crystal-blocker.com/
104.21.79.157200 OK 2.0 kB IP 104.21.79.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5796), with no line terminators
Hash eeb4d2677551d0946d32a27e049eb7a5
e88b2e3e37c05c0c2dff22b9c21230c9ad4265c6
447e16164b17ce5ce024d2e11de1dd7afdcab78dadab13df33409466361e0944
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yhC%2BdgbILVoLCpNMZpPWQKt0ueNP2S%2BhK%2FTUh4Y2Jm7OI3U2VlzDyvj96eoEKljHSPMmD%2BwoBHC2ozkQVt6l83kpvkFEpUnvvo7iHEfMhcsDGKeBM56kR%2Bgg8sCySyBsqcJlZgx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7461a5e0d89bfab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3716
Expires: Mon, 05 Sep 2022 21:19:18 GMT
Date: Mon, 05 Sep 2022 20:17:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 19:44:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Et4cst05muiHP3woFya3WseDaSA177YCjdtwFkRVifpHUSsTqCgx5A==
Age: 1945
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RaKjKbUwyUn1IoX7nVXmPF6MiI4ITv4WmwT4HMDwpnUVIX8YJFAukQ==
age: 68525
X-Firefox-Spdy: h2
crystal-blocker.com/assets/css/crb-home.d303c3bf7be95e8c0998.css
104.21.79.157200 OK 1.8 kB URL HTTP/1.1 crystal-blocker.com/assets/css/crb-home.d303c3bf7be95e8c0998.css
IP 104.21.79.157:0
File type ASCII text, with very long lines (6210)
Hash 2523fdcdce805e587f3a5e73af9e6364
c144026ce8937bad947c35059c87da5596bb4a6b
46d472012398a0d0678782c4337ccf0a0158bb592f47138d3afe74f1ffd021d8
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/crb-home.d303c3bf7be95e8c0998.css HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crystal-blocker.com/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: text/css; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7461a5e34a7bfab4-OSL
Age: 16753
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ftzrwRaX8h%2B6vKEda%2BAmJx6H65H4xKfm0Eqoo0vdhQc2lVtFJwW9IEd3MTx7pJQwk%2Fv4k3yam5JLLBh5drdiZ8SXhZOqgakcCfgkk7lLwQzgrP47HBCLn5wY1k1zyPDVk6wopH8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
crystal-blocker.com/assets/js/vendors.f767109d6b92982db992.js
104.21.79.157200 OK 33 kB URL HTTP/1.1 crystal-blocker.com/assets/js/vendors.f767109d6b92982db992.js
IP 104.21.79.157:0
File type Unicode text, UTF-8 text, with very long lines (65448)
Hash 21ef8c24a2bfe872b37d9c0884eede6c
4a5aa86377091dbf3bf906c4ec107f002046b398
64587de8bed141e939b6d0d8aa2e1b406e3afe5838a301f946c4bcdaa430c130
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/js/vendors.f767109d6b92982db992.js HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crystal-blocker.com/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7461a5e35eb9b4e8-OSL
Age: 105837
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVuCljRK1VRPBVPopFQ%2BsquXA0nq%2FbPlzCPxtMvGaAtCDmzeMpEOHWHTmLiC2ptXsppQM8m0ViQsjRv3McSIzGrEp0cjXiyj9NpInT%2Bt%2B3raS%2FDRxuv9qJuGDgLKK3XpHVrJizof"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 20:17:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
crystal-blocker.com/assets/js/runtime.8c6c5b164346b79aab2e.js
104.21.79.157200 OK 918 B URL HTTP/1.1 crystal-blocker.com/assets/js/runtime.8c6c5b164346b79aab2e.js
IP 104.21.79.157:0
File type ASCII text, with very long lines (1710), with no line terminators
Hash 9ea25ecef7d2b53353e734d8fc90b5fd
df8e71596b55ef25584c61f6065770a07bed66cf
09ecbe69036e0bef9d9a2d23f32053aba3257c65428bbb74ca60b3801d69919d
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/js/runtime.8c6c5b164346b79aab2e.js HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crystal-blocker.com/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7461a5e359550b59-OSL
Age: 105837
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pcjP0sOZWA80ZwUC%2Ble9ZE6KfCO%2FgRKuxVwbxQEdSDtFOAjEFfSXolRSofxOLleKMSk0GZ2Xv%2FfuW7bGueF2HxwlFqKHDmL4RaQC%2FtQOnnnzavEfO1hThFiMrH6UeVK0%2FkZaKHU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
crystal-blocker.com/assets/js/home.a2bce6f4ec5f863b2c5d.js
104.21.79.157200 OK 5.9 kB URL HTTP/1.1 crystal-blocker.com/assets/js/home.a2bce6f4ec5f863b2c5d.js
IP 104.21.79.157:0
File type ASCII text, with very long lines (16791), with no line terminators
Hash ed63eb74a1c16e8acc803deada6bf7d1
9dea04242771f21af2f80ec7db56d19c4d477add
ce11f3c15da158edb02037cf042673ecc29e87a47493435dfda5cd878399cc0a
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/js/home.a2bce6f4ec5f863b2c5d.js HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crystal-blocker.com/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7461a5e35c4f1c0a-OSL
Age: 104150
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giSZnlIXyIYVoZODuqPrEE1HaBRpd9dzgyLlwSUuTqePCrGnr%2BbbT2EZzw3BqRA82uv8DAep5KOd3rF1z7qJ5FTOilL1C63M1AbM0AfRBtgaeXI%2Bl7bbpYgBkZTvhf5bB8B4%2Bc7g"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 20:17:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
crystal-blocker.com/assets/media/7ab05ca025ab63a5e68131bc5f81f9ce.svg
104.21.79.157200 OK 1.2 kB URL HTTP/1.1 crystal-blocker.com/assets/media/7ab05ca025ab63a5e68131bc5f81f9ce.svg
IP 104.21.79.157:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1082)
Hash df23de56683ad49e459371743a457af2
5fbd1529edaad22e0f4592fcdfd7c839a814dcf2
d180e58227cc77860dbcda6218fafbbb44043564cb742347243303638b9c4c13
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/media/7ab05ca025ab63a5e68131bc5f81f9ce.svg HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crystal-blocker.com/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7461a5e41fc1b4e8-OSL
Age: 104150
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oft2dcu9olNM7vzNH%2FE1GtOQ%2FpL63Ej6b5Xq2%2FmnPm7PaUHKo51mz50%2FRk%2BVobQA4Q0%2F0%2BVZDp%2FLkm1HQM5GbtAu%2BSRBoyeJsRMePQJDCjQL0HsuOCGnV8G1Zzjx73UXwqkUF1pL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
crystal-blocker.com/assets/media/bc18d8f4758d51184bfdd85f7357b9a3.svg
104.21.79.157200 OK 1.3 kB URL HTTP/1.1 crystal-blocker.com/assets/media/bc18d8f4758d51184bfdd85f7357b9a3.svg
IP 104.21.79.157:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (837)
Hash 00332cc7d17d0e81f7cc4c745872adf9
5de580fddbaaabf6023efd58fb51e25433a7679b
2bc83263841bd6730ee4ba43236b062101d149c037f1e09bbc31a670e25e2dab
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/media/bc18d8f4758d51184bfdd85f7357b9a3.svg HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crystal-blocker.com/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7461a5e41a520b59-OSL
Age: 104150
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eloM5K3l4PSP9TtJUcFAHtOm%2B7fajLsBm339vprxr1gNzFOJL4leiGQjJ3YcFK9UL3pdH5WEv6PNMWh1D%2F8cYfeZm19TGMlL8YZ6lb1pvpEACIEu8%2B4aGVnswntywrrMqUCLcnS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
crystal-blocker.com/assets/media/56b706933fc084a3c96ead1131e9d369.svg
104.21.79.157200 OK 2.3 kB URL HTTP/1.1 crystal-blocker.com/assets/media/56b706933fc084a3c96ead1131e9d369.svg
IP 104.21.79.157:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (831)
Hash f6f8ce09e1ac7c4fe5dd58c8eb5a42bb
e886a71d25a7bab9d48eaa2269781a848f93f568
3c06aca52b7d309c30d200f7f9a40193da9df47f797dbe1f8f380422081bf69c
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/media/56b706933fc084a3c96ead1131e9d369.svg HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crystal-blocker.com/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7461a5e41b40fab4-OSL
Age: 105072
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiC%2BcvaxyG2XfOeWLQ%2BMnbIW3HumQ8MzDkUX%2FAQ1a1lu%2BhXj2zKJBeIVKIHWuZcZPnrCxuxiPSQTPSKLjc5riNvi8wsqvE6bbbgKXD9XNU8fI3Y48Am9m74SGolncS4H6O6VyWmN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
crystal-blocker.com/assets/media/d7d4e8b56191dbb312411526be9dc4ce.svg
104.21.79.157200 OK 1.8 kB URL HTTP/1.1 crystal-blocker.com/assets/media/d7d4e8b56191dbb312411526be9dc4ce.svg
IP 104.21.79.157:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2095)
Hash ca5449c96512039d0c3f3c3dbcff6acf
0425910d41508e9d6e145675e5c249ea3405fe80
a24a709b43c40cb5ab8d145a109434488c0148cd2f1ca18b3a9795727c3c5775
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/media/d7d4e8b56191dbb312411526be9dc4ce.svg HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crystal-blocker.com/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7461a5e41d311c0a-OSL
Age: 104150
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvKK6FSQojabUlTaL78bYbY%2FgKkFYgwF7dJS2V%2BeSz8%2BETEkIlIlFdf0hFGMYprhYCB9yQ2hQUq6p0QjOEMKGvgQ9deoG69FpBY2CsG7zmffS8DB9tSDBRkHYRSjMGeU3qUX6hCT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
crystal-blocker.com/assets/media/303cbcad896fb6361c2574fc511f4fb4.png
104.21.79.157200 OK 606 kB URL HTTP/1.1 crystal-blocker.com/assets/media/303cbcad896fb6361c2574fc511f4fb4.png
IP 104.21.79.157:0
File type PNG image data, 2305 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 606 kB (605782 bytes)
Hash 83f963888aa3e127af1518faee9cce5d
11b29a56d6fd1472440bd56f7c3d2bf804ca2f08
e43d72064c5694542683360c1e19afd98e9e93ce138f35eee2141433624b9d46
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/media/303cbcad896fb6361c2574fc511f4fb4.png HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crystal-blocker.com/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: image/png
Content-Length: 605782
Connection: keep-alive
CF-Ray: 7461a5e43ff5b4e8-OSL
Accept-Ranges: bytes
Age: 104150
Cache-Control: max-age=2592000
ETag: assets/media/303cbcad896fb6361c2574fc511f4fb4.12f6e97b94.png
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaCMc9f3m%2B0Z2mW8RiF7qoBByEaf7rfMhzZCoEo1lfBXCVz52drZwGgm%2FBjXCEwG8wL0LskijrnHiV%2BmQKhbkiXUNTiieX2AV%2FdYShSseY%2FU8gOxcX3sDnii8d5Z5LWjaHOpt72B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h2=":443"; ma=60
crystal-blocker.com/assets/media/27349af978f5991fe7fcf1cec71b57df.svg
104.21.79.157200 OK 1.3 kB URL HTTP/1.1 crystal-blocker.com/assets/media/27349af978f5991fe7fcf1cec71b57df.svg
IP 104.21.79.157:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (839)
Hash 790595d62881d955e2817bccb3e4756c
d60dfeb39a596d4e8f9642894c8b2e7adfb988ce
1b418fab41e5bb0991c2986dd0e5874261671a2d06d62e3b7688d949a0a8de95
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/media/27349af978f5991fe7fcf1cec71b57df.svg HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crystal-blocker.com/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7461a5e43a6f0b59-OSL
Age: 104150
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEk9DPFZpH2t87uXm1r%2Bvc0pkaXn789pLUHlaZKIIQEkjAT6X274hPImaIP9lTVE3EQvN1MVOHWycuL5wcM3%2Fp6jhCmnxLeVBu98LLAWBqmLVVeFBViXxwmtpGYDUOZggqW8ODK0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css2?family=Roboto&display=swap
142.250.74.10200 OK 995 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto&display=swap
IP 142.250.74.10:0
Hash 615c671641eba0ae8a5b03493fd3fde3
b504b9f52fbb86412fb5764390d2e5278ac20061
c9efe7a7161d18b2ee1f44f40114bdd94e9ae346b47d44dc67fc98feaf1158d5
GET /css2?family=Roboto&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crystal-blocker.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 20:17:22 GMT
date: Mon, 05 Sep 2022 20:17:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
crystal-blocker.com/assets/media/deddcf701154302a2852f7d01e10dac5.png
104.21.79.157200 OK 218 kB URL HTTP/1.1 crystal-blocker.com/assets/media/deddcf701154302a2852f7d01e10dac5.png
IP 104.21.79.157:0
File type PNG image data, 678 x 393, 8-bit/color RGBA, non-interlaced\012- data
Size 218 kB (217986 bytes)
Hash 015355138fe1e5f3711298dde666c9ef
a424075ce7f0bca89b2255cd027290b8fab86368
e49c956795c261d9248fce2124c6c38d4de05299c5fd8451f8082a168fa54821
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/media/deddcf701154302a2852f7d01e10dac5.png HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crystal-blocker.com/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: image/png
Content-Length: 217986
Connection: keep-alive
CF-Ray: 7461a5e42b87b512-OSL
Accept-Ranges: bytes
Age: 104150
Cache-Control: max-age=2592000
ETag: assets/media/deddcf701154302a2852f7d01e10dac5.f76402aa01.png
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYJWkhCa8%2FppEfPWLDzaxyWydXvjNLO2eS204p3WygeWkVIji8Hkv19twjzRUjGEsB3js9CQjqnG7AnOcCyGeZ7CSYE77m7XusTOdPz%2FzGb1xy97b3sHk8dSwjNvriZpVkZaj5cm"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 20:17:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/quantico/v15/rax-HiSdp9cPL3KIF7xrJD0.woff2
142.250.74.163200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/quantico/v15/rax-HiSdp9cPL3KIF7xrJD0.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 5384, version 1.0\012- data
Hash 9b626017702a3f43af4052d4c2154dcf
9a21c3f3a89e056a3957fb271ba0dee66e44ddef
93e051a858871edb3ae5f429957710e1fd61737f138600b5f7bef481b06f8cf6
GET /s/quantico/v15/rax-HiSdp9cPL3KIF7xrJD0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://crystal-blocker.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 22:47:23 GMT
expires: Thu, 31 Aug 2023 22:47:23 GMT
cache-control: public, max-age=31536000
age: 422999
last-modified: Wed, 27 Apr 2022 15:37:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 20:17:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/quantico/v15/rax5HiSdp9cPL3KIF7TQAShdu08.woff2
142.250.74.163200 OK 5.4 kB URL HTTP/2 fonts.gstatic.com/s/quantico/v15/rax5HiSdp9cPL3KIF7TQAShdu08.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 5436, version 1.0\012- data
Hash e3190d514df1ee7be5ce8298d50f091b
942516b22878bbdcbfc391fb5124481d0412b1c0
87c8dc997480fca2cbc1dced6fe5c57ca1d762134028716adb41d14410fa3163
GET /s/quantico/v15/rax5HiSdp9cPL3KIF7TQAShdu08.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://crystal-blocker.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 21:29:59 GMT
expires: Thu, 31 Aug 2023 21:29:59 GMT
cache-control: public, max-age=31536000
age: 427643
last-modified: Wed, 27 Apr 2022 15:38:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0b9528d0aa584b0e7b8b95f31ec1c4ed
79afabc0856f6fb3c3e5a9f5675cb0a40ee08e54
2604edd5743acd1487c25665444019555a972492010c10bf3bd6aefeab4661eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 20:17:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
crystal-blocker.com/assets/images/crb.ico
104.21.79.157200 OK 14 kB URL HTTP/1.1 crystal-blocker.com/assets/images/crb.ico
IP 104.21.79.157:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 34b868fb7acae22feac4277cfd64d37a
ab973d8fcca6d2420a2edb6fa03041d69776e7c8
6a05230217b017e3b6481ebc2601fc735e84154971aa1d20a3bce9a080112f60
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/crb.ico HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crystal-blocker.com/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 7461a5e55989b4e8-OSL
Age: 104957
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6xJNOiXUpgfiMF99lr5fZDOqxqmmSL%2FIfes47Il2s43BeUFaCGVO8WJdsqJkrQs4rBf8Dkhdjy0pTha6V4m7SdiRcuRfwUC%2BEQHDOMTQvXW1CiJJxgQJocX8g2m8Bq%2BtzkvyutB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 05 Sep 2022 19:38:16 GMT
Expires: Mon, 05 Sep 2022 20:29:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: --eFwYrhIzScAs0NLTrc4LjimjIxzrqP0T-1zwiQQRMmfwlzcEahmg==
Age: 2347
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2490
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 20:17:23 GMT
Last-Modified: Mon, 05 Sep 2022 19:35:53 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.218.164.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.164.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dLNrxDyVAD1RATLF3k37qw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5dylcejVJqnhlhLDMKcUfBsHe50=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12091
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 20:17:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12091
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 20:17:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12091
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 20:17:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12091
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 20:17:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12091
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 20:17:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4b2d6a516e93799b54fe2bbd6630f86
b5a7380f294876dd308c7fde294f36a425c1be01
7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:06:16 GMT
age: 7868
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nqxzicnkQPrjStpPaMIZAukyjtUBQaXfuxWzIs77YGDyJmnirlMsxw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:54:51 GMT
age: 80553
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fpKQlxOtyRwaZk2FUf11J62jlqcAvXgOQT-ipFQm6qW-dMHyXaEnNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:49:31 GMT
age: 80873
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10318189f33f071dda64249ab9c8c5bb
e5b5b649a243e5c004d9923d19d4421d1ea96d23
3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwHErUIAMFmNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nJTKTh88iyFXAiPJ-tCCEbqBo3A1cuTj2gCbfHkaVZ1WcgMOTyFfVg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 23:06:26 GMT
age: 76258
etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fe061740ad833cfe7ff0fe078d6810d
15d0fc3fdced758b5797361bae0fd53341e0581d
5409b6775bca5afd03901975c61c27f267efe2c8a8e739f05ebc52a938c5a368
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5459
x-amzn-requestid: a75bf8a5-dc96-4a88-9de5-b79d1d62ff21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxB_bFMFoAMFkEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631049fc-2685c90962d8af5f4a7b5908;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 05:58:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YqgTII0TYwznz5DfHLFpfzTPh08akwJSWc3wIf-YpBgUrs84AYM2Yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:15:00 GMT
age: 79344
etag: "15d0fc3fdced758b5797361bae0fd53341e0581d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca50f9c56ff869b0b63ca71b1a9f8170
13b16ca74113dfd52ccf23e6bb39307fc713f984
76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14855
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjuGtpoAMFvvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M9Y8U9vqVs1ATiPP9jLPybTJ-xwC--5oiRUpj9-imTWfh6_rmtL5Kw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 14:38:13 GMT
age: 20351
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
crystal-blocker.com/assets/media/c2367138ed1f72424223aa2c72c08c35.png
104.21.79.157200 OK 0 B URL HTTP/1.1 crystal-blocker.com/assets/media/c2367138ed1f72424223aa2c72c08c35.png
IP 104.21.79.157:0
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/media/c2367138ed1f72424223aa2c72c08c35.png HTTP/1.1
Host: crystal-blocker.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crystal-blocker.com/
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:17:22 GMT
Content-Type: image/png
Content-Length: 96328
Connection: keep-alive
CF-Ray: 7461a5e42dbc0b4d-OSL
Accept-Ranges: bytes
Age: 104150
Cache-Control: max-age=2592000
ETag: assets/media/c2367138ed1f72424223aa2c72c08c35.23e205f3eb.png
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
CF-Cache-Status: HIT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATz0zwRv3yxXr3kmZzVu%2FT%2B%2BPuuw76dGpcDpsP70XVimHeRSYX11Zw9ncfBa0YxjKQJJgr0E1ZyRr6snYxu6FWIyWNKSiU53b22BVKegEfQ2EjUK0MroczVRuNkdw3wkNFopDfnt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css2?family=Quantico:wght@100;300;400;500;600;700;900&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Quantico:wght@100;300;400;500;600;700;900&display=swap
IP 142.250.74.10:0
GET /css2?family=Quantico:wght@100;300;400;500;600;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crystal-blocker.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 20:17:22 GMT
date: Mon, 05 Sep 2022 20:17:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2