r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13352
Expires: Fri, 03 Feb 2023 13:29:19 GMT
Date: Fri, 03 Feb 2023 09:46:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7366
Expires: Fri, 03 Feb 2023 11:49:33 GMT
Date: Fri, 03 Feb 2023 09:46:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 09:36:10 GMT
content-type: application/json
age: 637
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9401
Expires: Fri, 03 Feb 2023 12:23:28 GMT
Date: Fri, 03 Feb 2023 09:46:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rmKBTzNrXwuKuv2swGuYMzqrNtcCspbvDKN9DpUcjzKFfTR2LB1VJKe1VqZ7kseo/sI2AEP2vJw=
x-amz-request-id: XF9CBB9F0C1EK5DT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 09:23:29 GMT
age: 1398
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 09:46:47 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 08:49:06 GMT
age: 3461
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6894
Expires: Fri, 03 Feb 2023 11:41:42 GMT
Date: Fri, 03 Feb 2023 09:46:48 GMT
Connection: keep-alive
filezone.info/5474c16
111.90.159.57200 OK 13 kB IP 111.90.159.57:0
ASN #45839 Shinjiru Technology Sdn Bhd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1671), with CRLF, LF line terminators
Hash 860009b4906a259600460b8bb238517b
18fa31b5e1eb31e34e321bf03b26f0503840ba09
ad6630003fd15414b15c051529a5b8a40d88baa8ea2a68c7fae26081d430c860
Analyzer Verdict Alert fortinet Phishing
GET /5474c16 HTTP/1.1
Host: filezone.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:46:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
browser.sentry-cdn.com/6.4.1/bundle.min.js
151.101.2.217200 OK 21 kB URL HTTP/2 browser.sentry-cdn.com/6.4.1/bundle.min.js
IP 151.101.2.217:0
File type ASCII text, with very long lines (65448)
Hash 42639cce5db857005b8285dedd67553d
a24a4a308123397a9a786645f5843e70653d8552
2b5b83c27b4f52cb3fe8cebc8412b3ceb7c62a2dca290eef38117c33c85b3c66
GET /6.4.1/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://filezone.info
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 26 Jan 2024 06:53:45 GMT
last-modified: Wed, 19 May 2021 16:36:38 GMT
etag: "42639cce5db857005b8285dedd67553d"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Fri, 03 Feb 2023 09:46:48 GMT
age: 701583
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20972
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:46:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.166.71.249101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.71.249:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: glQf7hzs/KKussKkhSdmGQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZbPF7V3NGZMo+JrEg7XUmenqGqU=
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/owl.carousel.css
54.230.245.23200 OK 4.6 kB URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/owl.carousel.css
IP 54.230.245.23:0
Hash b51416af9e8adbe3d16f5f2526aba221
097c8d67412f44534449ed4cadc6dd22b025801d
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
GET /assets/landing_pages/blue_file/owl.carousel.css HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 4614
last-modified: Mon, 30 Jan 2017 06:33:55 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:46:48 GMT
etag: "b51416af9e8adbe3d16f5f2526aba221"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pBcKf65oizCQomvNqe-au89baFrCc6NvEEcP2Zo5FDADObAsdZItug==
age: 10775
X-Firefox-Spdy: h2
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/slick.css
54.230.245.23200 OK 1.7 kB URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/slick.css
IP 54.230.245.23:0
Hash 13b1b6672b8cfb0d9ae7f899f1c42875
6e9d13342a11a8cfd9e42ee243eaeae01cda4e25
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
GET /assets/landing_pages/blue_file/slick.css HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 1729
last-modified: Mon, 30 Jan 2017 06:33:55 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:46:48 GMT
etag: "13b1b6672b8cfb0d9ae7f899f1c42875"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4iEXyclQ3soStC3Tw_KWyjA6lyCPaCvD1eg6PagOSiOB93Yc5hcoZg==
age: 1241
X-Firefox-Spdy: h2
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/animate.css
54.230.245.23200 OK 72 kB URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/animate.css
IP 54.230.245.23:0
Hash d212a7b8f7e91b7dbd0a69c2819ff087
586cc5658f5dfc644de5dd4262aa3f42f5fe181e
77dcac1d9487d6e8e8f4a23cdd5b2486204394df7af50f8968b49b9c9b6f8752
GET /assets/landing_pages/blue_file/animate.css HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 71793
date: Thu, 02 Feb 2023 23:30:54 GMT
last-modified: Mon, 30 Jan 2017 06:33:55 GMT
etag: "d212a7b8f7e91b7dbd0a69c2819ff087"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GfzUv1dSyZYmBdxD6vEnJJ_FCPh2nAG2ozcl7cYNHYeca4GlNq2RRw==
age: 36955
X-Firefox-Spdy: h2
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/responsive.css
54.230.245.23200 OK 28 kB URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/responsive.css
IP 54.230.245.23:0
File type ASCII text, with CRLF line terminators
Hash 8e5dca604fd251616ad08c9bea877e64
c2f6c63ff19a32b9bd52d827f189903f79d3767b
53241fc65098c90114cb5bc24433eb6fdaed2da1236aa9b375ea7e1bfc6bf064
GET /assets/landing_pages/blue_file/responsive.css HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 27581
last-modified: Mon, 30 Jan 2017 06:33:55 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:46:48 GMT
etag: "8e5dca604fd251616ad08c9bea877e64"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p3_lgrT4gYisDps8LfMJFRnZJwwzXWAMR-O_9pTw4JqHrbR4mtBywg==
age: 15321
X-Firefox-Spdy: h2
filezone.info/public/external/t1.js
111.90.159.57301 Moved Permanently 267 B URL HTTP/1.1 filezone.info/public/external/t1.js
IP 111.90.159.57:0
ASN #45839 Shinjiru Technology Sdn Bhd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ca2ed1c31bd30e5b9df849946d9a01d4
7aa6fe9aa9041ca2e6c022e8375e4f62c9bded33
57a1cfcbc17a6c73a29b9f2ab209be20300a8ee5a294744684ae75d6f889f5a1
Analyzer Verdict Alert fortinet Phishing
GET /public/external/t1.js HTTP/1.1
Host: filezone.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 09:46:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Location: https://d1xkyo9j4r7vnn.cloudfront.net/public/external/t1.js
Content-Length: 267
Connection: close
Content-Type: text/html; charset=iso-8859-1
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/bootstrap.min.css
54.230.245.23200 OK 117 kB URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/bootstrap.min.css
IP 54.230.245.23:0
File type ASCII text, with very long lines (65371)
Size 117 kB (117305 bytes)
Hash eedf9ee80c2faa4e1b9ab9017cdfcb88
ed29315e0ffb3f14382431f2724235bf67f44eb3
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
GET /assets/landing_pages/blue_file/bootstrap.min.css HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 117305
last-modified: Mon, 30 Jan 2017 06:33:55 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:46:48 GMT
etag: "eedf9ee80c2faa4e1b9ab9017cdfcb88"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ea4JDaoSoujXEVf7T14w5v3rSVBeE-3yzxPOleP53LfdYc3Qqvw3cg==
age: 41470
X-Firefox-Spdy: h2
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/bootstrap.min.js.download
54.230.245.23200 OK 36 kB URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/bootstrap.min.js.download
IP 54.230.245.23:0
File type ASCII text, with very long lines (32025)
Hash 8c237312864d2e4c4f03544cd4f9b195
253711c6d825de55a8360552573be950da180614
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
GET /assets/landing_pages/blue_file/bootstrap.min.js.download HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 35951
last-modified: Mon, 30 Jan 2017 06:33:55 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:46:48 GMT
etag: "8c237312864d2e4c4f03544cd4f9b195"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ThCPG4N8lCOqO54Zp3R5aYaRKkYBzPqBVeFjHRf4lmITXUOy4U55kQ==
age: 7389
X-Firefox-Spdy: h2
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/font-awesome-4.6.3/css/font-awesome.min.css
54.230.245.23200 OK 29 kB URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/font-awesome-4.6.3/css/font-awesome.min.css
IP 54.230.245.23:0
File type ASCII text, with very long lines (28900)
Hash 4083f5d376eb849a458cc790b53ba080
fb5b49426dee7f1508500e698d1b3c6b04c8fcce
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
GET /assets/landing_pages/font-awesome-4.6.3/css/font-awesome.min.css HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 29063
last-modified: Mon, 30 Jan 2017 06:33:56 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:46:48 GMT
etag: "4083f5d376eb849a458cc790b53ba080"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0pPRzCM2AzMmUQTfw7fII4yci5XCHaO8Pd7UosY8teVvTvOIZ9VDlA==
age: 13149
X-Firefox-Spdy: h2
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/jquery-1.12.3.js.download
54.230.245.23200 OK 97 kB URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/jquery-1.12.3.js.download
IP 54.230.245.23:0
File type ASCII text, with very long lines (32029), with CRLF line terminators
Hash 2b6294333db8eeb65bc7717144357d23
74ef185a3cba75af7f4e1b3dcaf1b32b0db5c1af
4946fcf019e50cf850a0344e45b3a8f93d5ead5e1dade33695025ef732913af1
GET /assets/landing_pages/blue_file/jquery-1.12.3.js.download HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 97185
last-modified: Mon, 30 Jan 2017 06:33:55 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:46:48 GMT
etag: "2b6294333db8eeb65bc7717144357d23"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ptdjoWOfgI_Svws-ky2n-OxEAHmATCYQ_AYyQdBdNEMdbDFKNO-s6A==
age: 42629
X-Firefox-Spdy: h2
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/SmoothScroll.chrome.js.download
54.230.245.23200 OK 20 kB URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/SmoothScroll.chrome.js.download
IP 54.230.245.23:0
Hash e5cd13df5f1a142eab84ff1aa7b61800
4907ce802cd5bc67410e431b659a500d9dd8ac93
fd64b3fe6bfc481ffa097faab20acd5a06458cd575e96b03a1771ef336f42ddd
GET /assets/landing_pages/blue_file/SmoothScroll.chrome.js.download HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 20537
last-modified: Mon, 30 Jan 2017 06:33:55 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:46:48 GMT
etag: "e5cd13df5f1a142eab84ff1aa7b61800"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hENmUm3DJJuR2QxQnbhM9_KGJTpq2gT1htyu3AFo-CxEHBmVLroQTQ==
age: 21941
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:46:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b52d2236fad26eec30fd4cbc440168c9
c391783b0a09e0e68565904fb9ea67e0118c802f
7a2c6f7809a355789761ee741a8086808edc65d0145c650f7bf04c5d7c69b891
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=125023
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:46:48 GMT
Etag: "63dc1d67-118"
Expires: Sat, 04 Feb 2023 20:30:31 GMT
Last-Modified: Thu, 02 Feb 2023 20:30:31 GMT
Server: nginx
Content-Length: 280
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/style.css
54.230.245.23200 OK 68 kB URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/style.css
IP 54.230.245.23:0
Hash 947e8bbbc642b1174587443b5fa1799b
121102d064494ecddfa9614136221106bc743003
7e2adf92b41cf969203035d74690fa00d8e1ff367f6f92881af14065836c2056
GET /assets/landing_pages/blue_file/style.css HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 67696
last-modified: Mon, 30 Jan 2017 06:33:55 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:46:48 GMT
etag: "947e8bbbc642b1174587443b5fa1799b"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dhYKEcjqsAS7k0dInuAGh37WBXGD6tXIjvfUnU4Mn9yS2d08sRCfLw==
age: 39085
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b52d2236fad26eec30fd4cbc440168c9
c391783b0a09e0e68565904fb9ea67e0118c802f
7a2c6f7809a355789761ee741a8086808edc65d0145c650f7bf04c5d7c69b891
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=125023
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:46:48 GMT
Etag: "63dc1d67-118"
Expires: Sat, 04 Feb 2023 20:30:31 GMT
Last-Modified: Thu, 02 Feb 2023 20:30:31 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:46:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:46:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.67200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://filezone.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 04:29:08 GMT
expires: Wed, 31 Jan 2024 04:29:08 GMT
cache-control: public, max-age=31536000
age: 278260
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
142.250.74.67200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data
Hash 0e7e5f9d3a8ef121149827180b790b5c
0e9f9333078e5df9245630ff6f68ba1d9da3c403
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://filezone.info
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 00:23:02 GMT
expires: Tue, 30 Jan 2024 00:23:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
content-type: font/woff2
age: 379426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:46:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1xkyo9j4r7vnn.cloudfront.net/public/external/t1.js
143.204.42.191200 OK 2.8 kB URL HTTP/2 d1xkyo9j4r7vnn.cloudfront.net/public/external/t1.js
IP 143.204.42.191:0
File type ASCII text, with CRLF line terminators
Hash 7a110330bc80a288525a3f37ff007ab4
ba29af4ba42ba865601234fcacca710f7ca7c250
9436760447be2536a9ea109797099a53e6f8450f537f6e92235483bf777040ae
GET /public/external/t1.js HTTP/1.1
Host: d1xkyo9j4r7vnn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 2794
date: Fri, 03 Feb 2023 09:46:48 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
last-modified: Wed, 04 Nov 2020 09:44:49 GMT
etag: "aea-5b344d4920f16"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EywPcrNQhIEv7f5F83XWftFy4nQ_KdhfkolYXdf9oNASz0ociUsi6Q==
X-Firefox-Spdy: h2
d2punpeg7vtjci.cloudfront.net/public/external/css_front.css
54.230.245.201200 OK 6.6 kB URL HTTP/2 d2punpeg7vtjci.cloudfront.net/public/external/css_front.css
IP 54.230.245.201:0
File type ASCII text, with CRLF line terminators
Hash 2649f9832b1ede1bca6b60a16e50a676
c96e86a59be0ab5f2a1c86558205193597822742
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
GET /public/external/css_front.css HTTP/1.1
Host: d2punpeg7vtjci.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 6596
date: Fri, 03 Feb 2023 09:46:49 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
last-modified: Tue, 23 Jun 2020 20:06:47 GMT
etag: "19c4-5a8c5e62e9d0a"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4a3UU9K5qH57nraaS0uSfViLJCCow-p68u4kIYS29xVSd5NycX-SqQ==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b199e3b64157d8fdfa0933369326c8d6
f4e01c9fd4736f95dd692678574024b3a6380027
b581f276514bc3a3caf84ffc400b4fadcd7af34cd3a5e317d272b665678e9157
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B581F276514BC3A3CAF84FFC400B4FADCD7AF34CD3A5E317D272B665678E9157"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Fri, 03 Feb 2023 15:46:10 GMT
Date: Fri, 03 Feb 2023 09:46:49 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c7554db6cf61d603e94af4f5b511f3c2
ed1245d8bc6e83825b364464c6769b09ecfe5f6b
818c78fac7d2c296344a151a142866224fab2ff8df17837b5b491fc322a6e30e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=136580
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:46:49 GMT
Etag: "63dc4a8d-1d7"
Expires: Sat, 04 Feb 2023 23:43:09 GMT
Last-Modified: Thu, 02 Feb 2023 23:43:09 GMT
Server: nginx
Content-Length: 471
cbldc.io/public/external/t2.php?t=1675417639309&u=1&d=cbldc.io
81.171.28.46200 OK 523 B URL HTTP/2 cbldc.io/public/external/t2.php?t=1675417639309&u=1&d=cbldc.io
IP 81.171.28.46:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (523), with no line terminators
Hash 2e8d03212b7656669a10c8b21d22e588
929c557eee390a8646ce547540f92c65c1e67a35
7022bcffc331ccb564f5476c304767c15a4052a7dfae2a71517437195d9ceaf4
GET /public/external/t2.php?t=1675417639309&u=1&d=cbldc.io HTTP/1.1
Host: cbldc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
content-length: 523
content-type: text/html; charset=utf-8
date: Fri, 03 Feb 2023 09:46:48 GMT
server: Cowboy
set-cookie: sid=ae17ae92-a3a7-11ed-9c04-3ccbfa382445; path=/; domain=.cbldc.io; expires=Wed, 21 Feb 2091 13:00:56 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 46426007c28608fc69283bbec676c8f3
f8525195c15bcb1246e3963a862a5be9309ab5ac
9109ce680203cfd031f011878f80976dbd8ab9cd223625e1ff0907038fa98289
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=129710
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:46:49 GMT
Etag: "63dc2fb7-1d7"
Expires: Sat, 04 Feb 2023 21:48:39 GMT
Last-Modified: Thu, 02 Feb 2023 21:48:39 GMT
Server: nginx
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8646533f909f2f57226b9b6ea5451cda
771c0cebaffb3b2a8b345bb4df21673a089880bc
9d013109c79deabe3f1ef0eed6938f1e701de7fd08ba5bb5aeb8a23dbec877d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D013109C79DEABE3F1EF0EED6938F1E701DE7FD08BA5BB5AEB8A23DBEC877D6"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1952
Expires: Fri, 03 Feb 2023 10:19:21 GMT
Date: Fri, 03 Feb 2023 09:46:49 GMT
Connection: keep-alive
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
54.230.245.23200 OK 72 kB URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 54.230.245.23:0
File type Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Hash e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
GET /assets/landing_pages/font-awesome-4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://filezone.info
Connection: keep-alive
Referer: https://d13pxqgp3ixdbh.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 71896
date: Fri, 03 Feb 2023 09:46:50 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 30 Jan 2017 06:33:56 GMT
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oQx2L4x6ZoMGDu957wqLI4lveTbnly_D4jocw_Jpgvn9y4332FbH1g==
X-Firefox-Spdy: h2
d2bb5k76l7oivo.cloudfront.net/4276d85.js
143.204.42.223200 OK 14 kB URL HTTP/2 d2bb5k76l7oivo.cloudfront.net/4276d85.js
IP 143.204.42.223:0
Hash cdac6ee5e2dce81d44e51803fba16afe
ef2338368efc761f1c8e3ba7699f9f5589a3cb11
f9a7c53007fe650953b592db55179e5654a253e5b9b97b228eed22fc48421ef4
GET /4276d85.js HTTP/1.1
Host: d2bb5k76l7oivo.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 21:50:46 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 03 Feb 2023 09:35:15 GMT
etag: W/"8ab72c4473621e1b30a24ec89af90bcf"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rfnV5ys1FnOjnoT-sJU3Q5Cdy07dYzBrzUNFjfjOBAito6ChX0jnsg==
age: 1284
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7651
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:46:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7651
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:46:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02123eef9faa8560ff66b058d4e13a28
decf26282993d7f0b14cf4112d14fa39c97fa89f
28889ff20f1b2fe0b73f8f97e6569f1d68d77fe436eeb47cc06ee4f0822ff239
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9130
x-amzn-requestid: 09ad3fbb-1e71-4455-82df-6e59f65239a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuxiYEkqIAMFVZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2fa8-1dca116e4317f9bd14f6d45a;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:48:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Bc2svrG-wX63DK9RPUyjh-n6AHVHaQe3QRmEL27L-amwCH2I_f_9g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:38 GMT
age: 42551
etag: "decf26282993d7f0b14cf4112d14fa39c97fa89f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5314f1087266189144982b464f4aa7a6
438b5a17b9060f6825331348aa3797ab1c15895d
fb7d5ec834d28c99f6430703c002c24a9caf50b7701a369cbd69e51576f1e73c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5898
x-amzn-requestid: 50d6181d-6804-48ab-bc38-9fcaf4da1bc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fZALWF5IIAMFv5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d37a48-2e2e53124ce2f9eb31290ec4;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:16:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9Jus6UYlOGiDdqLBxJ387FMtEAST6THfW-oz6gjgFzKzchCdwUCcvQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:09:26 GMT
age: 20243
etag: "438b5a17b9060f6825331348aa3797ab1c15895d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff49ad64-ed0c-4270-8972-02b93a55c3b8.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff49ad64-ed0c-4270-8972-02b93a55c3b8.jpeg
IP 34.120.237.76:0
Hash 064b821eb0b1fa1ebb641ea5da47a050
675a6556ccd48b906ee65b52038b69b58e31a658
eefd99df5104f5326f1b2b2962d40e7ede7db43744942919fd7dab7ee2180590
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff49ad64-ed0c-4270-8972-02b93a55c3b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12514
x-amzn-requestid: e5e536fd-15ec-4a9f-a678-c24e6202d0f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_y3HRSoAMFxUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379ab-5137ec566a8ccb4a3628e17a;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:13:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KvaWZ_Re1oRbOGg3MDxp5BKPCMAzYqCfVo4n3rf67ppjVO9Pmey4wg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:56:23 GMT
age: 42626
etag: "058dc594601de546ae391ffa47269b404fee0f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 43128
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 703c7834618fd34f3d7ce5c82a51abc0
4bdaa7e9e8d6408b73ea457e7aabb26fa2a5c81c
1f467ce5825e3f8b8f841293d1ce945dc7a577abbe2cb8a2caa16ace165f4857
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3385
x-amzn-requestid: 30717e1a-7a08-4b11-90e7-cd175aa667d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzrEo4oAMF1qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce4-3bc1302b4cf47fa2520e3033;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: M1ueeOY5WmuJwPyf4dPvRrjQfTU5d2G-2T3_6fLfTI4UTjuxZ-U4ow==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:44:46 GMT
age: 43323
etag: "4bdaa7e9e8d6408b73ea457e7aabb26fa2a5c81c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gHFZOsR12RXKLYytleVlHWCs7d46CwnTF0m0xgCPer5wu6SwAliKkA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:44:50 GMT
age: 43319
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e83bbae573a90c3bdaeca9436c07b0e2
de15463d1a2b0b9afdab9ecea825f5f274f31061
8d64a57dfacedb3a0802c3e3eace0857af7f9d1ccb07be396408809929ce2d1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D64A57DFACEDB3A0802C3E3EACE0857AF7F9D1CCB07BE396408809929CE2D1E"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Fri, 03 Feb 2023 15:46:28 GMT
Date: Fri, 03 Feb 2023 09:46:49 GMT
Connection: keep-alive
cpbldi.com/public/external/t2.php?t=1675417639308&u=1&d=cpbldi.com
103.224.212.230302 Found 0 B URL HTTP/1.1 cpbldi.com/public/external/t2.php?t=1675417639308&u=1&d=cpbldi.com
IP 103.224.212.230:0
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /public/external/t2.php?t=1675417639308&u=1&d=cpbldi.com HTTP/1.1
Host: cpbldi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
date: Fri, 03 Feb 2023 09:46:49 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1675417609.4668230; expires=Mon, 31-Jan-2033 09:46:49 GMT; Max-Age=315360000
location: http://ww38.cpbldi.com/public/external/t2.php?t=1675417639308&u=1&d=cpbldi.com&subid1=20230203-2046-49ee-bfd1-b8ceb2f3a646
content-length: 0
content-type: text/html; charset=UTF-8
connection: close
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/favicon.png
54.230.245.23200 OK 6.3 kB URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/favicon.png
IP 54.230.245.23:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c4c994a64788e9479a6942c29df5534f
28829b7fe846efa2a104b20556b462d90f431f87
1f062bf37d97b44c76632f0ff53a1e276230bdae8bdfa8e5f07427712fbeeb5e
GET /assets/landing_pages/blue_file/favicon.png HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 6267
last-modified: Mon, 30 Jan 2017 06:33:55 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 08:00:14 GMT
etag: "c4c994a64788e9479a6942c29df5534f"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fnjoEt5iRLK13HKx4X7QRSuwk5l0_l-5KlAyNgjjqx3nHfNrRL698Q==
age: 39085
X-Firefox-Spdy: h2
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/file_type_icons/32px/_blank.png
54.230.245.23200 OK 446 B URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/file_type_icons/32px/_blank.png
IP 54.230.245.23:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c75136279d9c08719d64b2f5f1ff25e
4943b843927ac821cfaa07a783530d3b73d00a48
ca588a8634c83bbe757ef2d3fb76c8fc33021cdbce86d7c894a15df4053d4534
GET /assets/landing_pages/file_type_icons/32px/_blank.png HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 446
last-modified: Mon, 30 Jan 2017 06:33:56 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 07:17:54 GMT
etag: "0c75136279d9c08719d64b2f5f1ff25e"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lcDdJbcWpbSIySm3Bd3Wo95EDDof0jDah0DLVzv57eduCVLrbe6nnw==
age: 8937
X-Firefox-Spdy: h2
d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/wpro.svg
54.230.245.23200 OK 4.5 kB URL HTTP/2 d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/blue_file/wpro.svg
IP 54.230.245.23:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash d66fd927908393ee32cd604af04c1d0e
da4580ffffc3278387d81b1ce38fc77876af1bcb
abfb6b10645bd30b7c852836129193d3812edc1a99ac892f075b8f67491f38af
GET /assets/landing_pages/blue_file/wpro.svg HTTP/1.1
Host: d13pxqgp3ixdbh.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4516
last-modified: Mon, 30 Jan 2017 06:33:55 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:46:50 GMT
etag: "d66fd927908393ee32cd604af04c1d0e"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hPFIKgG9m_zSsBvilfoNrUwDBcM280EdNr4DplJJ2vzJrNPXvfrw3w==
age: 1241
X-Firefox-Spdy: h2
bitsc.io/public/external/t2.php?t=1675417639309&u=1&d=bitsc.io
67.225.218.22302 Found 189 B URL HTTP/2 bitsc.io/public/external/t2.php?t=1675417639309&u=1&d=bitsc.io
IP 67.225.218.22:0
File type ASCII text, with CRLF line terminators
Hash 8bcda541f3a5b81841bce988ad600955
7fd59509f8ccbe3822d70533d66bf12e3ad6c3c4
183f8333f5c0b0fc576d1cd1f1d1150cffc87c335c1cdd2b58c89aa1e05c3a17
GET /public/external/t2.php?t=1675417639309&u=1&d=bitsc.io HTTP/1.1
Host: bitsc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
content-type: text/html; charset=UTF-8
date: Fri, 03 Feb 2023 09:46:49 GMT
location: http://ww7.bitsc.io/public/external/t2.php?t=1675417639309&u=1&d=bitsc.io
x-powered-by: PHP/5.4.16
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:46:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww38.cpbldi.com/public/external/t2.php?t=1675417639308&u=1&d=cpbldi.com&subid1=20230203-2046-49ee-bfd1-b8ceb2f3a646
76.223.26.96200 OK 7.4 kB URL HTTP/1.1 ww38.cpbldi.com/public/external/t2.php?t=1675417639308&u=1&d=cpbldi.com&subid1=20230203-2046-49ee-bfd1-b8ceb2f3a646
IP 76.223.26.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2606)
Hash 5216ef06c94d48f8b62f272067719424
2c9514a1c09db36be12cfce36ad3bb13cd9de667
39d40b9089283d78e19acaf45ff4bdadaf20419de52f74386e8ce83c87f62055
GET /public/external/t2.php?t=1675417639308&u=1&d=cpbldi.com&subid1=20230203-2046-49ee-bfd1-b8ceb2f3a646 HTTP/1.1
Host: ww38.cpbldi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:46:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_WJrzMA+bvsmBx9RqsOhepqk8iKfZYl3+9/TA91gJVhmRwp9xpPGeu6jIJtpEjFYXPU6v8cQNBD5DlDalH4BlGg==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
bitclinks.com/public/external/t2.php?t=1675417639307&u=1&d=bitclinks.com
91.195.240.117200 OK 27 kB URL HTTP/2 bitclinks.com/public/external/t2.php?t=1675417639307&u=1&d=bitclinks.com
IP 91.195.240.117:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9770)
Hash 4dfa587257aaf244b45a9f87e8410f8d
1482f82f41441dac87aa69a23fad860675b0db69
9fdc018ee03e39f8c235fe0c40981358cec6c95d8aa34a4c421a7568ff65f6af
GET /public/external/t2.php?t=1675417639307&u=1&d=bitclinks.com HTTP/1.1
Host: bitclinks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 03 Feb 2023 09:46:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 03 Feb 2023 09:46:49 GMT
pragma: no-cache
server: NginX
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_0c+lPdieTeBT1CiaFCxS2Rso+vczwWXa9cZUiMsFQp1/AUb15mQE3KwsFBxgXH6X8ucuH5FJMZwXIgs4a2F2FA==
x-cache-miss-from: parking-b748cdcd8-qdwpw
x-powered-by: PHP/8.1.9
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:46:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1xkyo9j4r7vnn.cloudfront.net/public/external/t2.php?t=1675417639307&u=1&d=d1xkyo9j4r7vnn.cloudfront.net
143.204.42.191200 OK 197 B URL HTTP/2 d1xkyo9j4r7vnn.cloudfront.net/public/external/t2.php?t=1675417639307&u=1&d=d1xkyo9j4r7vnn.cloudfront.net
IP 143.204.42.191:0
File type ASCII text, with CRLF line terminators
Hash 8bfb9d5d86b6deecbcdc24903eab5bb6
773dccc44f76bab15a17fc6f8f80e186546ed474
0e30d1ac704bf3a92f408222a5419b9453cd2b64ca78fdae10dd7760a6191f10
GET /public/external/t2.php?t=1675417639307&u=1&d=d1xkyo9j4r7vnn.cloudfront.net HTTP/1.1
Host: d1xkyo9j4r7vnn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 197
date: Fri, 03 Feb 2023 09:46:50 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sEye-s1LBcv-oIeipdExzjBDQgWwCJdba964337vfm9xiFtvSEULzw==
X-Firefox-Spdy: h2
d2punpeg7vtjci.cloudfront.net/public/guid?cpguid=26t11mmen&e=ll&t=1675417640265
54.230.245.201200 OK 0 B URL HTTP/2 d2punpeg7vtjci.cloudfront.net/public/guid?cpguid=26t11mmen&e=ll&t=1675417640265
IP 54.230.245.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /public/guid?cpguid=26t11mmen&e=ll&t=1675417640265 HTTP/1.1
Host: d2punpeg7vtjci.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 03 Feb 2023 09:46:50 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gMpAm19QvyuIFFPEWZbyU-oIhpd--zXAj0HIxZPoDflDodSUWEnXUw==
X-Firefox-Spdy: h2
d2punpeg7vtjci.cloudfront.net/public/clockers/PrimeApps/css.css
54.230.245.201200 OK 1.0 kB URL HTTP/2 d2punpeg7vtjci.cloudfront.net/public/clockers/PrimeApps/css.css
IP 54.230.245.201:0
File type ASCII text, with CRLF line terminators
Hash 683a185465436634825046815ac5a2d2
dd9a216245afb09ebc5098aa44374ee8ef51d3dd
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
GET /public/clockers/PrimeApps/css.css HTTP/1.1
Host: d2punpeg7vtjci.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1010
date: Fri, 03 Feb 2023 09:46:50 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
last-modified: Fri, 10 Apr 2020 22:29:00 GMT
etag: "3f2-5a2f7428ae907"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rlAr6P03dWhmtExkCORIiP2DgNX5Gny7ErEiuYJp9NIVfYXdPPYf7g==
X-Firefox-Spdy: h2
ww7.bitsc.io/public/external/t2.php?t=1675417639309&u=1&d=bitsc.io
199.59.243.222200 OK 705 B URL HTTP/1.1 ww7.bitsc.io/public/external/t2.php?t=1675417639309&u=1&d=bitsc.io
IP 199.59.243.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (915), with no line terminators
Hash 5ae780ebe80953a7b659fb19dc2ee3de
8070fc0a223c1d38c94eb62fcb828d7aafee62cf
30fd475805d60d4f89d166bde10b11b41e3db15926d37b6c38283eef4a009a53
GET /public/external/t2.php?t=1675417639309&u=1&d=bitsc.io HTTP/1.1
Host: ww7.bitsc.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 03 Feb 2023 09:46:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=cfedf6df-a44e-0d75-cd26-11ba1329a6b2; expires=Fri, 03-Feb-2023 10:01:51 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_X+DUPZmZqZYMcgrP+ZubMlDBgBtGCAN4yWTA5Ye+L1cmpIDRq9PU91Ax0WqRZPAthfvtC2BKiwMiV1/Trh3+ag==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
d1xkyo9j4r7vnn.cloudfront.net/public/api/t3.php?t=1675417642253&d=cldoffers.net,d13nu0oomnx5ti.cloudfront.net,d1xkyo9j4r7vnn.cloudfront.net&d2=d1xkyo9j4r7vnn.cloudfront.net,bitclinks.com,dwnlds.co,nextkon.com,ifreecards.com,cpbldi.com,cpbild.co,cpbitsl.com,cldoffers.net,bitsc.io,cbldc.io,cpbld.co,d13nu0oomnx5ti.cloudfront.net
143.204.42.191200 OK 21 B URL HTTP/2 d1xkyo9j4r7vnn.cloudfront.net/public/api/t3.php?t=1675417642253&d=cldoffers.net,d13nu0oomnx5ti.cloudfront.net,d1xkyo9j4r7vnn.cloudfront.net&d2=d1xkyo9j4r7vnn.cloudfront.net,bitclinks.com,dwnlds.co,nextkon.com,ifreecards.com,cpbldi.com,cpbild.co,cpbitsl.com,cldoffers.net,bitsc.io,cbldc.io,cpbld.co,d13nu0oomnx5ti.cloudfront.net
IP 143.204.42.191:0
File type ASCII text, with CRLF line terminators
Hash ae5bf8a1fd5fdf4082fd5561b171841a
115fc7643e38a3c3e8e573ce4958610b9f3286dd
60b568908ea72eb6315a60ab1154af061e321e74eae94eb76449b3c5de2913e9
GET /public/api/t3.php?t=1675417642253&d=cldoffers.net,d13nu0oomnx5ti.cloudfront.net,d1xkyo9j4r7vnn.cloudfront.net&d2=d1xkyo9j4r7vnn.cloudfront.net,bitclinks.com,dwnlds.co,nextkon.com,ifreecards.com,cpbldi.com,cpbild.co,cpbitsl.com,cldoffers.net,bitsc.io,cbldc.io,cpbld.co,d13nu0oomnx5ti.cloudfront.net HTTP/1.1
Host: d1xkyo9j4r7vnn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 21
date: Fri, 03 Feb 2023 09:46:52 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: u4GL7sM04TuxIt7BwNisD4FyvvUDkZjhi9HIhg0zEvr_LFzYH2V8XA==
X-Firefox-Spdy: h2
d2punpeg7vtjci.cloudfront.net/public/external/check.php?it=3405710&time=1675417643029
54.230.245.201200 OK 78 B URL HTTP/2 d2punpeg7vtjci.cloudfront.net/public/external/check.php?it=3405710&time=1675417643029
IP 54.230.245.201:0
Hash 37ebc78db9bc22d4c972c5961163070c
865e3671f7e86b52d2f7b006b95ec7799a187572
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
GET /public/external/check.php?it=3405710&time=1675417643029 HTTP/1.1
Host: d2punpeg7vtjci.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 78
date: Fri, 03 Feb 2023 09:46:53 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mGdHxymV5M8XsD15s2O6YvrEKx4a9Pd7UrkTAatytgdJoEBT4Ou50Q==
X-Firefox-Spdy: h2
cldoffers.net/public/external/t.js
188.114.97.1200 OK 0 B URL HTTP/2 cldoffers.net/public/external/t.js
IP 188.114.97.1:0
Analyzer Verdict Alert fortinet Phishing
GET /public/external/t.js HTTP/1.1
Host: cldoffers.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 09:46:48 GMT
content-type: application/javascript
last-modified: Tue, 21 Jul 2020 08:43:38 GMT
etag: W/"696-5aaef9ea142f5"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRYGejoX7pV2B9oscCw7RjA77yo%2BOV%2B0ZrNaKPTA%2BPCGMKVeSCqJpdS0qev6mUMzMCu4IRXguLgmqjUd8oscuQpIwqzwAT0V%2BjuKMXJ%2Fm6vQxHMCMAeS2uBb64jhZVve"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793a3dd5ecbcb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d2punpeg7vtjci.cloudfront.net/public/external/v2/html.3405710.3d580.0.js
54.230.245.201200 OK 0 B URL HTTP/2 d2punpeg7vtjci.cloudfront.net/public/external/v2/html.3405710.3d580.0.js
IP 54.230.245.201:0
GET /public/external/v2/html.3405710.3d580.0.js HTTP/1.1
Host: d2punpeg7vtjci.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 03 Feb 2023 09:46:50 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YRdYyGgqBhj6V7_8hlRjERdiZtEPnh4T6bwSj-wEE5mYVAiYjtbGqA==
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:300,400,700|Roboto:100,400|Ubuntu:400,500,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:300,400,700|Roboto:100,400|Ubuntu:400,500,700
IP 142.250.74.106:0
GET /css?family=Lato:300,400,700|Roboto:100,400|Ubuntu:400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 09:46:48 GMT
date: Fri, 03 Feb 2023 09:46:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2