Overview

URLlocked2.com/cl/i/99p71w
IP 23.22.126.183 (United States)
ASN#14618 AMAZON-AES
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-18 18:33:05 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (17)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
fonts.gstatic.com (3) 0 2014-09-09 00:40:21 UTC 2022-11-18 14:58:55 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
locked2.com (4) 0 2019-04-25 07:37:13 UTC 2022-11-18 06:57:49 UTC 23.22.126.183 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.41.201.177
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-18 14:58:55 UTC 142.250.74.10
js-agent.newrelic.com (10) 378 2018-06-22 04:15:37 UTC 2020-05-01 11:44:04 UTC 151.101.86.137
ocsp.pki.goog (5) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
ocsp.usertrust.com (1) 899 2012-05-21 15:43:18 UTC 2021-11-02 18:02:09 UTC 172.64.155.188
r3.o.lencr.org (8) 344 No data No data 23.36.77.32
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-18 05:29:52 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
bam.nr-data.net (1) 630 2015-02-10 00:06:27 UTC 2022-05-19 12:27:58 UTC 162.247.241.14
ws-us2.pusher.com (1) 9765 2018-11-21 18:48:45 UTC 2019-11-11 16:50:49 UTC 13.59.10.190
d3qilfrpqzfrg4.cloudfront.net (1) 0 2022-11-09 02:18:24 UTC 2022-11-18 11:46:17 UTC 54.230.245.73 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-18 05:27:45 UTC 34.117.237.239
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
stats.pusher.com (1) 6524 2013-02-08 01:32:41 UTC 2020-05-04 08:02:15 UTC 3.220.126.28

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-18 2 locked2.com/cl/i/99p71w Phishing
2022-11-18 2 locked2.com/cl/i/99p71w Phishing
2022-11-18 2 locked2.com/cl/v/99p71w Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 23.22.126.183
Date UQ / IDS / BL URL IP
2023-01-09 21:29:07 +0000 0 - 0 - 2 verifyuser.org/cl/v/dvwpow 23.22.126.183
2023-01-07 17:34:21 +0000 0 - 0 - 3 appinstallcheck.com/cl/i/klxn98 23.22.126.183
2023-01-03 21:39:19 +0000 0 - 0 - 0 downloadlocked.com/cl/i/wogqmm?aff_sub4=&aff_sub5= 23.22.126.183
2022-12-03 05:09:19 +0000 0 - 0 - 3 locked1.com/cl/i/8d5r3k 23.22.126.183
2022-11-27 13:59:05 +0000 0 - 0 - 3 verifysuper.com/cl/i/41lj5 23.22.126.183


Last 5 reports on ASN: AMAZON-AES
Date UQ / IDS / BL URL IP
2023-01-26 22:07:22 +0000 0 - 1 - 0 delvepoint.com/Luna/searchTypes/SSN01/65da1dc (...) 18.211.252.130
2023-01-26 22:07:19 +0000 0 - 2 - 0 delvepoint.com/Luna/searchTypes/SSN01/65da1dc (...) 3.223.104.77
2023-01-26 22:07:19 +0000 0 - 2 - 0 delvepoint.com/Luna/searchTypes/SSN01/65da1dc (...) 18.211.87.181
2023-01-26 22:07:17 +0000 0 - 2 - 0 delvepoint.com/Luna/searchTypes/SSN01/2b9b4ae (...) 3.223.104.77
2023-01-26 22:07:10 +0000 0 - 2 - 0 delvepoint.com/Luna/searchTypes/SSN01/2b9b4ae (...) 18.211.252.130


Last 4 reports on domain: locked2.com
Date UQ / IDS / BL URL IP
2022-11-18 18:33:05 +0000 0 - 0 - 3 locked2.com/cl/i/99p71w 23.22.126.183
2022-09-20 19:06:12 +0000 0 - 0 - 2 www.locked2.com/cl/load.php?id=b030a08b25aa7a (...) 23.22.126.183
2022-09-19 12:45:14 +0000 0 - 0 - 3 locked2.com/cl/i/meww78 23.22.126.183
2022-09-03 03:52:57 +0000 0 - 0 - 3 locked2.com/cl/i/99736l 23.22.126.183


No other reports with similar screenshot

JavaScript

Executed Scripts (18)

Executed Evals (0)

Executed Writes (1)
#1 JavaScript::Write (size: 8385) - SHA256: 6d7e2dd7513fe2e03fb20f9b9e83f152f5d9f3002c61aee8d38c6edf7ee79e6f
< meta name = "viewport"
content = "width=device-width" >
    < meta name = "csrf-token"
content = "0Mf1oU6EE6nBZaskwFnPOCCMIQeHrzjCRNxFOtJ8" >

    < style > @
    import url(https: //fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,300,200);.lockerBackground{position:fixed;top:0;left:0;width:100%;height:100%;background-color:#000;opacity:.8;display:none;z-index:9999998}.lockerPopup{height:auto;z-index:9999999;top:50%;left:50%;position:fixed}.lockerPopup .header{text-align:center;font-weight:700;font-family:'Source Sans Pro',sans-serif}.lockerPopup .content{text-align:center;font-family:'Source Sans Pro',sans-serif}.lockerPopup .footer{font-family:'Source Sans Pro',sans-serif;text-align:center}.lc-checks{list-style:none;margin:0;position:relative;font-family:'Source Sans Pro',sans-serif}.lc-checks li{position:relative;cursor:hand;text-align:center;display:block}.animated{-webkit-animation-duration:1.5s;animation-duration:1.5s;-webkit-animation-fill-mode:both;animation-fill-mode:both}@-webkit-keyframes bounceInDown{0%{opacity:0;-webkit-transform:translate(-50%,-2000px)}60%{opacity:1;-webkit-transform:translateY(-50%,-53%)}80%{-webkit-transform:translateY(-50%,-51%)}100%{-webkit-transform:translate(-50%,-50%)}}@keyframes bounceInDown{0%{opacity:0;transform:translate(-50%,-2000px)}60%{opacity:1;transform:translate(-50%,-53%)}80%{transform:translate(-50%,-51%)}100%{transform:translate(-50%,-50%)}}.bounceInDown{-webkit-animation-name:bounceInDown;animation-name:bounceInDown}@media only screen and (min-device-width:560px) and (max-width:800px){.lockerPopup{width:400px!important}.lockerPopup .content{font-size:16px!important}.lockerPopup .header{font-size:20pt;color:#315965}.lc-checks li{font-size:10pt;padding:15px;margin-left:0!important}}@media only screen and (min-width:800px){.lockerPopup .header{font-size:26pt}.lockerPopup .content{font-size:18px}.lc-checks{padding:20px 0}.lc-checks li{padding:15px 0}.lc-checks li{background-color:rgba(73,128,227,.59)}}.lockerPopup{width:580px;background-color:#fff;padding:15px;border-radius:5px;box-shadow:0 0 0 10px rgba(45,208,255,.25)}.lockerPopup .header{padding:0 0 10px;border-bottom:1px solid #c3c2c2;color:#315965}a{color:#475890}.lockerPopup .content{padding:20px 10px 0 10px}.lc-checks{padding:20px 0}.lc-checks li{margin-bottom:10px;font-weight:800;background-color:rgba(73,128,227,.59)}.lockerPopup .footer{padding:10px 0 0;font-size:14px;padding:15px 10px 5px 10px;font-weight:300}.button{background-color:#4980e3;color:#f7fdf8;border:none;font-size:1em;padding:.625rem 0;text-align:center;width:100%;transition:all .2s ease;user-select:none;position:relative;top:0;cursor:pointer}.button:hover{background-color:#4980e3;color:#fff}.button:active{user-select:none}button:focus{outline:0}.spinner-circle{width:14px;height:14px;margin:-4px 0;border:2px solid #fff;display:inline-block;border-radius:500px;-webkit-border-radius:500px;-moz-border-radius:500px;position:relative}.spinner-circle:before{content:'';width:0;height:0;border-top:14px solid rgba(73,128,227,.5);border-right:14px solid transparent;position:absolute;left:6px;top:6px;display:block}.spin{-webkit-animation:spin 2s infinite linear;animation:spin 2s infinite linear}@-webkit-keyframes spin{0%{-webkit-transform:rotate(0);transform:rotate(0)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}@keyframes spin{0%{-webkit-transform:rotate(0);transform:rotate(0)}100%{-webkit-transform:rotate(359deg);transform:rotate(359deg)}}

        : root {
            --custom - background - opacity: 0.8;
        }

        /* overrides */

        .lockerBackground {
            opacity: var (--custom - background - opacity);
        } < /style>

        < style >
        : root {
            --custom - background - color: # FFFFFF;
            --custom - border - color: 45, 208, 255;
            --custom - title - color: #315965;
            --custom-offer-color: 73, 128, 227;
            --custom-text-color: # 000000;
        }

        /* overrides */

        .lockerPopup {
            background - color: var (--custom - background - color);
            color: var (--custom - text - color);
            box - shadow: 0 0 0 10 px rgb(var (--custom - border - color), 0.25);
        }

        .lockerPopup.header {
            color: var (--custom - title - color);
        }

        .lockerPopup.lc - checks li {
            background - color: rgb(var (--custom - offer - color), 0.59);
        }

        .lockerPopup.button {
            background - color: rgb(var (--custom - offer - color));
        }

        < /style>


        < style id = "custom-custom-css" >



        < /style>

        < div id = "contentLockerBackground"
        class = "lockerBackground" > < /div> < div id = "contentLocker"
        class = "lockerPopup animated bounceInDown" >
        < div class = "header" >
        < span id = "tool-title" > Complete Tasks < /span> < /div> < div class = "content" >
        < span id = "tool-description" > Must complete Tasks 3 Below < /span> < /div> < div class = "links" >
        < ul class = "lc-checks" >
        < div id = "offer-43672" >
        < a href = "https://jump.ogtrk.net/aff_c?offer_id=43672&amp;aff_id=288026&amp;aff_sub=ContentLocker&amp;aff_sub2=99p71w&amp;aff_sub3=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJvZ2FkcyIsImF1ZCI6InBvc3RiYWNrIiwiaWF0IjoxNjY4Nzk2Mzc1LCJuYmYiOjE2Njg3OTYzNzUsImRhdGEiOnsiaXAiOiI5MS45MC40Mi4xNTQiLCJ1YSI6Ik1vemlsbGFcLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja29cLzIwMTAwMTAxIEZpcmVmb3hcLzEwNS4wIiwicmVmIjpudWxsfX0.HnUV2d8jas2S1vBVsPJ4gh3sLSaEWNBbjidOgLppiImwphVY6Ul_qfFSl9I8AaxITdnDborBmpHcgnMUokKA-A&amp;aff_sub4=&amp;aff_sub5="
        target = "_blank" > < li > < span class = "lc-checks__feature" > Take this survey! < /span></li > < /a> < /div> < div id = "offer-38918" >
        < a href = "https://jump.ogtrk.net/aff_c?offer_id=38918&amp;aff_id=288026&amp;aff_sub=ContentLocker&amp;aff_sub2=99p71w&amp;aff_sub3=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJvZ2FkcyIsImF1ZCI6InBvc3RiYWNrIiwiaWF0IjoxNjY4Nzk2Mzc1LCJuYmYiOjE2Njg3OTYzNzUsImRhdGEiOnsiaXAiOiI5MS45MC40Mi4xNTQiLCJ1YSI6Ik1vemlsbGFcLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja29cLzIwMTAwMTAxIEZpcmVmb3hcLzEwNS4wIiwicmVmIjpudWxsfX0.HnUV2d8jas2S1vBVsPJ4gh3sLSaEWNBbjidOgLppiImwphVY6Ul_qfFSl9I8AaxITdnDborBmpHcgnMUokKA-A&amp;aff_sub4=&amp;aff_sub5="
        target = "_blank" > < li > < span class = "lc-checks__feature" > Do you want to be a millionaire ? < /span></li > < /a> < /div> < /ul> < /div> < button class = "button" > < span class = "spinner-circle spin" > < /span> <span id="custom-checking">Checking completion</span > < /button> < div class = "footer" >
        < span id = "custom-countdown" > Complete < span id = "conversions-remaining" > 4 < /span> more offer(s) to continue</span >
        < /div> < /div>

        < script type = "text/javascript" >

        function loadScript(sScriptSrc, oCallback) {
            var oHead = document.getElementsByTagName('head')[0];
            var oScript = document.createElement('script');
            oScript.type = 'text/javascript';
            oScript.src = sScriptSrc;
            oScript.onload = oCallback;
            oHead.appendChild(oScript);
        }

        var js = "https://d3qilfrpqzfrg4.cloudfront.net/js/cl/desktop.js?id=kohusK";

        loadScript(js, function() {

            locker = new contentLocker({
                'id': "99p71w",
                'blockContextMenu': true,
                'pageCloseMessage': "Are you sure you want to leave?",
            });

            window.startConversionChecker({
                channel: "Tool.ContentLocker.99p71w.35b0bce9d250429df012c0426f88d0bd",
                route: "https:\/\/locked2.com\/cl\/ajax\/c\/99p71w",
                l_route: "https:\/\/locked2.com\/cl\/ajax\/e\/99p71w",
                completed: locker.actionCompleted,
                converted: null,
            });

        });

        < /script>

        < script type = "text/javascript" >
        hexToRgb = function(hex) {
            var result = /^#?([a-f\d]{2})([a-f\d]{2})([a-f\d]{2})$/i.exec(hex);
            return parseInt(result[1], 16) + ', ' + parseInt(result[2], 16) + ', ' + parseInt(result[3], 16);
        }

        parsePreviewChange = function(e) {
            if (e.name === 'custom-border-color' || e.name === 'custom-offer-color') {
                e.value = hexToRgb(e.value);
            }
            return e;
        } < /script>


HTTP Transactions (49)


Request Response
                                        
                                            GET /cl/i/99p71w HTTP/1.1 
Host: locked2.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         23.22.126.183
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.20.1
Date: Fri, 18 Nov 2022 18:32:54 GMT
Content-Length: 169
Connection: keep-alive
Location: https://locked2.com/cl/i/99p71w


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   169
Md5:    0f952b73d3f5586637ea9a5a789d48f4
Sha1:   b29aff4ffa1d4decd77db5160f920e1c6417e5e9
Sha256: 69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4968
Expires: Fri, 18 Nov 2022 19:55:42 GMT
Date: Fri, 18 Nov 2022 18:32:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6117
Cache-Control: max-age=150010
Date: Fri, 18 Nov 2022 18:32:54 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 12:13:04 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12235
Expires: Fri, 18 Nov 2022 21:56:49 GMT
Date: Fri, 18 Nov 2022 18:32:54 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 17:45:03 GMT
cache-control: public,max-age=3600
age: 2871
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: x1JrknHMu1B+fjdUh/J0o+At6dbZPaVO3TqaQP/t4dBi2J8oOolYvyWeowkCOPK0riQR+hcJ3M0=
x-amz-request-id: 8AVB7J462TSAX6NA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 18:15:42 GMT
age: 1032
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 18 Nov 2022 18:32:54 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FF67324A885F11A4D08089830CB7A0F786769C4A3929E2210DE388B8F7D943E9"
Last-Modified: Wed, 16 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 19 Nov 2022 00:32:55 GMT
Date: Fri, 18 Nov 2022 18:32:55 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 18:25:01 GMT
cache-control: public,max-age=3600
age: 474
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5877
Cache-Control: max-age=144718
Date: Fri, 18 Nov 2022 18:32:55 GMT
Etag: "63774b30-1d7"
Expires: Sun, 20 Nov 2022 10:44:53 GMT
Last-Modified: Fri, 18 Nov 2022 09:06:56 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /552.2d6a2503-1220.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: PnZFPtaQ6Oa8SvsR598yLCynwQMleyjLyE8+/6kXxv1ZfRit6gnSEEKUHnQ2vqYi8syHn+Nxcq4=
x-amz-request-id: XM6WHM0J4M8X38WQ
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 18 Nov 2022 18:32:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 97610
x-timer: S1668796376.514789,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21423)
Size:   5890
Md5:    097ef34c5f5d635a147bca3721bd605b
Sha1:   3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2
Sha256: 3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: locked2.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/cl/i/99p71w
Cookie: XSRF-TOKEN=eyJpdiI6Im00OVBMNkVqSmxiY0FoT2Q4VjBNUlE9PSIsInZhbHVlIjoiMFJwY3lYRWNFd0txblJ1bU14NWNVRzF1dHhEek1KaFpBNDhobzhibkdVekJDeWViRUt0SGZmSU1CaExxM2hlMGhEMUowMHp0YjhNL2lHNERicmpyR0hTdmxoNzVoeUpqNFA4WmY2Vk5ab3lNOEdJT0VpdkdscmxTUS9BTElod3ciLCJtYWMiOiJiNTM1MDE3ZGQ1OTkzZWIwNDQxOGFmYjU0MmZmNDU1MDgzZmY2NTIyMzA2ZmM1NzAyOGQ0OTkxMGQ3Mzk5OGYwIiwidGFnIjoiIn0%3D; ogads_session=eyJpdiI6IlVZeGdjOFdxZ1F1eVNhdDM5di9pbVE9PSIsInZhbHVlIjoiTEMvdXZpaWFJa3VwTmRYcnhFblFIbDZXYmVrWk85cDRiUitST2dYWGdPUzFDdHVhSGNINWZsQmpUNXJkZ2lZR3RpdG5IQTM5d3ZIMFpOcHg5MkMvWk1EV1c0QjYvYW1CeUNjK1lEeitPSTZlbHM4b2lnUVZUWEg5aGtTaGYvaGMiLCJtYWMiOiJkY2I4NTllM2QwMTY0NGUxNWZkOGE4Zjk0ZDgwNzVhYmFlNjk5N2M5M2I5NjE5YWNlNTRmMzJjMWQ2YjdhMDY2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.22.126.183
HTTP/2 200 OK
content-type: image/x-icon
                                        
server: nginx
date: Fri, 18 Nov 2022 18:32:55 GMT
content-length: 0
last-modified: Mon, 18 Oct 2021 11:49:37 GMT
etag: "616d5f51-0"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2

                                        
                                            GET /290.2d6a2503-1220.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: w13KyJHc6nZxbdEwslB41w8/Eu8hqTxWFthe9Ce9ktH5t1CQfPDcADzeIbbM0XmVboDReCBCqwPazqB/yCHcHQ==
x-amz-request-id: ENM21W9CJ64N9SCW
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 18 Nov 2022 18:32:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 2945
x-timer: S1668796376.612806,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3424
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8544)
Size:   3424
Md5:    b9baa2cb6a3b1a3d0fda03cd7db51631
Sha1:   42d37467e05182e3cab2fcb54577dc462adcf50b
Sha256: 31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822
                                        
                                            GET /368.2d6a2503-1220.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: GUwozRedGseijuU5ypA/WbbnDIf/u5E5/2u5+kb3ugz/wj5jQhWm8oFz9CQSV79o7P1yeeJAp+M=
x-amz-request-id: K9T2FMDPRF0ZCE4Q
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 18 Nov 2022 18:32:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 55
x-timer: S1668796376.613064,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3382)
Size:   1443
Md5:    fa50a55750d1d0978fca32be5dbc3988
Sha1:   a7f447621d48b3ecf7fc0192b515d506d3d1ad18
Sha256: c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20
                                        
                                            GET /768.2d6a2503-1220.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: P4mBsEL/DTAFzpZmpgTrdkaNBJrByz58gWXjGItRhFpF6Y8vCPU2Lz0KL/HwWqBLBPUd/7ipab8=
x-amz-request-id: XM6J50R0X1MZPD9F
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "d6cc8b42eda6fd7734014b03b87b5787"
x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 18 Nov 2022 18:32:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 185
x-timer: S1668796376.613378,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2225
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5523)
Size:   2225
Md5:    98a96a3306b7723c0b8c4bff074cdd9f
Sha1:   e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
Sha256: a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7
                                        
                                            GET /775.2d6a2503-1220.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: 7LFMHtjJh1S3I7Y2nadjyW3qD5GSEUAPkhvRiGWUqI2yNIsj2jxS1WztietgESJCTo8b+MSjBS8=
x-amz-request-id: XM6WXR7ZNKJZ7WDR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 18 Nov 2022 18:32:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1223
x-timer: S1668796376.614026,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1169)
Size:   632
Md5:    661520fd0dfebb919d68a69b60ca426f
Sha1:   b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
Sha256: ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
                                        
                                            GET /39.2d6a2503-1220.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: KxfPNXIQ38SSfzz490TMAo2ltA9W5l6OlU9HI6h8SfmvQBHsTP/3JrzkCdnsVJAOdxSfq1TwUMk=
x-amz-request-id: ESHWVX2RDYQJKTJS
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "0448380a8f2cd0426bbdf04dd45b5408"
x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 18 Nov 2022 18:32:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 24
x-timer: S1668796376.614001,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2755
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7169)
Size:   2755
Md5:    a0a406e7bdf3e14f047e46bcea27640c
Sha1:   c1fbc88d260f16a092c1b7b0e58e4291401478e8
Sha256: 2309d4e82574d5402ec3454a76051987336fe3b4e4d546f6565a3a443c6d4049
                                        
                                            GET /0.2d6a2503-1220.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: f1JzRiK4HoHej55UIxY8kufnlKMhSjW2G+Vtj2sq4OUFu6SREeWg9kZpjawiQxSTZPEfmKoLolg=
x-amz-request-id: XM6JN6V8R5PG7B8J
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 18 Nov 2022 18:32:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 14
x-timer: S1668796376.613976,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2349
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5198)
Size:   2349
Md5:    852267b16c136b977ccd94900c6c6308
Sha1:   e013e1b2c6de5b625ebbfe2e7cf3cfb09cee6c16
Sha256: 9bb09a133a1b33e9cecb06aa44e1ea67b3ad4ea74df5c6a89b1580064364cced
                                        
                                            GET /571.2d6a2503-1220.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: Cn07g451pzP+BuOyXbJ5c0o8ExPUm1rBYP/GYVQDFxcy7KzhZDW/Ep1gB0iV/QBa/UCWbkhew68=
x-amz-request-id: XM6J6T5Z32K8FRFH
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "04b00905b32fd8d29459545bc125cff6"
x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 18 Nov 2022 18:32:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 32
x-timer: S1668796376.614249,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1108
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2412)
Size:   1108
Md5:    d392a55faa7a0a2a43781a495891c9aa
Sha1:   1998ba6f85354606c186fa1a29285676f0b596f0
Sha256: 33b4cb21373961aa88430ff72406d46e95ceddf50afc086598ea5bdc3a311815
                                        
                                            GET /820.2d6a2503-1220.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: mfz69jbwDdVjAOvigezanDeGlG58lNEgRQZJ5bHuLqr3T+YzVd1KlatkpX7gSSdNs3YsWLt1rsw=
x-amz-request-id: 7DG6EGGM14MJB93M
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "897a1a72a47e4f4a24c05aec49af638f"
x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 18 Nov 2022 18:32:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 460
x-timer: S1668796376.614606,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2979
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7460)
Size:   2979
Md5:    7d1295a839190615b34d5a62acceee4f
Sha1:   eef26f5c6d2ae14cb81b3a9b669da224faceacd0
Sha256: 4d59d58f31b6638fbc3792a0b5fddca6e8eafc19a0c9e9aabadb5ad4d9197198
                                        
                                            GET /790.2d6a2503-1220.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: rOIosPuuEwyY2i5sNYqTXHwZXDs2re4AJB6+I1QFfF9D8vToAF8QBmtRttIasr2/YRes+1f0bv4=
x-amz-request-id: 9HYGKVEA32SEPK1W
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "af8c077a247e90dff929d7af81c94f57"
x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 18 Nov 2022 18:32:55 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 262
x-timer: S1668796376.614755,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 6064
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17591)
Size:   6064
Md5:    b3193d37837e2f200e10db13deff83a9
Sha1:   d8577b8a972583e81cfd8e31436dcd039aa049b2
Sha256: 5ba2e421fa78af3094294f4f8e30ba63225537da3ad68e35fbab63b2d22a0288
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VkCgtDgH9Ts6Pe9JCt5sqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.41.201.177
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YmFhYHmMAK6eGbeTn/QdDwLDcCU=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 18:32:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Source+Sans+Pro:400,700,300,200 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 18:32:55 GMT
date: Fri, 18 Nov 2022 18:32:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1192
Md5:    3ea63b54812a4b7a06a40de2394ae39e
Sha1:   32da200a6442f8d7b52a0c76ea1be24c0305ba5d
Sha256: 7446d0ffcd98a01bdfadd634fcf442c9d3537c9e3d2a70b8608d175d518c7180
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 18:32:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 18:32:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 18:32:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://locked2.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:26:57 GMT
expires: Thu, 16 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 169558
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Size:   12924
Md5:    4610010f425c140b99c88b6819ce1c02
Sha1:   a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
Sha256: 7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
                                        
                                            GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://locked2.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:28:31 GMT
expires: Thu, 16 Nov 2023 19:28:31 GMT
cache-control: public, max-age=31536000
age: 169464
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Size:   12956
Md5:    1c772d9d0531b187db80bcfc199c1786
Sha1:   c0c04fb334190e10dffed0dcc5c817c2a6041a15
Sha256: 122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
                                        
                                            GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://locked2.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:26:57 GMT
expires: Thu, 16 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 169558
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Size:   13036
Md5:    0ad032b3d07aaf33b160ac4799dda40f
Sha1:   06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
Sha256: c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 18:32:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /1/c25b69ac34?a=1824637757&v=1220.PROD&to=ZgFQYktXWUMCWkVZDV9LcUNKQlhdTE1eXw5CSlFZV0JSXhcUXV8BWgFAGFBYU1Ub&rst=1346&ck=0&s=be30fbebbf39d581&ref=https://locked2.com/cl/i/99p71w&ap=33&be=1011&fe=33&dc=31&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1668796372487,%22n%22:0,%22f%22:357,%22dn%22:363,%22dne%22:364,%22c%22:364,%22s%22:460,%22ce%22:748,%22rq%22:748,%22rp%22:935,%22rpe%22:935,%22dl%22:964,%22di%22:1039,%22ds%22:1042,%22de%22:1044,%22dc%22:1044,%22l%22:1044,%22le%22:1048%7D,%22navigation%22:%7B%7D%7D&at=SkZTFANNSk0%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Fri, 18 Nov 2022 18:32:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 76c2caa3eccfb50b-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   68
Md5:    a63df29d6e0417cc1d00d8743d0ae34c
Sha1:   4fe2dc626d476e9a32c8982587e33fbc8aaf7b0b
Sha256: 025635a81f1246880710db88c48cd051393836cfd7016eb9f4aac7ac7b739a4e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4250
Expires: Fri, 18 Nov 2022 19:43:46 GMT
Date: Fri, 18 Nov 2022 18:32:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4250
Expires: Fri, 18 Nov 2022 19:43:46 GMT
Date: Fri, 18 Nov 2022 18:32:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4250
Expires: Fri, 18 Nov 2022 19:43:46 GMT
Date: Fri, 18 Nov 2022 18:32:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4250
Expires: Fri, 18 Nov 2022 19:43:46 GMT
Date: Fri, 18 Nov 2022 18:32:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4250
Expires: Fri, 18 Nov 2022 19:43:46 GMT
Date: Fri, 18 Nov 2022 18:32:56 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CHi9V7-WaWmG6Y0249CZJnhe_RjvleaGFVXoOnJ62cjrcXoLLKwzgw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 07:20:30 GMT
age: 40346
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11667
Md5:    032386e5c9dffff1ba1ee5e8a322d438
Sha1:   dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
Sha256: 0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd26f9e-1666-47e7-91b0-4b371ede5e61.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5955
x-amzn-requestid: fe915fbe-b1dc-4fbd-8a10-1cb46e08f56c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqPjHloIAMFidw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755730-16deb73f48305b0139b1d9bd;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:36 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: z5S-G5i9-jfmyOFjA9XYxOt97mvYwjuTMsPv01Hw_N0fbOO2mvQz3A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:39:42 GMT
age: 75194
etag: "9404b0071027ac7ec0055a9edfbd607e3a8ae501"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5955
Md5:    30ad43f65949e7e22e73292e3d684f3d
Sha1:   9404b0071027ac7ec0055a9edfbd607e3a8ae501
Sha256: b97961cbd2245f9927c1c0406451449d28cca24c98c534cace78321ac62eeeb2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10281
x-amzn-requestid: 11dffc4e-71d7-4195-8890-62c8a2092728
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-77EWaIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-3c0dc7e43023af827ac26958;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Xbau-BXu_W5Hu8QaCg3tvwfYMb_8L8F_muNp4gVukeNTmiDW4BAXhA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:24:03 GMT
age: 72533
etag: "90a146aef85765630a5e09e46a0a8682e204bec1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10281
Md5:    35da1192dcadc6e329a9e60c16904301
Sha1:   90a146aef85765630a5e09e46a0a8682e204bec1
Sha256: 816d1387a3a91a82f0bdaa2b703b45aa30be206d30d4dd1e8ac5deca13de57ad
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6344
x-amzn-requestid: cac35b04-be3b-4ae1-bb5e-8cedcd7a7db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqOVFCXIAMFcOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755728-45c28fa333b748520be29b57;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: RQqPegf6sdVW0qmrGnUo6EORLuT7BRikwhtF08LAxWNCpLGwGZnG8Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:34:03 GMT
age: 75533
etag: "4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6344
Md5:    a9d32fa3866dd741de610a61a93ad893
Sha1:   4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e
Sha256: 4492338de536cfae6fb42fd37170c60f4fbc281a2a924efe6d2b5af352cd102c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:08:54 GMT
age: 73442
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3759
Md5:    5d0b6106f00f9fd8b89c2d484a559a1a
Sha1:   399ac393209dcdac7d2188d7aa8d95f04570ef7c
Sha256: 5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb1ea6fe-f968-42eb-9bb6-5965ae4e6ce6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7045
x-amzn-requestid: e8dace8b-0cc8-4ea0-b47a-e42a66576f72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K3EuCIAMFsmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-71c191e462be52006858817b;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S0Sq8vuP-MbcuYVx_WFXTkmrY966mBTY1Qpowx_E_to1tDk1b8R-Bw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:52:11 GMT
age: 74445
etag: "ed93ac946111340a254b92f8ce27e8be93ae87e8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7045
Md5:    e5fb6d72b647aabea33ab4017f4a0847
Sha1:   ed93ac946111340a254b92f8ce27e8be93ae87e8
Sha256: 0782ed4ffaea8f9487461d5a9b0c241d30dfe057676753b24e180d0a94efad99
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 18:32:57 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 18 Nov 2022 16:10:56 GMT
Expires: Fri, 25 Nov 2022 16:10:55 GMT
Etag: "3ea8151072ae8fac140fa57f7f35a295b7771bca"
Cache-Control: max-age=602366,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1227
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76c2caac78be0b06-OSL

                                        
                                            GET /app/4971de26666a6fede50a?protocol=7&client=js&version=4.4.0&flash=false HTTP/1.1 
Host: ws-us2.pusher.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://locked2.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FT3bQ4GfaURXFdj0i90qpw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         13.59.10.190
HTTP/1.1 101 Switching Protocols
                                        
Date: Fri, 18 Nov 2022 18:32:57 GMT
Connection: upgrade
Server: nginx/1.17.7
Upgrade: websocket
Sec-WebSocket-Accept: zDue52nIcWBzaWXdBRMLL1XqQZU=

                                        
                                            GET /timeline/v2/jsonp/1?session=ODQ5NDcxMzI3&bundle=MQ%3D%3D&key=NDk3MWRlMjY2NjZhNmZlZGU1MGE%3D&lib=anM%3D&version=NC40LjA%3D&cluster=dXMy&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE2Njg3OTYzNzQ5NzR9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNjY4Nzk2Mzc0OTc1fSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNjY4Nzk2Mzc0OTc4fSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTY2ODc5NjM3NDk3OH0seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTY2ODc5NjM3NDk3OH0seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTY2ODc5NjM3NTQzOX0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiIxNjExNi40MTc2NzYxIn0sInRpbWVzdGFtcCI6MTY2ODc5NjM3NTQ0MH1d HTTP/1.1 
Host: stats.pusher.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         3.220.126.28
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: awselb/2.0
date: Fri, 18 Nov 2022 18:32:57 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /cl/i/99p71w HTTP/1.1 
Host: locked2.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         23.22.126.183
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Fri, 18 Nov 2022 18:32:55 GMT
vary: Accept-Encoding
cache-control: no-cache, private
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: none
set-cookie: XSRF-TOKEN=eyJpdiI6Im00OVBMNkVqSmxiY0FoT2Q4VjBNUlE9PSIsInZhbHVlIjoiMFJwY3lYRWNFd0txblJ1bU14NWNVRzF1dHhEek1KaFpBNDhobzhibkdVekJDeWViRUt0SGZmSU1CaExxM2hlMGhEMUowMHp0YjhNL2lHNERicmpyR0hTdmxoNzVoeUpqNFA4WmY2Vk5ab3lNOEdJT0VpdkdscmxTUS9BTElod3ciLCJtYWMiOiJiNTM1MDE3ZGQ1OTkzZWIwNDQxOGFmYjU0MmZmNDU1MDgzZmY2NTIyMzA2ZmM1NzAyOGQ0OTkxMGQ3Mzk5OGYwIiwidGFnIjoiIn0%3D; expires=Sat, 19 Nov 2022 14:32:55 GMT; Max-Age=72000; path=/; secure; samesite=none ogads_session=eyJpdiI6IlVZeGdjOFdxZ1F1eVNhdDM5di9pbVE9PSIsInZhbHVlIjoiTEMvdXZpaWFJa3VwTmRYcnhFblFIbDZXYmVrWk85cDRiUitST2dYWGdPUzFDdHVhSGNINWZsQmpUNXJkZ2lZR3RpdG5IQTM5d3ZIMFpOcHg5MkMvWk1EV1c0QjYvYW1CeUNjK1lEeitPSTZlbHM4b2lnUVZUWEg5aGtTaGYvaGMiLCJtYWMiOiJkY2I4NTllM2QwMTY0NGUxNWZkOGE4Zjk0ZDgwNzVhYmFlNjk5N2M5M2I5NjE5YWNlNTRmMzJjMWQ2YjdhMDY2IiwidGFnIjoiIn0%3D; expires=Sat, 19 Nov 2022 14:32:55 GMT; Max-Age=72000; path=/; secure; httponly; samesite=none
x-xss-protection: 1; mode=block, 1; mode=block
x-content-type-options: DENY, nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /cl/v/99p71w HTTP/1.1 
Host: locked2.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VQcDVFRRDBABXFNWAQIAUVEG
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjExNDUyMjQiLCJhcCI6IjE4MzQ3ODM3NjkiLCJpZCI6ImI3MjMyODU0MjQ5YzQ1ZGIiLCJ0ciI6IjU3ODYzMGNiYjgyY2I5OTg2NmZhYzg5MTA5MDE0MzcwIiwidGkiOjE2Njg3OTYzNzM1MTh9fQ==
traceparent: 00-578630cbb82cb99866fac89109014370-b7232854249c45db-01
tracestate: 1145224@nr=0-1-1145224-1834783769-b7232854249c45db----1668796373518
Connection: keep-alive
Referer: https://locked2.com/cl/i/99p71w
Cookie: XSRF-TOKEN=eyJpdiI6Im00OVBMNkVqSmxiY0FoT2Q4VjBNUlE9PSIsInZhbHVlIjoiMFJwY3lYRWNFd0txblJ1bU14NWNVRzF1dHhEek1KaFpBNDhobzhibkdVekJDeWViRUt0SGZmSU1CaExxM2hlMGhEMUowMHp0YjhNL2lHNERicmpyR0hTdmxoNzVoeUpqNFA4WmY2Vk5ab3lNOEdJT0VpdkdscmxTUS9BTElod3ciLCJtYWMiOiJiNTM1MDE3ZGQ1OTkzZWIwNDQxOGFmYjU0MmZmNDU1MDgzZmY2NTIyMzA2ZmM1NzAyOGQ0OTkxMGQ3Mzk5OGYwIiwidGFnIjoiIn0%3D; ogads_session=eyJpdiI6IlVZeGdjOFdxZ1F1eVNhdDM5di9pbVE9PSIsInZhbHVlIjoiTEMvdXZpaWFJa3VwTmRYcnhFblFIbDZXYmVrWk85cDRiUitST2dYWGdPUzFDdHVhSGNINWZsQmpUNXJkZ2lZR3RpdG5IQTM5d3ZIMFpOcHg5MkMvWk1EV1c0QjYvYW1CeUNjK1lEeitPSTZlbHM4b2lnUVZUWEg5aGtTaGYvaGMiLCJtYWMiOiJkY2I4NTllM2QwMTY0NGUxNWZkOGE4Zjk0ZDgwNzVhYmFlNjk5N2M5M2I5NjE5YWNlNTRmMzJjMWQ2YjdhMDY2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         23.22.126.183
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Fri, 18 Nov 2022 18:32:55 GMT
vary: Accept-Encoding
cache-control: no-cache, private
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: none
set-cookie: XSRF-TOKEN=eyJpdiI6Ikh4bGpjZ2doL0JFeURvUlUyRUpwTnc9PSIsInZhbHVlIjoibVhwZzhYSGJxYSs4VHVlRGM0NjBFZ25ZZy8zSXpRcVF4ZVcxRFFqa04xUWdWU1JWNk9BNGRwRTNTQzNuWHF5ZTZiWDREdmV1Y2tlT2JlTVJFN1ZqRzFQTUdZVjcvME42WG5wMXFGQiswZll6VVBhWHVwSnJkTHh3SXFMbXptTWUiLCJtYWMiOiI4Y2ZjZTRlMDYxYjVhNDNiMjA4NzI2NzI1OTJiNzc2Njg4NTRjMWYyMjI4MDEwMDk5OTE2MmViMTRhMWNiZjk5IiwidGFnIjoiIn0%3D; expires=Sat, 19 Nov 2022 14:32:55 GMT; Max-Age=72000; path=/; secure; samesite=none ogads_session=eyJpdiI6IjFrdy9zbFNqbW5kZ29Ndm9pVCtORWc9PSIsInZhbHVlIjoiVU0zVmNXVkQwUUVqeEpxQ3owS05kdUV5TUtZdWE0L0RneWozOFJSUWsvY2RLNnplTFFCVGtHYkRhMUhEM283OS96MVZjVnhHYWxmaWJlN2FRUlNNdldJSk5ibnk3NlFBa0hnVThvNXFUOHVZaHJnTzJ2OEdYeTgrVHFVNmFneW4iLCJtYWMiOiJmYWUwZjUxMzM3NmI4ZGJjYjIxMzljMmZlYmZhZjRiYzE1ZjlmNDIwOTAyYzcyYTYxNThhNDdlNjMyOTFjMjcxIiwidGFnIjoiIn0%3D; expires=Sat, 19 Nov 2022 14:32:55 GMT; Max-Age=72000; path=/; secure; httponly; samesite=none
x-xss-protection: 1; mode=block, 1; mode=block
x-content-type-options: DENY, nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/cl/desktop.js?id=kohusK HTTP/1.1 
Host: d3qilfrpqzfrg4.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://locked2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.245.73
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 18 Nov 2022 18:32:57 GMT
last-modified: Tue, 01 Nov 2022 17:12:37 GMT
etag: W/"58f7c92b6c66bacb056a65c00ea1b30e"
cache-control: max-age=2628000
expires: Mon, 01 Nov 2027 17:12:36 GMT
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y6OzxPECelwpEEw05JsJyEBl5mtUNaZyWwpew6eau00Xq6DM8-x6cA==
X-Firefox-Spdy: h2


--- Additional Info ---