nov 2025 12:17:11 GMT; Secure
tracking_id: 102e9bd879b702aa24207d0575ba2e
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7lW95bhgyuKrCQEOop16_4dWVTuyickHLU_lIttNBA6VBQ0A5-VCNw==
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 11 Dec 2022 01:07:55 GMT
age: 1756
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 71fde7760a32668e5c45ac47aadce5d3
217921e815faa8230db969a079ee582786350d5b
a9fbed3c276597d21e1888c140d74ecce9d1b8e96e1fa7489e4e9976b22485db
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=149767
Date: Sun, 11 Dec 2022 01:37:12 GMT
Etag: "6394da4f-1d7"
Expires: Mon, 12 Dec 2022 19:13:19 GMT
Last-Modified: Sat, 10 Dec 2022 19:13:19 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pZJQmcrk0m86oNd4MSond93cU3uOBPjZ9wWXPaEJrplRlyHetrr0qw==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 44d4574b46375a2d215ae74bc5eae610
5257ed3edeb56231a9bee921671bb2e0c566000e
923454b28e4fa10085df809768a75c2d9f58f104afa016c06ccca7a26479073b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3282
Cache-Control: max-age=116660
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 01:37:12 GMT
Etag: "63944c2a-1d7"
Expires: Mon, 12 Dec 2022 10:01:32 GMT
Last-Modified: Sat, 10 Dec 2022 09:06:50 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.187.187.233101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.187.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2vWsPLiSUdFlLEmEpSGQkw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HrmYU7io+wMUuc6hXtZPuorn6s4=
t.crdefault.link/75077/1?aff_sub=tracking1711-3&aff_sub2=55609&aff_sub3=wv0a1o90d3cdd93limdtvbqm&aff_sub4=ALGO_bucket&aff_sub5=_tracking1711-3&source=102014363dac667c195026144ba8bd&bo=2753%2C2754%2C2755%2C2756
54.230.111.38303 See Other 968 B URL HTTP/2 t.crdefault.link/75077/1?aff_sub=tracking1711-3&aff_sub2=55609&aff_sub3=wv0a1o90d3cdd93limdtvbqm&aff_sub4=ALGO_bucket&aff_sub5=_tracking1711-3&source=102014363dac667c195026144ba8bd&bo=2753%2C2754%2C2755%2C2756
IP 54.230.111.38:0
File type HTML document, ASCII text, with very long lines (968), with no line terminators
Hash 43ee2c33e47744366184355c3e05c4fe
3c5b5d49748ff469916ce9dacaf0cba5355d599a
21cb2b9ba3ec4fb5bbdd9db4011c8057ca80828302af4253d836219c90e7dad3
GET /75077/1?aff_sub=tracking1711-3&aff_sub2=55609&aff_sub3=wv0a1o90d3cdd93limdtvbqm&aff_sub4=ALGO_bucket&aff_sub5=_tracking1711-3&source=102014363dac667c195026144ba8bd&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: t.crdefault.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 303 See Other
content-type: text/html; charset=utf-8
content-length: 968
location: https://a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=tracking1711-3%3B102014363dac667c195026144ba8bd&affiliateID=44542&source=102f882dd553a587838e3b41b7b68c&subID2=75077&s2=102f882dd553a587838e3b41b7b68c&s3=tracking1711-3%3B102014363dac667c195026144ba8bd&s4=75077&url=1&affsub=tracking1711-3&affsource=102014363dac667c195026144ba8bd&aff_click_id=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756
server: nginx/1.19.0
date: Sun, 11 Dec 2022 01:37:12 GMT
set-cookie: enc_aff_session_3785=ENC03766387f10498d8aa45d7a8fc6711df1289835a016512d601588904fd0e20e98512a6964a0cfae2310051781dbd53b23fea172816c9a51f2c6bf140674fb51c1ebdf58ba546dbeec030fb32af929ccb23ac3143c769511be38fa4fe6aa3b251fd012c039eae4fc3dbf2bee6258a723b41e5100f824f02ca3fce7d8c98ef4072b32d31b24c07b9805e5a9f61cf1eb01e73217294022476e31a067ad927a927693e66409cc5189f67325d717adfc5bf0b86b5dc5190fcd8f6147226a27e6c337887c63815c9b69b20a2c37bc2bd9041744ebf1a7b7fe4fae38ea3cc77ca4c02517207ab328b; Path=/; Expires=Tue, 10 Dec 2024 01:37:12 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Tue, 04 Nov 2025 12:17:12 GMT; Secure
tracking_id: 102f882dd553a587838e3b41b7b68c
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tubkxSA7ABOchYSTQUA7ZQduyvd9va8hO1I8VzAIn6-dRn6D6LuqVg==
X-Firefox-Spdy: h2
a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=tracking1711-3%3B102014363dac667c195026144ba8bd&affiliateID=44542&source=102f882dd553a587838e3b41b7b68c&subID2=75077&s2=102f882dd553a587838e3b41b7b68c&s3=tracking1711-3%3B102014363dac667c195026144ba8bd&s4=75077&url=1&affsub=tracking1711-3&affsource=102014363dac667c195026144ba8bd&aff_click_id=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756
18.192.108.151302 Found 0 B URL HTTP/2 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=tracking1711-3%3B102014363dac667c195026144ba8bd&affiliateID=44542&source=102f882dd553a587838e3b41b7b68c&subID2=75077&s2=102f882dd553a587838e3b41b7b68c&s3=tracking1711-3%3B102014363dac667c195026144ba8bd&s4=75077&url=1&affsub=tracking1711-3&affsource=102014363dac667c195026144ba8bd&aff_click_id=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=tracking1711-3%3B102014363dac667c195026144ba8bd&affiliateID=44542&source=102f882dd553a587838e3b41b7b68c&subID2=75077&s2=102f882dd553a587838e3b41b7b68c&s3=tracking1711-3%3B102014363dac667c195026144ba8bd&s4=75077&url=1&affsub=tracking1711-3&affsource=102014363dac667c195026144ba8bd&aff_click_id=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: a.vfgtf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 11 Dec 2022 01:37:12 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=tracking1711-3%3B102014363dac667c195026144ba8bd&affiliateID=170910&source=102f882dd553a587838e3b41b7b68c&subID2=75077&target=&Site=&Bnr=ALGO&cid=wrcs7d30kp6k793l2359d9a0&affsource=102014363dac667c195026144ba8bd
pragma: no-cache
set-cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=FYFJoJxxuJ2znfA_-vBsqM4WT4DPfc94QH1yMy70Lyc; Max-Age=86400; Expires=Mon, 12-Dec-2022 01:37:12 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=2X63VBRnNhpg9ZFjtTM3EfALRtgPlgA%2FDykypys9INmWWnwgLyJte16ffQKYFH0%2F%2Bz%2FruSZuEkskGl8ozDVlENF1gKm371ZENK4VsRoU%2FWhCGzDGi99Cidh5yPtnO1FrpoM8ReZUkQOeqLIk0m6%2B1g%3D%3D; Max-Age=31536000; Expires=Mon, 11-Dec-2023 01:37:12 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=tracking1711-3%3B102014363dac667c195026144ba8bd&affiliateID=170910&source=102f882dd553a587838e3b41b7b68c&subID2=75077&target=&Site=&Bnr=ALGO&cid=wrcs7d30kp6k793l2359d9a0&affsource=102014363dac667c195026144ba8bd
18.192.108.151302 Found 0 B URL HTTP/2 a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=tracking1711-3%3B102014363dac667c195026144ba8bd&affiliateID=170910&source=102f882dd553a587838e3b41b7b68c&subID2=75077&target=&Site=&Bnr=ALGO&cid=wrcs7d30kp6k793l2359d9a0&affsource=102014363dac667c195026144ba8bd
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=tracking1711-3%3B102014363dac667c195026144ba8bd&affiliateID=170910&source=102f882dd553a587838e3b41b7b68c&subID2=75077&target=&Site=&Bnr=ALGO&cid=wrcs7d30kp6k793l2359d9a0&affsource=102014363dac667c195026144ba8bd HTTP/1.1
Host: a.vfgtc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 11 Dec 2022 01:37:12 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.anadm.link/170910/8373/0/?aff_sub=tracking1711-3%3B102014363dac667c195026144ba8bd&aff_sub2=75077&aff_sub3=wrcs7d30kp6k793li2aj0c0c&source=102f882dd553a587838e3b41b7b68c&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_102014363dac667c195026144ba8bd
pragma: no-cache
set-cookie: 2d2fb929-79a5-4a1c-840d-3f370da182b6-v4=CG6PRin4Q6y5Y4PzRwtVzP6Z6wPqJbg2WnocnlaOFX4; Max-Age=86400; Expires=Mon, 12-Dec-2022 01:37:12 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=1upOGV2k9TnEYCoTe54PetBlgEwG8kikkE7ybsWL2UtV59az5HwIXf59ELi54jZNTc3ANMTuj3xIyZvT3Y8qQUo7TX0%2FGx60UpPNjfRK7O5KjSoo2CNrIA5EkXKW3wr5L9rdD150NifcsbQTqcnaYQ%3D%3D; Max-Age=31536000; Expires=Mon, 11-Dec-2023 01:37:12 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
s.anadm.link/170910/8373/0/?aff_sub=tracking1711-3%3B102014363dac667c195026144ba8bd&aff_sub2=75077&aff_sub3=wrcs7d30kp6k793li2aj0c0c&source=102f882dd553a587838e3b41b7b68c&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_102014363dac667c195026144ba8bd
54.230.111.38303 See Other 608 B URL HTTP/2 s.anadm.link/170910/8373/0/?aff_sub=tracking1711-3%3B102014363dac667c195026144ba8bd&aff_sub2=75077&aff_sub3=wrcs7d30kp6k793li2aj0c0c&source=102f882dd553a587838e3b41b7b68c&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_102014363dac667c195026144ba8bd
IP 54.230.111.38:0
File type HTML document, ASCII text, with very long lines (608), with no line terminators
Hash e8cd579dfea83e162b1c94120f3af376
451d08b725fcd0aa71c6899ec701f35ffc3685fa
7f19a267fe8e336852dc8d5712768247c03ac433ddbfa4af49e6743f647b7cae
GET /170910/8373/0/?aff_sub=tracking1711-3%3B102014363dac667c195026144ba8bd&aff_sub2=75077&aff_sub3=wrcs7d30kp6k793li2aj0c0c&source=102f882dd553a587838e3b41b7b68c&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_102014363dac667c195026144ba8bd HTTP/1.1
Host: s.anadm.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 303 See Other
content-type: text/html; charset=utf-8
content-length: 608
location: https://t.crdefault.link/170910/1?aff_sub=tracking1711-3%3B102014363dac667c195026144ba8bd&aff_sub2=75077&aff_sub3=wrcs7d30kp6k793li2aj0c0c&aff_sub4=&aff_sub5=_102014363dac667c195026144ba8bd&source=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756
server: nginx/1.19.0
date: Sun, 11 Dec 2022 01:37:13 GMT
set-cookie: enc_aff_session_8353=ENC037f90b16de5d4b98d90dbd52a484b8d61f42ad56c73278591669d77985344612634833a6ab6644bb217f0de986b82ff184288b28e25872c0b50b6fc12f55fde7bb0aad3f3df9c8bad38d6d86b8c05fa0b4f9f2b264ee633b67130d6043d363b5c56cac11400565c192c106d7421344b892fa556aa89bfd1724b34ba0014adb9513e57c5f9017119261ad21c8daea43dda7337ce0ede3de2079c7ec591564f68f2e4935d34038b2982beec364d04193926f9da2f6563c11e1cb1b5f66cedaaa675647e68a205217e41e32aa8655008d1d8e08e0ed201aa40226f34b1781238dafa0e895900; Path=/; Expires=Wed, 11 Jan 2023 01:37:13 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Tue, 04 Nov 2025 12:17:13 GMT; Secure
tracking_id: 102c402b29a37fa8ead2d07442eb28
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c1Z0COhJ7tsO8tFAg1jJKywN8kiWxPHR0mBUeUG7M4I596hhMNjxaQ==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10376
Expires: Sun, 11 Dec 2022 04:30:09 GMT
Date: Sun, 11 Dec 2022 01:37:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10376
Expires: Sun, 11 Dec 2022 04:30:09 GMT
Date: Sun, 11 Dec 2022 01:37:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10376
Expires: Sun, 11 Dec 2022 04:30:09 GMT
Date: Sun, 11 Dec 2022 01:37:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7481895d-3e6a-4047-9ee9-709bebce857b.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7481895d-3e6a-4047-9ee9-709bebce857b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99e1633a5af6676e52612cb1680c3bc8
523e0ccfe1d43484045ed9b1cfa586e4705a0f90
71baf4e97d5ee341260e477f4949b255d4df30c9c0165180938dd6c74ecb20d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7481895d-3e6a-4047-9ee9-709bebce857b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5246
x-amzn-requestid: 9a7c964c-0a6a-4ca1-95d7-96e8d1f4b892
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c0KlaFSWIAMFnaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63918aef-247d5a8a25ba4dee567ea08d;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 06:57:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0yaDcNNLfet7XJNafUXvwqN-hQoHDBoYNEcePTc4g7PjNEGCUuSqw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 13:40:20 GMT
age: 43013
etag: "523e0ccfe1d43484045ed9b1cfa586e4705a0f90"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 05:47:56 GMT
age: 71357
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0c96af-c60d-4600-85fc-ee30b7a0c931.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0c96af-c60d-4600-85fc-ee30b7a0c931.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f01260130a9ea66e994137a2ac221122
85e58c55619e2cc855ff9dc5861e70be682bb247
987e83bd21ee86ba8384e5b28ab4e5536fc17c290d2e34f31734358208b246c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d0c96af-c60d-4600-85fc-ee30b7a0c931.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4526
x-amzn-requestid: 2010b576-860e-4cd6-9cd4-ae6559c4ce86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnB9BECioAMFyBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c49ec-6af9db536d1bdc560ae38f2c;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:19:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WZQS_dNx0de3xaOdC0FUWfvANbxs5JWguWlr7A8uwoOKChonCJosNQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 13:40:20 GMT
age: 43013
etag: "85e58c55619e2cc855ff9dc5861e70be682bb247"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef6b75d-8f79-40b3-b1dd-ab0caa833119.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef6b75d-8f79-40b3-b1dd-ab0caa833119.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b4cdf7ea5a907bcc30f80b24da0bfb1
4cd560ae03884699f3106a89964fa5f080032c27
bf99c79318c810799becd698b9b279ac32c8b5f613991d2522a6bc5bff3f80fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ef6b75d-8f79-40b3-b1dd-ab0caa833119.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9176
x-amzn-requestid: e3dc0128-ed9a-4ebb-8b42-6d07c16f9218
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cs2z4EmkIAMFldg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e9e7f-5a2bbb8815a56bf04816cece;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 01:44:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: axHVqcCbO7horByHHPR-Fz2R05MM227zZodZGpbTo4tFNrvlzIY48g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 04:11:43 GMT
age: 77130
etag: "4cd560ae03884699f3106a89964fa5f080032c27"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2020df3404a4b7c3e142af4a1330b848
2fe69b52fe03128e86550bf08474ecac82682384
37a52c158d5cfdf3589e19163cf446c02ce1466f444656080b02da82d2bcefae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6311
x-amzn-requestid: 46ccaee0-bde8-4be6-9dc8-46e3ae356dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xUYH10oAMF8Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc1b-2440251f06cb950a57489555;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SG-8rL_rUN3MpXHhkAaHmIqKf7mSHtv0kEAkBOAIPcqq755Qh-mc3Q==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:38:41 GMT
etag: "2fe69b52fe03128e86550bf08474ecac82682384"
content-type: image/jpeg
age: 14312
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e607fb9-3b45-4f46-968d-a76a818d4009.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e607fb9-3b45-4f46-968d-a76a818d4009.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6cbcb55932249b851120d1b591c185cc
fb6d83bd085bcfa24d4c1cfc8f0e2f07a5ac459c
6db4aafb8f6a181705d02fa5ad08655c32ad52b805a1c6e58637e5cbabaadee9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e607fb9-3b45-4f46-968d-a76a818d4009.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6674
x-amzn-requestid: 6c9af7f4-fb75-4418-a6fa-226fa1fe7795
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8UF3FdbIAMFuQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394cd58-4f3774f44b5c86846553a383;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 18:18:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pT0hLdl3ESoHmGsDPqXhBGUaxkefkdv_srecc473fKtNOzNWH3pwAw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 21:38:41 GMT
age: 14312
etag: "fb6d83bd085bcfa24d4c1cfc8f0e2f07a5ac459c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
t.crdefault.link/170910/1?aff_sub=tracking1711-3%3B102014363dac667c195026144ba8bd&aff_sub2=75077&aff_sub3=wrcs7d30kp6k793li2aj0c0c&aff_sub4=&aff_sub5=_102014363dac667c195026144ba8bd&source=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756
54.230.111.38303 See Other 384 B URL HTTP/2 t.crdefault.link/170910/1?aff_sub=tracking1711-3%3B102014363dac667c195026144ba8bd&aff_sub2=75077&aff_sub3=wrcs7d30kp6k793li2aj0c0c&aff_sub4=&aff_sub5=_102014363dac667c195026144ba8bd&source=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756
IP 54.230.111.38:0
File type HTML document, ASCII text, with very long lines (384), with no line terminators
Hash 78b0619c5c689b0e097e8987aa1e7f15
34107c8648a18c7cd0ebe91453c2510366a9bccd
5d6fa4e2a0a78503828a8725922a95af517e4c0c2bb4e43aa4ac21d9e5628de1
GET /170910/1?aff_sub=tracking1711-3%3B102014363dac667c195026144ba8bd&aff_sub2=75077&aff_sub3=wrcs7d30kp6k793li2aj0c0c&aff_sub4=&aff_sub5=_102014363dac667c195026144ba8bd&source=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: t.crdefault.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: enc_aff_session_3785=ENC03766387f10498d8aa45d7a8fc6711df1289835a016512d601588904fd0e20e98512a6964a0cfae2310051781dbd53b23fea172816c9a51f2c6bf140674fb51c1ebdf58ba546dbeec030fb32af929ccb23ac3143c769511be38fa4fe6aa3b251fd012c039eae4fc3dbf2bee6258a723b41e5100f824f02ca3fce7d8c98ef4072b32d31b24c07b9805e5a9f61cf1eb01e73217294022476e31a067ad927a927693e66409cc5189f67325d717adfc5bf0b86b5dc5190fcd8f6147226a27e6c337887c63815c9b69b20a2c37bc2bd9041744ebf1a7b7fe4fae38ea3cc77ca4c02517207ab328b; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 303 See Other
content-type: text/html; charset=utf-8
content-length: 384
location: http://opcams.wiredcircular.com/tools/landers/st/003osc/?a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756
server: nginx/1.19.0
date: Sun, 11 Dec 2022 01:37:13 GMT
set-cookie: enc_aff_session_3520=ENC036636880bb5e88be96b7da516063da154df85bd67850fe6eb4a5a192b072049eee124b3fe059f33c53ce0f1ca0c1cf070d86bda46190e7849a2a0d04122648bb2a37749460a606340485e0039fe7c638be811f095a40a35b8deb0a15336a05bb18816de73fa61e4b91974b57c4928e7e43b71d8fb3ad42ccf312fdcd31d7876a2f91e35e7c202eaa428d23028774b384ad2d9628455ae17217d830775db1181105be7d51cd6a902e8e04a717c80ccd6b248755cd299c4a811f64918ec304593ff412974d7773523a631514aba61af8303da02c0b087a4e66ef14046b8631d9c082930a22a; Path=/; Expires=Wed, 11 Jan 2023 01:37:13 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Tue, 04 Nov 2025 12:17:13 GMT; Secure
tracking_id: 1022644e6b750e15a433cc50b7777c
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Rt4r3rCfq7n4MRC5KPTw9oDO5T72H9qNo5RqtVQC9bTTVB6sJB4XYw==
X-Firefox-Spdy: h2
opcams.wiredcircular.com/tools/landers/st/003osc/?a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756
172.66.43.115301 Moved Permanently 0 B URL HTTP/1.1 opcams.wiredcircular.com/tools/landers/st/003osc/?a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756
IP 172.66.43.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tools/landers/st/003osc/?a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: opcams.wiredcircular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 11 Dec 2022 01:37:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 11 Dec 2022 02:37:13 GMT
Location: https://opcams.wiredcircular.com/tools/landers/st/003osc/?a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbB1KeMoLsBNXBSoQv3yWQMM7hMTP07%2F6i3e4DBreGG296f%2BsPsm0vFMQi0zChH6cvbW46ZxxQpjpIZfNO423%2FwLwrg3fTKskHuRLORzZ9%2FGgzJFGDtuREPjcfvikscENLQv9L%2FttbijOA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 777a7e6dcb390b4d-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 91bcfc89f4a36c9368de26c5e491f042
26a14ef9864f9f56e301e71bf42996ad2ab62d18
c492edf10c3ffac7694f341d05218a4293ae3bf7b1ea4a70276cea5d55a6c728
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=131376
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 01:37:13 GMT
Etag: "63949279-118"
Expires: Mon, 12 Dec 2022 14:06:49 GMT
Last-Modified: Sat, 10 Dec 2022 14:06:49 GMT
Server: nginx
Content-Length: 280
opcams.wiredcircular.com/tools/landers/st/003osc/?a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756
172.66.40.141200 OK 20 kB URL HTTP/2 opcams.wiredcircular.com/tools/landers/st/003osc/?a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756
IP 172.66.40.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58455), with CRLF, LF line terminators
Hash bb939501fadf49a82c3978bc773e4d5b
bea2c187629e9eabc97663dcbb5f6bb2e31a3025
de63a1e6854e5290af3d4377278356fc0ace40cfadb70a6caa08f36472bd930d
GET /tools/landers/st/003osc/?a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: opcams.wiredcircular.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 11 Dec 2022 01:37:14 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBAsIZqGnZVZwJplQg4HayiKf82Rx2johHr2rVR11hz23QCoV%2F4FJUUuJn%2F%2Bw3L%2Fm1ZY51XxLujW0xtW7ynhB5obk4e2N9fmRFvMHpBCnvRwpbnK3TEk8n5s7YoL6%2FEZNB9RQ%2FbhHS%2Fmnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 777a7e6e5d2b0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 134e6e2dd7e9b8c65ec088381b1dbc75
950ad0d65474f2af97192d61de7bde8d82862956
8ba6a3ab77a1c0799ea7c8fcb45fc45aa257761972b8685092bb1e8ec0ef8374
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2807
Cache-Control: max-age=108650
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 01:37:14 GMT
Etag: "63942ebd-118"
Expires: Mon, 12 Dec 2022 07:48:04 GMT
Last-Modified: Sat, 10 Dec 2022 07:01:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.js
104.17.25.14200 OK 62 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.js
IP 104.17.25.14:0
Hash 84b689db9e0c86bca565318262e41202
865ffdfeefcd016aead44db2f0084472162b3da6
34a4bdba092f8d52c12246033c20a5b9417c4a9c4777278366df086472d69e55
GET /ajax/libs/jquery/2.1.3/jquery.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Dec 2022 01:37:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 61648
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-3c65b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4526377
expires: Fri, 01 Dec 2023 01:37:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2b3tqCGPP4VWc095qHbaPL0UAfxPJLq5XibQc%2FE1eJN0Luh4DBGWlRKS1kGoBqJgdIvg1CndiA20gFqvIHHoF7RqcaV0uwppeXVR6qr66dVORKBRyBiCHG%2B87shQlt54beD4UFOT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 777a7e74488a0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 134e6e2dd7e9b8c65ec088381b1dbc75
950ad0d65474f2af97192d61de7bde8d82862956
8ba6a3ab77a1c0799ea7c8fcb45fc45aa257761972b8685092bb1e8ec0ef8374
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2807
Cache-Control: max-age=108650
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 01:37:14 GMT
Etag: "63942ebd-118"
Expires: Mon, 12 Dec 2022 07:48:04 GMT
Last-Modified: Sat, 10 Dec 2022 07:01:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
ocsp2.globalsign.com/gsalphasha2g2
151.101.2.133200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 151.101.2.133:0
Hash 748568c9ad3a6b2ceaab8260b09bee84
d5c30a6bf7d985c3a47f953abda551d63f9eb738
78e4ebf94526b520db956754c7c3e7f995ad00b6de61fb751e961dc33862d1af
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1423
Server: nginx
Content-Type: application/ocsp-response
Expires: Thu, 15 Dec 2022 01:09:20 GMT
ETag: "d5c30a6bf7d985c3a47f953abda551d63f9eb738"
Last-Modified: Sun, 11 Dec 2022 01:09:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 11 Dec 2022 01:37:15 GMT
Age: 1674
X-Served-By: cache-qpg1260-QPG, cache-bma1643-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 2, 0
X-Timer: S1670722635.084788,VS0,VE383
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 5.3 kB IP 142.250.74.131:0
Hash 74f26cd5bc8ca8c635c53b8392fbe2bd
66ec3219970f859155c5a915b0a4bddaf03b04df
86307e8a51c9f951128262499511d03b057faa647d0f35b7d47e1e3c3af4541d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 01:37:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700
142.250.74.74200 OK 11 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700
IP 142.250.74.74:0
Hash cbf37d7512ccacd231c362403d502136
9f59096eb9a64ca02d801b14f7239c46a9553c89
f5f7d92c6bbea1739c441763afaa0410075e069ba422d77d2cd6adba650cd00c
GET /css?family=Open+Sans+Condensed:300,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 Dec 2022 01:37:15 GMT
date: Sun, 11 Dec 2022 01:37:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 01:37:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14964, version 1.0\012- data
Hash 44b4e1e6aecc684d11fe7501dd36df19
59e2710168a0d6889a24eaaa5134114f7e258461
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://opcams.wiredcircular.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 05:48:41 GMT
expires: Fri, 08 Dec 2023 05:48:41 GMT
cache-control: public, max-age=31536000
age: 244114
last-modified: Tue, 19 Apr 2022 18:08:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 01:37:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
geoip.joinsafelyonline.com/
163.171.128.172200 OK 17 kB URL HTTP/2 geoip.joinsafelyonline.com/
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
Hash 38521d7408cb7112d572855251da3aac
e796a02c00fcf30c3b02e8d298186d0ee9f4e287
4c24c238834093e786427902a170824bbbae6f0075c0cc6e72294f5c9cfb9378
GET / HTTP/1.1
Host: geoip.joinsafelyonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Dec 2022 01:37:15 GMT
content-type: application/javascript
server: waf/4.32.3-0.el6
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-via: 1.1 PS-DFW-01gGZ147:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
x-ws-request-id: 6395344b_PSdgflkfFRA1gi91_24409-53479
set-cookie: HMF_CI=fe3f386cb2bc71fed86a832644bff6e4216f534a0a1660c37412b0b094ea97613ff2893007c76bb525fa10189938f3162a53eb270eb6c98ee455ed861b6d6b4bd3; Expires=Tue, 10-Jan-23 01:37:15 GMT; Path=/
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 01:37:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48be06fda380c441d0362900d3af185f
7ed5d770120b1962596d1a8e268f3c512a375383
4a58968fe3f94fd32e941cc0ca4af09fdbc5a73ef9dfcd4ea3b57aa7a110a2a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A58968FE3F94FD32E941CC0CA4AF09FDBC5A73EF9DFCD4EA3B57AA7A110A2A3"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16603
Expires: Sun, 11 Dec 2022 06:14:00 GMT
Date: Sun, 11 Dec 2022 01:37:17 GMT
Connection: keep-alive
syflht.com/user/?ofid=30&a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756&a_sid=102f882dd553a587838e3b41b7b68c&sitekey=5a2410f3866ac291&rtr=1&rtid=71193532805
207.120.33.45200 OK 28 kB URL HTTP/2 syflht.com/user/?ofid=30&a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756&a_sid=102f882dd553a587838e3b41b7b68c&sitekey=5a2410f3866ac291&rtr=1&rtid=71193532805
IP 207.120.33.45:0
Hash 36406f72d3e3d3f45c940cc0d2c26175
f68c6e830bb25dc38e320c05ff58b596aa9ca5b5
13f833317f58e63e26b8f34cf559959e81d8fac6ddd0979c95f1ae6a1c08af2b
GET /user/?ofid=30&a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756&a_sid=102f882dd553a587838e3b41b7b68c&sitekey=5a2410f3866ac291&rtr=1&rtid=71193532805 HTTP/1.1
Host: syflht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://opcams.wiredcircular.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Dec 2022 01:37:17 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=f294dab8affa0c0262ee0a49be007310; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 19973445
age: 0
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Miss
section-io-id: 594bae3fcfe942e657048e258e27849a
X-Firefox-Spdy: h2
js-agent.newrelic.com/775.2d6a2503-1220.js
151.101.2.137200 OK 632 B URL HTTP/2 js-agent.newrelic.com/775.2d6a2503-1220.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (1169)
Hash 661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: n5W3M8HU3EdwDhPARC2iiAf1as95kdLfrN2+qdL0W35SMVzIqjIlMR9W7ck8oTAzeIw6lrJi5fM=
x-amz-request-id: VK0MRM6MJ78HXF3Y
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Dec 2022 01:37:18 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 273
x-timer: S1670722638.216960,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
joinsafelyonline.com/routes/?ofid=30&a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756&a_sid=102f882dd553a587838e3b41b7b68c
163.171.128.172302 Found 3.4 kB URL HTTP/2 joinsafelyonline.com/routes/?ofid=30&a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756&a_sid=102f882dd553a587838e3b41b7b68c
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
File type gzip compressed data, from Unix\012- data
Hash b9baa2cb6a3b1a3d0fda03cd7db51631
42d37467e05182e3cab2fcb54577dc462adcf50b
31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822
GET /routes/?ofid=30&a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756&a_sid=102f882dd553a587838e3b41b7b68c HTTP/1.1
Host: joinsafelyonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 11 Dec 2022 01:37:16 GMT
content-type: text/html; charset=UTF-8
server: waf/4.32.3-0.el6
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://syflht.com/user/?ofid=30&a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756&a_sid=102f882dd553a587838e3b41b7b68c&sitekey=5a2410f3866ac291&rtr=1&rtid=71193532805
x-via: 1.1 PS-SJC-011UH181:2 (Cdn Cache Server V2.0), 1.1 kf230:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:15 (Cdn Cache Server V2.0)
x-ws-request-id: 6395344b_PSdgflkfFRA1gi91_24409-53494
set-cookie: PHPSESSID=d73b08262d5a1250618ef4b9a54e767e; path=/; secure; SameSite=None
HMF_CI=fd1ff90cbb4b016de693ebaf26cdb4f41860ef25a422b2e289dcd7b7c1b6713916f9c6657899609f6d123a8915ac139d0dfffb26cd1cec2fc83680a93596e9153c; Expires=Tue, 10-Jan-23 01:37:16 GMT; Path=/
X-Firefox-Spdy: h2
js-agent.newrelic.com/368.2d6a2503-1220.js
151.101.2.137200 OK 1.4 kB URL HTTP/2 js-agent.newrelic.com/368.2d6a2503-1220.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (3382)
Hash fa50a55750d1d0978fca32be5dbc3988
a7f447621d48b3ecf7fc0192b515d506d3d1ad18
c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20
GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: kwoAxcBtx2IMbi3IHVdur3TxF/StXF2YgQ/J5F/J0LqxQRcevbbS10v8PBtCq89jFlCdbzEZt0Y=
x-amz-request-id: VK0S7FDBAB0EX9VY
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Dec 2022 01:37:18 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 269
x-timer: S1670722638.221276,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2
js-agent.newrelic.com/768.2d6a2503-1220.js
151.101.2.137200 OK 2.2 kB URL HTTP/2 js-agent.newrelic.com/768.2d6a2503-1220.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (5523)
Hash 98a96a3306b7723c0b8c4bff074cdd9f
e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7
GET /768.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: YghQGw//W98CcE+uLEc2bIpyY1zfBy1cvSl3ZbHItGIBbBbjBYrgjjDhKdNnyagoNGaVfLpI2xM=
x-amz-request-id: VK0XNZM280HMN60Q
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "d6cc8b42eda6fd7734014b03b87b5787"
x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Dec 2022 01:37:18 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 270
x-timer: S1670722638.221374,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2225
X-Firefox-Spdy: h2
js-agent.newrelic.com/790.2d6a2503-1220.js
151.101.2.137200 OK 6.1 kB URL HTTP/2 js-agent.newrelic.com/790.2d6a2503-1220.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (17591)
Hash b3193d37837e2f200e10db13deff83a9
d8577b8a972583e81cfd8e31436dcd039aa049b2
5ba2e421fa78af3094294f4f8e30ba63225537da3ad68e35fbab63b2d22a0288
GET /790.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: veWtlyFq4FXZZ3C91QZ1ydEfJVdBNkWk12lPeQHXsOtJd4oL/94W2O+vIrequr5Q4TsFmN49oJA=
x-amz-request-id: VK0VJC72617ZJQFB
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "af8c077a247e90dff929d7af81c94f57"
x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Dec 2022 01:37:18 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 135
x-timer: S1670722638.226907,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 6064
X-Firefox-Spdy: h2
js-agent.newrelic.com/39.2d6a2503-1220.js
151.101.2.137200 OK 2.8 kB URL HTTP/2 js-agent.newrelic.com/39.2d6a2503-1220.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (7169)
Hash a0a406e7bdf3e14f047e46bcea27640c
c1fbc88d260f16a092c1b7b0e58e4291401478e8
2309d4e82574d5402ec3454a76051987336fe3b4e4d546f6565a3a443c6d4049
GET /39.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: YVIhZ0s+kfqfyw3/OOPaabzaoXb/XwD4VELrgCLiMtI8cGCxgyDD6Y3bdLzWtK9lY7b2Y9dtVwM=
x-amz-request-id: VK0GJZ5NDAT42H61
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "0448380a8f2cd0426bbdf04dd45b5408"
x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Dec 2022 01:37:18 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 180
x-timer: S1670722638.228582,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2755
X-Firefox-Spdy: h2
js-agent.newrelic.com/0.2d6a2503-1220.js
151.101.2.137200 OK 2.3 kB URL HTTP/2 js-agent.newrelic.com/0.2d6a2503-1220.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (5198)
Hash 852267b16c136b977ccd94900c6c6308
e013e1b2c6de5b625ebbfe2e7cf3cfb09cee6c16
9bb09a133a1b33e9cecb06aa44e1ea67b3ad4ea74df5c6a89b1580064364cced
GET /0.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: yaLgSlI/o1YgPR64REKW7tJGngFFiymXOCq3qvC8FibvMh/NPjIov1s2Y43sA3Nk7dOb/Jeu8n0=
x-amz-request-id: VK0HGZZCMTDZKH5X
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Dec 2022 01:37:18 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 180
x-timer: S1670722638.228739,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2349
X-Firefox-Spdy: h2
js-agent.newrelic.com/571.2d6a2503-1220.js
151.101.2.137200 OK 1.1 kB URL HTTP/2 js-agent.newrelic.com/571.2d6a2503-1220.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (2412)
Hash d392a55faa7a0a2a43781a495891c9aa
1998ba6f85354606c186fa1a29285676f0b596f0
33b4cb21373961aa88430ff72406d46e95ceddf50afc086598ea5bdc3a311815
GET /571.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Yb3onr5wgE7GyebmH4WnkKwnI2MQKfjQMqMso3BN0Y71/Vtt12keZBjkbAuB5UJTI/GRzVXSccI=
x-amz-request-id: VK0WTM9PM29FXD43
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "04b00905b32fd8d29459545bc125cff6"
x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Dec 2022 01:37:18 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 180
x-timer: S1670722638.231600,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1108
X-Firefox-Spdy: h2
js-agent.newrelic.com/820.2d6a2503-1220.js
151.101.2.137200 OK 3.0 kB URL HTTP/2 js-agent.newrelic.com/820.2d6a2503-1220.js
IP 151.101.2.137:0
File type ASCII text, with very long lines (7460)
Hash 7d1295a839190615b34d5a62acceee4f
eef26f5c6d2ae14cb81b3a9b669da224faceacd0
4d59d58f31b6638fbc3792a0b5fddca6e8eafc19a0c9e9aabadb5ad4d9197198
GET /820.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: FgITvf3WklEMWkZwakon8gl0N9aTQ94pdNptn966xzqmGm/5HblQmQGcNcywcu4tvf5sbwoyl9E=
x-amz-request-id: VK0ZG74SYEQQ4TER
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "897a1a72a47e4f4a24c05aec49af638f"
x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 11 Dec 2022 01:37:18 GMT
via: 1.1 varnish
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 181
x-timer: S1670722638.232396,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2979
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.138200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://syflht.com
Connection: keep-alive
Referer: https://syflht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 06:48:11 GMT
expires: Thu, 07 Dec 2023 06:48:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 326947
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 01:37:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
152.199.19.160200 OK 12 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (32405)
Hash 29aaadd88feae1cc97337661a34bb99f
bf5c684d3c1dbeb119557404136ba91ae45d07b5
d4af778947d9005af87a62b411f328d3512edc6f9594ee46f0a34a57e6ef3c95
GET /ajax/bootstrap/3.3.2/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://syflht.com
Connection: keep-alive
Referer: https://syflht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 30075048
cache-control: public,max-age=31536000
content-type: application/javascript
date: Sun, 11 Dec 2022 01:37:18 GMT
etag: "194598e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:58 GMT
server: ECAcc (ska/F68B)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 12247
X-Firefox-Spdy: h2
syflht.com/common_tpls/images/ajax-loader.gif
207.120.33.45200 OK 3.2 kB URL HTTP/2 syflht.com/common_tpls/images/ajax-loader.gif
IP 207.120.33.45:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash be1cede97289c13920048f238fd37b85
313b867d11fc0dd6bc6ca47c334bbcf18956ca76
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
GET /common_tpls/images/ajax-loader.gif HTTP/1.1
Host: syflht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syflht.com/user/?SID=f294dab8affa0c0262ee0a49be007310
Cookie: PHPSESSID=f294dab8affa0c0262ee0a49be007310
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Dec 2022 01:37:18 GMT
content-type: image/gif
content-length: 3208
last-modified: Mon, 07 Oct 2013 22:49:23 GMT
etag: "52533a73-c88"
section-io-cache-id: 6510a5c1f8add5de1f22b1c2437fc696
x-varnish: 19943003 20066694
age: 4511
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 5ee711d9d60a37145cf306a5cbac5888
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-208173773-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-208173773-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash c754d4628e5bba28de9d8aa29465c4f7
f68fc8682f3d1e85d83b8396162b2f1ee4accf73
fa7b995fe664440046634976031c1009e76e444999d95c9eeb3e764ad94c4248
GET /gtag/js?id=UA-208173773-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syflht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 11 Dec 2022 01:37:18 GMT
expires: Sun, 11 Dec 2022 01:37:18 GMT
cache-control: private, max-age=900
last-modified: Sun, 11 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43577
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syflht.com/common_tpls/compact/css/oscams.css
207.120.33.45200 OK 27 kB URL HTTP/2 syflht.com/common_tpls/compact/css/oscams.css
IP 207.120.33.45:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2ec9814dd2538715d36edffb20bd468c
116626ce5d0490728d6c94d5427ad04342eb927a
10e19db4bbc248e58423ff6c5374c59694e790264d565d89a499f0577bbacefb
GET /common_tpls/compact/css/oscams.css HTTP/1.1
Host: syflht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syflht.com/user/?SID=f294dab8affa0c0262ee0a49be007310
Cookie: PHPSESSID=f294dab8affa0c0262ee0a49be007310
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Dec 2022 01:37:18 GMT
content-type: text/css
content-length: 26947
last-modified: Wed, 16 Dec 2015 18:26:49 GMT
etag: "5671ace9-20525"
content-encoding: gzip
vary: Accept-Encoding
section-io-cache-id: 010574a364e964c913a7ae51e1c0f9ec
x-varnish: 5564712 6345178
age: 1182
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 94be163559ff926c04c8a81ad78cb0f7
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 11 Dec 2022 01:37:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1RQC0RSTVgPAlwZGBMMEw%3D%3D&rst=7210&ck=0&s=75fa58a29fc60e20&ref=https://opcams.wiredcircular.com/tools/landers/st/003osc/&ap=19&be=3817&fe=3265&dc=824&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670722629670,%22n%22:0,%22f%22:2856,%22dn%22:2859,%22dne%22:2859,%22c%22:2859,%22s%22:2862,%22ce%22:2919,%22rq%22:2919,%22rp%22:3760,%22rpe%22:3760,%22dl%22:3768,%22di%22:4636,%22ds%22:4641,%22de%22:4648,%22dc%22:7081,%22l%22:7081,%22le%22:7087%7D,%22navigation%22:%7B%7D%7D&fcp=4664&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1RQC0RSTVgPAlwZGBMMEw%3D%3D&rst=7210&ck=0&s=75fa58a29fc60e20&ref=https://opcams.wiredcircular.com/tools/landers/st/003osc/&ap=19&be=3817&fe=3265&dc=824&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670722629670,%22n%22:0,%22f%22:2856,%22dn%22:2859,%22dne%22:2859,%22c%22:2859,%22s%22:2862,%22ce%22:2919,%22rq%22:2919,%22rp%22:3760,%22rpe%22:3760,%22dl%22:3768,%22di%22:4636,%22ds%22:4641,%22de%22:4648,%22dc%22:7081,%22l%22:7081,%22le%22:7087%7D,%22navigation%22:%7B%7D%7D&fcp=4664&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1RQC0RSTVgPAlwZGBMMEw%3D%3D&rst=7210&ck=0&s=75fa58a29fc60e20&ref=https://opcams.wiredcircular.com/tools/landers/st/003osc/&ap=19&be=3817&fe=3265&dc=824&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670722629670,%22n%22:0,%22f%22:2856,%22dn%22:2859,%22dne%22:2859,%22c%22:2859,%22s%22:2862,%22ce%22:2919,%22rq%22:2919,%22rp%22:3760,%22rpe%22:3760,%22dl%22:3768,%22di%22:4636,%22ds%22:4641,%22de%22:4648,%22dc%22:7081,%22l%22:7081,%22le%22:7087%7D,%22navigation%22:%7B%7D%7D&fcp=4664&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 01:37:18 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 777a7e894c90b506-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 834c75f4ed922211b3eaad9777d86a52
facd409b8de16700c0c372139b074a80b5aea1ab
a3ecd2277b74044cfcb432bac2f7e37f37508c7aa49ca45e3a4551a4ff4ca9df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3ECD2277B74044CFCB432BAC2F7E37F37508C7AA49CA45E3A4551A4FF4CA9DF"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6782
Expires: Sun, 11 Dec 2022 03:30:21 GMT
Date: Sun, 11 Dec 2022 01:37:19 GMT
Connection: keep-alive
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1RQC0RSTVgPAlwZGBMMEw%3D%3D&rst=7960&ck=0&s=75fa58a29fc60e20&ref=https://opcams.wiredcircular.com/tools/landers/st/003osc/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1RQC0RSTVgPAlwZGBMMEw%3D%3D&rst=7960&ck=0&s=75fa58a29fc60e20&ref=https://opcams.wiredcircular.com/tools/landers/st/003osc/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYThJWDloQSw8FWVUHQxJJShUZU1RQC0RSTVgPAlwZGBMMEw%3D%3D&rst=7960&ck=0&s=75fa58a29fc60e20&ref=https://opcams.wiredcircular.com/tools/landers/st/003osc/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 209
Origin: https://opcams.wiredcircular.com
Connection: keep-alive
Referer: https://opcams.wiredcircular.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 01:37:19 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 777a7e8ddf8fb506-OSL
Access-Control-Allow-Origin: https://opcams.wiredcircular.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syflht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 11 Dec 2022 00:41:08 GMT
expires: Sun, 11 Dec 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 3371
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syflht.com/user/trk/?rtid=71193532805
207.120.33.45200 OK 21 B URL HTTP/2 syflht.com/user/trk/?rtid=71193532805
IP 207.120.33.45:0
File type JSON data\012- , ASCII text, with no line terminators
Hash db7975dad9b1ef180e760d931d38eb51
eeb480cf0cb0b64a8344f77e5bb076273354c677
56c2e6d2749863ff7d080698c4f12d7d2ebc484b527bc026bec53819a694e16f
GET /user/trk/?rtid=71193532805 HTTP/1.1
Host: syflht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6IjlkMzAwNTc0YmM5N2JlOTQiLCJ0ciI6IjM0NGU3YTZmMWZjMzY0MmQ1M2QxNjQyZDk3NWNmMWIwIiwidGkiOjE2NzA3MjI2MzgwMTB9fQ==
traceparent: 00-344e7a6f1fc3642d53d1642d975cf1b0-9d300574bc97be94-01
tracestate: 3355250@nr=0-1-3355250-1103078842-9d300574bc97be94----1670722638010
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://syflht.com/user/?SID=f294dab8affa0c0262ee0a49be007310
Cookie: PHPSESSID=f294dab8affa0c0262ee0a49be007310
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Dec 2022 01:37:19 GMT
content-type: text/json;charset=UTF-8
content-length: 21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 9511730
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 8dc17d946ccc472dc060fac7f014b199
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1521&ck=0&s=335c63e534669a45&ref=https://syflht.com/user/&ap=166&be=487&fe=958&dc=737&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670722636759,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:8,%22rp%22:364,%22rpe%22:364,%22dl%22:368,%22di%22:1209,%22ds%22:1223,%22de%22:1228,%22dc%22:1444,%22l%22:1444,%22le%22:1449%7D,%22navigation%22:%7B%7D%7D&fcp=1238&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1521&ck=0&s=335c63e534669a45&ref=https://syflht.com/user/&ap=166&be=487&fe=958&dc=737&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670722636759,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:8,%22rp%22:364,%22rpe%22:364,%22dl%22:368,%22di%22:1209,%22ds%22:1223,%22de%22:1228,%22dc%22:1444,%22l%22:1444,%22le%22:1449%7D,%22navigation%22:%7B%7D%7D&fcp=1238&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=1521&ck=0&s=335c63e534669a45&ref=https://syflht.com/user/&ap=166&be=487&fe=958&dc=737&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670722636759,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22s%22:0,%22ce%22:0,%22rq%22:8,%22rp%22:364,%22rpe%22:364,%22dl%22:368,%22di%22:1209,%22ds%22:1223,%22de%22:1228,%22dc%22:1444,%22l%22:1444,%22le%22:1449%7D,%22navigation%22:%7B%7D%7D&fcp=1238&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syflht.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 01:37:20 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 777a7e91e98bb506-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2066&ck=0&s=335c63e534669a45&ref=https://syflht.com/user/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2066&ck=0&s=335c63e534669a45&ref=https://syflht.com/user/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=2066&ck=0&s=335c63e534669a45&ref=https://syflht.com/user/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 286
Origin: https://syflht.com
Connection: keep-alive
Referer: https://syflht.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 11 Dec 2022 01:37:20 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 777a7e954b56b506-OSL
Access-Control-Allow-Origin: https://syflht.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31aca93e-2858-4933-b847-8f2f94143051.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31aca93e-2858-4933-b847-8f2f94143051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8fb99efffa43a89258e8f6fa88b57b3d
af9e7836bb609a2fa5ada07bb46a547f007a70ac
117238c7ac845cb0b65576ea779bb64e6f93ea715eaa2df5a05338743646839c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31aca93e-2858-4933-b847-8f2f94143051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9385
x-amzn-requestid: c465c6db-4228-4455-b5d5-0b6bec43928c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xkmGn7oAMFTnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc83-1903b69055c1d5bc70c3adea;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:39:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lKEDn3cnl_JvdDKPiGN8h0w_O87ehwY0yn6NqZFNFejYsiDBRxO3NA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Dec 2022 22:03:46 GMT
age: 12814
etag: "af9e7836bb609a2fa5ada07bb46a547f007a70ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
syflht.com/user/?SID=f294dab8affa0c0262ee0a49be007310
207.120.33.45200 OK 0 B URL HTTP/2 syflht.com/user/?SID=f294dab8affa0c0262ee0a49be007310
IP 207.120.33.45:0
Analyzer Verdict Alert fortinet Phishing
GET /user/?SID=f294dab8affa0c0262ee0a49be007310 HTTP/1.1
Host: syflht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syflht.com/user/?ofid=30&a_aid=f5a31893&a_bid=1789942b&x_agentid=102f882dd553a587838e3b41b7b68c&bo=2753%2C2754%2C2755%2C2756&a_sid=102f882dd553a587838e3b41b7b68c&sitekey=5a2410f3866ac291&rtr=1&rtid=71193532805
Cookie: PHPSESSID=f294dab8affa0c0262ee0a49be007310
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Dec 2022 01:37:18 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=f294dab8affa0c0262ee0a49be007310; path=/; secure; SameSite=None
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 9670553
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: de4e5190366dd6281dcb209f112d5a63
X-Firefox-Spdy: h2
syflht.com/common_tpls/js/iframeResizer.contentWindow.min.js
207.120.33.45200 OK 0 B URL HTTP/2 syflht.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP 207.120.33.45:0
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: syflht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syflht.com/user/?SID=f294dab8affa0c0262ee0a49be007310
Cookie: PHPSESSID=f294dab8affa0c0262ee0a49be007310
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Dec 2022 01:37:18 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 1369da7f70a55854758f67d2afdd7c8c
x-varnish: 18047262 19229466
age: 4632
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 9d96427b3a034ed3a5735275c90757a5
X-Firefox-Spdy: h2
syflht.com/common_tpls/js/validate_form_v2.js?jsv=24
207.120.33.45200 OK 0 B URL HTTP/2 syflht.com/common_tpls/js/validate_form_v2.js?jsv=24
IP 207.120.33.45:0
Analyzer Verdict Alert fortinet Phishing
GET /common_tpls/js/validate_form_v2.js?jsv=24 HTTP/1.1
Host: syflht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syflht.com/user/?SID=f294dab8affa0c0262ee0a49be007310
Cookie: PHPSESSID=f294dab8affa0c0262ee0a49be007310
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Dec 2022 01:37:18 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 21:07:07 GMT
etag: W/"63618a7b-614a"
section-io-cache-id: b51834fc31fc270c361a0781d4e5f968
x-varnish: 18047261 20002768
age: 4612
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 56b70535c9ab5915ffc5fa30b67d2765
X-Firefox-Spdy: h2
syflht.com/common_tpls/js/form_support.js?v=1516308712
207.120.33.45200 OK 0 B URL HTTP/2 syflht.com/common_tpls/js/form_support.js?v=1516308712
IP 207.120.33.45:0
GET /common_tpls/js/form_support.js?v=1516308712 HTTP/1.1
Host: syflht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syflht.com/user/?SID=f294dab8affa0c0262ee0a49be007310
Cookie: PHPSESSID=f294dab8affa0c0262ee0a49be007310
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 11 Dec 2022 01:37:18 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Nov 2022 21:23:38 GMT
etag: W/"6377f7da-ed7"
section-io-cache-id: d5b9afada4a8e1ad3e8ff8647a05e5f4
x-varnish: 9864584 3253352
age: 19540
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: f7b4417fefa049500363bd7f203fb5e0
X-Firefox-Spdy: h2