urlquery - report: hfgfgf.d768.uu.wy5532.com/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	54.187.31.159
ocsp.pki.goog (7)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.131
dipaka-ead.com (3)	0	2022-10-31 13:23:43 UTC	2022-12-04 14:19:04 UTC	3.212.50.125	Unknown ranking
lifeimpressions.net (9)	129884	2019-03-15 10:42:27 UTC	2022-12-04 13:16:14 UTC	178.128.246.195
fonts.gstatic.com (2)	0	2014-09-09 00:40:21 UTC	2022-12-04 17:35:43 UTC	142.250.74.35	Domain (gstatic.com) ranked at: 540
7136f7.lifeimpressions.net (7)	0	No data	No data	178.128.246.195	Domain (lifeimpressions.net) ranked at: 129884
fonts.googleapis.com (1)	8877	2013-06-10 20:14:26 UTC	2022-12-04 17:40:10 UTC	142.250.74.106
hfgfgf.d768.uu.wy5532.com (3)	0	2022-12-04 23:54:24 UTC	2022-12-04 23:54:24 UTC	185.107.56.199	Unknown ranking
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-04 17:12:39 UTC	34.117.237.239
www.gstatic.com (2)	0	2016-07-26 09:37:06 UTC	2022-12-04 17:40:24 UTC	142.250.74.35	Domain (gstatic.com) ranked at: 540
www.googletagmanager.com (1)	75	2013-05-22 02:07:37 UTC	2022-12-04 17:53:11 UTC	142.250.74.168
region1.google-analytics.com (1)	0	2022-03-17 11:26:33 UTC	2022-12-04 17:12:05 UTC	216.239.32.36	Domain (google-analytics.com) ranked at: 8401
r3.o.lencr.org (7)	344	No data	No data	23.36.76.226
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
code.jquery.com (1)	634	2012-05-21 17:28:02 UTC	2020-04-21 12:46:20 UTC	69.16.175.42
ocsp2.globalsign.com (1)	1544	2012-05-23 18:10:04 UTC	2020-03-15 21:19:16 UTC	104.18.21.226
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-12-04 17:12:40 UTC	34.102.187.140
img-getpocket.cdn.mozilla.net (7)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
xml-v4.craftviking-2.co (1)	0	No data	No data	173.239.53.32	Unknown ranking

Scan Date	Severity	Indicator	Comment
2022-12-05	2	hfgfgf.d768.uu.wy5532.com/	Malware

Date	UQ / IDS / BL	URL	IP
2023-02-06 02:52:00 +0000	0 - 0 - 1	iuyuyt.54603.on.wy5532.com/	37.48.65.155
2023-02-05 21:36:47 +0000	0 - 0 - 1	lkljk.1be8d.gb.wy5532.com/	37.48.65.155
2023-02-05 07:35:52 +0000	0 - 0 - 2	kqmronhh.cn.wy5532.com/	37.48.65.155
2023-02-05 07:28:35 +0000	0 - 2 - 9	iccygqiq.wy5532.com/	37.48.65.155
2023-02-05 05:52:43 +0000	0 - 0 - 4	khjghg.1bf14.bl.wy5532.com/	37.48.65.155

Date	UQ / IDS / BL	URL	IP
2023-02-08 10:36:22 +0000	0 - 2 - 1	mondeodoslubu.cba.pl/js/bin.exe	95.211.144.68
2023-02-08 08:49:55 +0000	0 - 0 - 1	diahnnems.us/clif/admin.php	212.32.237.92
2023-02-08 08:25:48 +0000	0 - 0 - 1	civbooks.com/wp-includes/fonts/Ntflx.zip	81.171.28.43
2023-02-08 05:50:40 +0000	0 - 0 - 1	quantitivegoodsshop.com/usuivi/dhl/a1b2c3/d4a (...)	212.32.237.92
2023-02-08 05:50:29 +0000	0 - 0 - 1	lavewash.co/auth	212.32.237.92

Date	UQ / IDS / BL	URL	IP
2023-02-08 10:46:56 +0000	0 - 2 - 6	govyty.59b61.ev.wy5532.com/	185.107.56.198
2023-02-08 09:24:48 +0000	0 - 0 - 4	ooburdv.wy5532.com/	172.93.103.102
2023-02-08 08:43:17 +0000	0 - 2 - 7	lkljk.8c061.vo.wy5532.com/	172.93.103.102
2023-02-08 07:09:52 +0000	0 - 2 - 7	ehsudfr.gov.wy5532.com/	199.115.115.102
2023-02-08 06:33:13 +0000	0 - 0 - 1	8b23f.ymgjhj.wy5532.com/	185.107.56.197

Date	UQ / IDS / BL	URL	IP
2022-12-03 18:12:55 +0000	0 - 0 - 1	nbssxmst.wy5532.com/	37.48.65.150
2022-12-02 01:19:56 +0000	0 - 0 - 1	yty.4d724.pz.wy5532.com/	81.171.22.4
2022-11-29 07:58:26 +0000	0 - 0 - 7	mkkuei4kdsz.com/742/187.html	64.225.91.73
2022-10-09 22:31:05 +0000	0 - 0 - 3	final.blatnet.com/mtm/direct/.ejxtiksowjambe_ (...)	185.53.177.34
2022-10-08 16:09:55 +0000	0 - 0 - 1	price.pointbuysys.com/	81.171.22.6

Request	Response
GET / HTTP/1.1 Host: hfgfgf.d768.uu.wy5532.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: sid=e29c7250-7419-11ed-991c-24895ead6723; __gsas=ID=b1529138c7445ce1:T=1670198801:S=ALNI_MaPlLZrGE5-fHxmXhf5kR0Whrb9dw Upgrade-Insecure-Requests: 1	URL: hfgfgf.d768.uu.wy5532.com/ FQDN: hfgfgf.d768.uu.wy5532.com IP: 185.107.56.199 HASH: 760aab485191de2594b563d3a457a3196e211cc7fdc48b3858b80e933062a3da 185.107.56.199 HTTP/1.1 200 OK content-type: text/html; charset=utf-8 accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 486 date: Mon, 05 Dec 2022 00:14:21 GMT server: nginx --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (486), with no line terminators Size: 486 Md5: 8ec1239ff0e9e99222ff10c5a16238ce Sha1: ea41ca47f6c79e4d32beaa8e958754911cd6d76d Sha256: 760aab485191de2594b563d3a457a3196e211cc7fdc48b3858b80e933062a3da Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2634 Expires: Mon, 05 Dec 2022 00:58:16 GMT Date: Mon, 05 Dec 2022 00:14:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: cfec3d7283a9b66d2be426ce54d210f3 Sha1: 808c1feb1ba918951d1928c1f6bfc0c253262774 Sha256: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1388 Cache-Control: max-age=124803 Date: Mon, 05 Dec 2022 00:14:22 GMT Etag: "638c76f5-1d7" Expires: Tue, 06 Dec 2022 10:54:25 GMT Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fb2c0697c6d9a96a5411dd2952947458 Sha1: 79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4 Sha256: 3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9122 Expires: Mon, 05 Dec 2022 02:46:24 GMT Date: Mon, 05 Dec 2022 00:14:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ea206ac3c440825741687351f8c6e4e Sha1: 2f38dafd8c43dcce2411a0590bc5c02cd6286735 Sha256: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 04 Dec 2022 23:18:25 GMT cache-control: public,max-age=3600 age: 3357 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: y3q18wBmC60OjKQE0Z19JHkxaJG0P+/bCk9+DPBp9jYdaJzKbN0C5mER06Y7fQa/pTeMjznt0LsLE6OPuZT8kg== x-amz-request-id: TYYBB1G7T0Y39V6Y content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 04 Dec 2022 23:47:45 GMT age: 1597 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Mon, 05 Dec 2022 00:14:22 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /favicon.ico HTTP/1.1 Host: hfgfgf.d768.uu.wy5532.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://hfgfgf.d768.uu.wy5532.com/ Cookie: sid=e29c7250-7419-11ed-991c-24895ead6723; __gsas=ID=b1529138c7445ce1:T=1670198801:S=ALNI_MaPlLZrGE5-fHxmXhf5kR0Whrb9dw	URL: hfgfgf.d768.uu.wy5532.com/favicon.ico FQDN: hfgfgf.d768.uu.wy5532.com IP: 185.107.56.199 HASH: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9 185.107.56.199 HTTP/1.1 404 Not Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 9 date: Mon, 05 Dec 2022 00:14:21 GMT server: nginx --- Additional Info --- Magic: ASCII text, with no line terminators Size: 9 Md5: d8f4a1993546cc4b850cde3599e27aec Sha1: 094b763b4cfcc0b05e5d040581cd513c3ca08067 Sha256: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 05 Dec 2022 00:11:19 GMT cache-control: public,max-age=3600 age: 184 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1346 Cache-Control: max-age=119694 Date: Mon, 05 Dec 2022 00:14:23 GMT Etag: "638c632b-1d7" Expires: Tue, 06 Dec 2022 09:29:17 GMT Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 31b129c94a90b1e695b21395cb54e378 Sha1: a3cae46b48d469cc61ab0581303bcd5f5b654db9 Sha256: fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDIwNjQ2MiwiaWF0IjoxNjcwMTk5MjYyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21ycW9hOW0yZGpkZ3EyMmMxbmZoNGYiLCJuYmYiOjE2NzAxOTkyNjIsInRzIjoxNjcwMTk5MjYyMzcwMDQwfQ.NMZrQw5fJXCSnhlV4bbmNCF31CY4YUwUrj4H4pPOBLg&sid=e29c7250-7419-11ed-991c-24895ead6723 HTTP/1.1 Host: hfgfgf.d768.uu.wy5532.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://hfgfgf.d768.uu.wy5532.com/ Cookie: sid=e29c7250-7419-11ed-991c-24895ead6723; __gsas=ID=b1529138c7445ce1:T=1670198801:S=ALNI_MaPlLZrGE5-fHxmXhf5kR0Whrb9dw Upgrade-Insecure-Requests: 1	URL: hfgfgf.d768.uu.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIs (...) FQDN: hfgfgf.d768.uu.wy5532.com IP: 185.107.56.199 HASH: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47 185.107.56.199 HTTP/1.1 302 Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 11 date: Mon, 05 Dec 2022 00:14:22 GMT location: http://dipaka-ead.com/zcvisitor/c516f8f3-7431-11ed-b3c5-1225d7af0e1b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=c522b8c6-7431-11ed-b3c5-1225d7af0e1b server: nginx set-cookie: sid=e29c7250-7419-11ed-991c-24895ead6723; path=/; domain=.wy5532.com; expires=Sat, 23 Dec 2090 03:28:30 GMT; max-age=2147483647; HttpOnly --- Additional Info --- Magic: ASCII text, with no line terminators Size: 11 Md5: 32682312d17c7cbf18e73594f5570319 Sha1: 60e22121bdd0bc71cdb2bae2a3aa577006b2eae9 Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 1i9iFRcrruPL7IhqHIDnsA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.187.31.159 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.187.31.159 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: i07qEOiTjdo2p/oa0ruPFzJP3pg= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zcvisitor/c516f8f3-7431-11ed-b3c5-1225d7af0e1b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=c522b8c6-7431-11ed-b3c5-1225d7af0e1b HTTP/1.1 Host: dipaka-ead.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://hfgfgf.d768.uu.wy5532.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: dipaka-ead.com/zcvisitor/c516f8f3-7431-11ed-b3c5-1225d7 (...) FQDN: dipaka-ead.com IP: 3.212.50.125 HASH: f6ddf12f59779b9af5c5414c9244b13ed5e6f12827f28cb3feebdb5871729f09 3.212.50.125 HTTP/1.1 200 Content-Type: text/html;charset=UTF-8 Date: Mon, 05 Dec 2022 00:14:23 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag Server: aVaGlhqH --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 1100 Md5: 33d4e4d2c08598488aaf6606049ea063 Sha1: 7fe5c4f95e9186987f5dde7b55db739b478ccc18 Sha256: f6ddf12f59779b9af5c5414c9244b13ed5e6f12827f28cb3feebdb5871729f09
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3281 Expires: Mon, 05 Dec 2022 01:09:04 GMT Date: Mon, 05 Dec 2022 00:14:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3281 Expires: Mon, 05 Dec 2022 01:09:04 GMT Date: Mon, 05 Dec 2022 00:14:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3281 Expires: Mon, 05 Dec 2022 01:09:04 GMT Date: Mon, 05 Dec 2022 00:14:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3281 Expires: Mon, 05 Dec 2022 01:09:04 GMT Date: Mon, 05 Dec 2022 00:14:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3281 Expires: Mon, 05 Dec 2022 01:09:04 GMT Date: Mon, 05 Dec 2022 00:14:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12348 x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cjKa_HpTIAMFrcg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: tGsNaADKr1KoJT7rxDSFf8dxM1_IXsaF67Eqe8DIO9PAJy8HtqQKng== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Dec 2022 03:21:42 GMT age: 75161 etag: "f8d5cc7b315879b66a11b403463da1330617d2fa" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12348 Md5: b8e6f84dff61fedd8ff9baa9bb648883 Sha1: f8d5cc7b315879b66a11b403463da1330617d2fa Sha256: 025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10183 x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: co_uLHQZoAMF4hA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: WDqUFMBT59kulx4WLxNh5XTsHzr4_u524juvZJnGMYBH-mUaJclnTg== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Dec 2022 21:49:03 GMT age: 8720 etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10183 Md5: 99d1ff8fa2e095dcf2bda3d1e1af1221 Sha1: f914f04a0e1fb45a221d31d2105bfc73015b03e6 Sha256: 90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f4aeac45941c34d8e0794d20a4bb2658b020fed85c5059f247844f2755bc9d72 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7631 x-amzn-requestid: 9fc3a621-dcd9-4332-b085-6cda0cb25ac9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cjKUYF2toAMFVkQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638abdb5-36f6c7d67940ed18394328c8;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: azPc-KWHbEA3DMhyphQq3zERUrF14hxrEHwxDZZfcFlu5-IpyKwtgw== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Dec 2022 03:17:41 GMT age: 75402 etag: "ff7740d3c12ce7ab23291272221c0d9503f9c139" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7631 Md5: 50eeb012f0903f0848c8afcd6b26a7ec Sha1: ff7740d3c12ce7ab23291272221c0d9503f9c139 Sha256: f4aeac45941c34d8e0794d20a4bb2658b020fed85c5059f247844f2755bc9d72
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10031 x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cjY0CGUVIAMFxog= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: vg9n0d9YqjfrKwJHGGcztV4gsGENhNYUuC1HUmWFsxRlDdMSpV4IQw== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Dec 2022 15:58:47 GMT age: 29736 etag: "cd754bb6094d2e456b95dce8daace45a0de8a121" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10031 Md5: bb029b41d342a82250aef6d6f713be6e Sha1: cd754bb6094d2e456b95dce8daace45a0de8a121 Sha256: c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f879ef8-1a6d-4f5a-9ed7-092a33c3642f.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: bd8320fe10dc06061008034cfd1ca9f17e941b2b859b8dd12f23bcac35746aab 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3707 x-amzn-requestid: e9d4dc01-cb68-471b-8da4-c6f170248387 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: co_xhEm-IAMFRNQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638d133c-5414a54751e2569f639d0dea;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:04 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: _nGZrHCvmP-EKAQG20l1ayIftZ4spFGPuG--vyTpMhbNa9L3pIWhCA== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Dec 2022 21:48:29 GMT age: 8754 etag: "56ee7aa6cf94570b1218ef6e767a7036d0b8900f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3707 Md5: d7bde76a4dbab17f37747e7da55ad924 Sha1: 56ee7aa6cf94570b1218ef6e767a7036d0b8900f Sha256: bd8320fe10dc06061008034cfd1ca9f17e941b2b859b8dd12f23bcac35746aab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6826 x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: co_t2FsLIAMFekA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: d5IKLNblcA9AzCoGMpGmIGwUu-kQlHlouju5mm2NwsSOin4MFT40mg== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Dec 2022 21:56:21 GMT age: 8282 etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6826 Md5: a349d02cce160f72cc93f6fb6e45fa46 Sha1: a6f82481ea0a820da0f199e8f9051a4aa4013c82 Sha256: ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24
GET /zcredirect?visitid=c516f8f3-7431-11ed-b3c5-1225d7af0e1b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 Host: dipaka-ead.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dipaka-ead.com/zcvisitor/c516f8f3-7431-11ed-b3c5-1225d7af0e1b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=c522b8c6-7431-11ed-b3c5-1225d7af0e1b Upgrade-Insecure-Requests: 1	URL: dipaka-ead.com/zcredirect?visitid=c516f8f3-7431-11ed-b3 (...) FQDN: dipaka-ead.com IP: 3.212.50.125 HASH: 41cff2dff8cfd67c713e86e7c3ba97564d37be137be4d420ff02acf16a6a8b9d 3.212.50.125 HTTP/1.1 200 Content-Type: text/html;charset=UTF-8 Date: Mon, 05 Dec 2022 00:14:23 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag redirected: JS Server: ophkbQpr --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 312 Md5: 3a795372babb53f4f84540d2527a5974 Sha1: 166f9e50bd9254616aba0b17619f1df215905dd7 Sha256: 41cff2dff8cfd67c713e86e7c3ba97564d37be137be4d420ff02acf16a6a8b9d
GET /favicon.ico HTTP/1.1 Host: dipaka-ead.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dipaka-ead.com/zcredirect?visitid=c516f8f3-7431-11ed-b3c5-1225d7af0e1b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	URL: dipaka-ead.com/favicon.ico FQDN: dipaka-ead.com IP: 3.212.50.125 HASH: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8 3.212.50.125 HTTP/1.1 404 Content-Type: text/html;charset=utf-8 Date: Mon, 05 Dec 2022 00:14:24 GMT Content-Length: 653 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Content-Language: en Server: PNWhRqSQ --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators Size: 653 Md5: ba2732b1b2fa2626ffaa15f62f9e7d66 Sha1: 203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /click?seat=2113743&i=GNZgCmShjRg_0 HTTP/1.1 Host: xml-v4.craftviking-2.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dipaka-ead.com/ Upgrade-Insecure-Requests: 1	URL: xml-v4.craftviking-2.co/click?seat=2113743&i=GNZgCmShjRg_0 FQDN: xml-v4.craftviking-2.co IP: 173.239.53.32 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 173.239.53.32 HTTP/1.1 302 Found Cache-Control: no-store Content-Length: 0 Age: 0 Connection: keep-alive Location: https://lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil Pragma: no-cache --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gsalphasha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp2.globalsign.com/gsalphasha2g2 FQDN: ocsp2.globalsign.com IP: 104.18.21.226 HASH: e613155b2c4db03019b38179699144ab644b50eb7889a73849892d4c4d25dbcc 104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 05 Dec 2022 00:14:24 GMT Content-Length: 1423 Connection: keep-alive Expires: Thu, 08 Dec 2022 22:11:27 GMT ETag: "78e6d02180bf5582877f794b7fded271ab6870e2" Last-Modified: Sun, 04 Dec 2022 22:11:28 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 774894d9ccbcb500-OSL --- Additional Info --- Magic: data Size: 1423 Md5: 1dd3f26e7b1c32249e136321bd01f999 Sha1: 78e6d02180bf5582877f794b7fded271ab6870e2 Sha256: e613155b2c4db03019b38179699144ab644b50eb7889a73849892d4c4d25dbcc
GET /?z=56408&c=12345&source_id=000000000_fil HTTP/1.1 Host: lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://dipaka-ead.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil FQDN: lifeimpressions.net IP: 178.128.246.195 HASH: 2aea419c8035214d35e9928f7a4574671b63e77a9bd7392f1c547866ccbb2aac 178.128.246.195 HTTP/1.1 200 OK Content-Type: text/html Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:24 GMT Last-Modified: Mon, 17 May 2021 18:15:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"60a2b2df-14c11" Strict-Transport-Security: max-age=63072000; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (63500), with CRLF line terminators Size: 36807 Md5: b4952d42c3dc62e72963f55d5ba964f3 Sha1: d793c03fd33004f3d106dde4415b9c81b8b2c46d Sha256: 2aea419c8035214d35e9928f7a4574671b63e77a9bd7392f1c547866ccbb2aac
GET /style.css HTTP/1.1 Host: lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: lifeimpressions.net/style.css FQDN: lifeimpressions.net IP: 178.128.246.195 HASH: 4d2fa0064ace3802bc8c465d9d7b2da09b42c8593d0db3c0de15a8686668dc1d 178.128.246.195 HTTP/1.1 200 OK Content-Type: text/css Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:24 GMT Content-Length: 11235 Last-Modified: Mon, 11 Nov 2019 17:45:45 GMT Connection: keep-alive ETag: "5dc99e49-2be3" Strict-Transport-Security: max-age=63072000; includeSubdomains Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 11235 Md5: 76e7391051b1944f0d94fb0a15b5eeed Sha1: 35476d77afeb88c15f09d2eacec3830e471e19fc Sha256: 4d2fa0064ace3802bc8c465d9d7b2da09b42c8593d0db3c0de15a8686668dc1d
GET /jquery-2.1.1.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lifeimpressions.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: code.jquery.com/jquery-2.1.1.min.js FQDN: code.jquery.com IP: 69.16.175.42 HASH: ad3722919f1d0a20f0d7734f6e0823c211de6bc7d6972a56a9a7e9a12d7d02dd 69.16.175.42 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Mon, 05 Dec 2022 00:14:24 GMT content-encoding: gzip content-length: 29482 last-modified: Wed, 16 Feb 2022 10:50:39 GMT accept-ranges: bytes server: nginx etag: W/"620cd6ff-14915" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1670199264.dop003.sk1.t,1670199264.cds258.sk1.hn,1670199264.cds262.sk1.c X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (32061) Size: 29482 Md5: bc3fbf33dc7b6b815c7e294a7dd685b4 Sha1: 8ff4bad0a255364f15fd1926199bf17fb673b736 Sha256: ad3722919f1d0a20f0d7734f6e0823c211de6bc7d6972a56a9a7e9a12d7d02dd
GET /idb.js HTTP/1.1 Host: lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: lifeimpressions.net/idb.js FQDN: lifeimpressions.net IP: 178.128.246.195 HASH: a5dd5c3f8afb3604650604774c3f5fe89043a38135cb1325a242300edf802d1d 178.128.246.195 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:24 GMT Content-Length: 2637 Last-Modified: Fri, 19 Oct 2018 10:36:47 GMT Connection: keep-alive ETag: "5bc9b3bf-a4d" Strict-Transport-Security: max-age=63072000; includeSubdomains Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 2637 Md5: c13f1306227fced1506d250fe914d3e8 Sha1: 7b56f20689cb8339f444767629623e278e90f958 Sha256: a5dd5c3f8afb3604650604774c3f5fe89043a38135cb1325a242300edf802d1d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 05 Dec 2022 00:14:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: da9700d928847bca71f73dc9ca89bd1c Sha1: 2f156a1557a7504da776ed9a82dc52563662be6f Sha256: 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 05 Dec 2022 00:14:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: da9700d928847bca71f73dc9ca89bd1c Sha1: 2f156a1557a7504da776ed9a82dc52563662be6f Sha256: 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 05 Dec 2022 00:14:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3c4319f54a5675ee9acda96c58f97ac6 Sha1: 210ea86db1836d430b321d59b4bd1b016c914f22 Sha256: cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
GET /app.js HTTP/1.1 Host: lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: lifeimpressions.net/app.js FQDN: lifeimpressions.net IP: 178.128.246.195 HASH: b0e6528c41784514715de6de02393df967178c61651d4a249384ab5b1318ba31 178.128.246.195 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:24 GMT Content-Length: 10088 Last-Modified: Mon, 15 Mar 2021 15:30:12 GMT Connection: keep-alive ETag: "604f7d84-2768" Strict-Transport-Security: max-age=63072000; includeSubdomains Accept-Ranges: bytes --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (2071) Size: 10088 Md5: 611d12065f53a2de5b64b785c7677877 Sha1: 401e507307a177c5d5d5d8ce6ce919b0fed5adea Sha256: b0e6528c41784514715de6de02393df967178c61651d4a249384ab5b1318ba31
GET /firebasejs/5.4.0/firebase-app.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lifeimpressions.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.gstatic.com/firebasejs/5.4.0/firebase-app.js FQDN: www.gstatic.com IP: 142.250.74.35 HASH: ae91c816008514b73c098bf96e2e38d72bd0b8f70d77db534d7b14107af60919 142.250.74.35 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 12419 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 29 Nov 2022 19:00:32 GMT expires: Wed, 29 Nov 2023 19:00:32 GMT cache-control: public, max-age=31536000 age: 450832 last-modified: Thu, 16 Aug 2018 18:59:55 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (34802) Size: 12419 Md5: b4754e15e3b954ae32ae259d8e7a0415 Sha1: b61d406ddc724fb7af0f5562f0aab0274e57db9a Sha256: ae91c816008514b73c098bf96e2e38d72bd0b8f70d77db534d7b14107af60919
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 05 Dec 2022 00:14:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 122124f83967c12700f5a6f5546b0f1f Sha1: d7acd2db61ad811c388a44b7bd407fa5f4aea8ee Sha256: b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
GET /firebasejs/5.4.0/firebase-messaging.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lifeimpressions.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.gstatic.com/firebasejs/5.4.0/firebase-messaging.js FQDN: www.gstatic.com IP: 142.250.74.35 HASH: 28d3a6e18950b0d42849e3e817d757b2b6164ca8440e912b2e022af1107306ac 142.250.74.35 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 10046 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 29 Nov 2022 15:55:26 GMT expires: Wed, 29 Nov 2023 15:55:26 GMT cache-control: public, max-age=31536000 age: 461938 last-modified: Thu, 16 Aug 2018 18:59:55 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (35630) Size: 10046 Md5: 5afb079bc2331bd0ce1f1e38698808f7 Sha1: 92febc8e7c35b819a9a104901297e62a2d53b98c Sha256: 28d3a6e18950b0d42849e3e817d757b2b6164ca8440e912b2e022af1107306ac
GET /gtag/js?id=G-CWF1ZNVXRW HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lifeimpressions.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtag/js?id=G-CWF1ZNVXRW FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: 41bdb117230c73b29fd3314217e2a5d9ce4c85a8195629c37ac705bd61e75050 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 05 Dec 2022 00:14:24 GMT expires: Mon, 05 Dec 2022 00:14:24 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 76340 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (20080) Size: 76340 Md5: 503139ca9f8d1f25a714ab8654c2d30a Sha1: 3eb30e5d07080792dc04da1ebd734acabfd2a7e2 Sha256: 41bdb117230c73b29fd3314217e2a5d9ce4c85a8195629c37ac705bd61e75050
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 05 Dec 2022 00:14:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: da9700d928847bca71f73dc9ca89bd1c Sha1: 2f156a1557a7504da776ed9a82dc52563662be6f Sha256: 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 05 Dec 2022 00:14:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3c4319f54a5675ee9acda96c58f97ac6 Sha1: 210ea86db1836d430b321d59b4bd1b016c914f22 Sha256: cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 05 Dec 2022 00:14:24 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 7dfb548d8f8a99d32050803775fad5d6 Sha1: 8b47999a01db7c2217d76a1cec576809a229cf1b Sha256: 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
GET /arrow.png HTTP/1.1 Host: lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lifeimpressions.net/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: lifeimpressions.net/arrow.png FQDN: lifeimpressions.net IP: 178.128.246.195 HASH: 21e067de4d0e7648a0c2d58a091ac6630b3a8bc0af8d07030823fd09aada6ea4 178.128.246.195 HTTP/1.1 200 OK Content-Type: image/png Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:24 GMT Content-Length: 592 Last-Modified: Wed, 05 Dec 2018 23:08:48 GMT Connection: keep-alive ETag: "5c085a80-250" Strict-Transport-Security: max-age=63072000; includeSubdomains Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 54 x 86, 8-bit/color RGBA, non-interlaced\012- data Size: 592 Md5: ab953ae92d6d6c014e8bf125f5ea7f6b Sha1: ef3e629267df3bad73d3e9ff0f2ad946d7e69eb9 Sha256: 21e067de4d0e7648a0c2d58a091ac6630b3a8bc0af8d07030823fd09aada6ea4
GET /firebase-messaging-sw.js HTTP/1.1 Host: lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	URL: lifeimpressions.net/firebase-messaging-sw.js FQDN: lifeimpressions.net IP: 178.128.246.195 HASH: 23cb8cf8c1a90e17ab07654ccf0815c2af16c0a1d1077fadad77cc539e8deee9 178.128.246.195 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:24 GMT Content-Length: 19262 Last-Modified: Mon, 30 Dec 2019 08:58:46 GMT Connection: keep-alive ETag: "5e09bc46-4b3e" Strict-Transport-Security: max-age=63072000; includeSubdomains Accept-Ranges: bytes --- Additional Info --- Magic: Java source, ASCII text, with very long lines (18959) Size: 19262 Md5: ece2d5dbc7db3df8369f932db4e4a835 Sha1: efb153dbd5b8a9de7c382cd3f43e11033c42a4a7 Sha256: 23cb8cf8c1a90e17ab07654ccf0815c2af16c0a1d1077fadad77cc539e8deee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://lifeimpressions.net Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 FQDN: fonts.gstatic.com IP: 142.250.74.35 HASH: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 142.250.74.35 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 30 Nov 2022 19:33:54 GMT expires: Thu, 30 Nov 2023 19:33:54 GMT cache-control: public, max-age=31536000 age: 362430 last-modified: Wed, 11 May 2022 19:24:48 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e Sha1: 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://lifeimpressions.net Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4 (...) FQDN: fonts.gstatic.com IP: 142.250.74.35 HASH: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 142.250.74.35 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15860 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 30 Nov 2022 19:34:15 GMT expires: Thu, 30 Nov 2023 19:34:15 GMT cache-control: public, max-age=31536000 age: 362409 last-modified: Wed, 11 May 2022 19:24:42 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Size: 15860 Md5: e9f5aaf547f165386cd313b995dddd8e Sha1: acdef5603c2387b0e5bffd744b679a24a8bc1968 Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /favicon.ico HTTP/1.1 Host: lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: lifeimpressions.net/favicon.ico FQDN: lifeimpressions.net IP: 178.128.246.195 HASH: 648d8e644dcbdc4ec115a30bd51d8054071891a3e4971aee01963f1cb17fb4ca 178.128.246.195 HTTP/1.1 404 Not Found Content-Type: text/html Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:24 GMT Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 132 Md5: 3d06c0eef8d0d7b16c06a4d59d7b9a8a Sha1: f1b09ab082acf6c0cc7208e344eb3f6619c49cf9 Sha256: 648d8e644dcbdc4ec115a30bd51d8054071891a3e4971aee01963f1cb17fb4ca
GET /?z=56408&c=12345&source_id=000000000_fil HTTP/1.1 Host: 7136f7.lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lifeimpressions.net/ Cookie: _ga_CWF1ZNVXRW=GS1.1.1670199262.1.0.1670199262.0.0.0; _ga=GA1.1.536459742.1670199262 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site	URL: 7136f7.lifeimpressions.net/?z=56408&c=12345&source_id=0 (...) FQDN: 7136f7.lifeimpressions.net IP: 178.128.246.195 HASH: 2aea419c8035214d35e9928f7a4574671b63e77a9bd7392f1c547866ccbb2aac 178.128.246.195 HTTP/1.1 200 OK Content-Type: text/html Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:25 GMT Last-Modified: Mon, 17 May 2021 18:15:59 GMT Transfer-Encoding: chunked Connection: keep-alive ETag: W/"60a2b2df-14c11" Strict-Transport-Security: max-age=63072000; includeSubdomains Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (63500), with CRLF line terminators Size: 36807 Md5: b4952d42c3dc62e72963f55d5ba964f3 Sha1: d793c03fd33004f3d106dde4415b9c81b8b2c46d Sha256: 2aea419c8035214d35e9928f7a4574671b63e77a9bd7392f1c547866ccbb2aac
POST /g/collect?v=2&tid=G-CWF1ZNVXRW&gtm=2oebu0&_p=124052207&cid=536459742.1670199262&ul=en-us&sr=1280x1024&_s=1&sid=1670199262&sct=1&seg=0&dl=https%3A%2F%2Flifeimpressions.net%2F%3Fz%3D56408%26c%3D12345%26source_id%3D000000000_fil&dr=http%3A%2F%2Fdipaka-ead.com%2F&dt=Checking%20your%20browser%E2%80%A6&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://lifeimpressions.net Connection: keep-alive Referer: https://lifeimpressions.net/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: region1.google-analytics.com/g/collect?v=2&tid=G-CWF1ZN (...) FQDN: region1.google-analytics.com IP: 216.239.32.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.32.36 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: https://lifeimpressions.net date: Mon, 05 Dec 2022 00:14:25 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css?family=Roboto:400,700,400i&subset=cyrillic HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lifeimpressions.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Roboto:400,700,400i&sub (...) FQDN: fonts.googleapis.com IP: 142.250.74.106 HASH: 7d9a1b99865151dec56a5e4ef5e9fc18e160c4eaf0c79db74d46ead857e8ef98 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Mon, 05 Dec 2022 00:14:24 GMT date: Mon, 05 Dec 2022 00:14:24 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 11905 Md5: 0f120e553c141fd353aa148c877c0405 Sha1: b9880658b4b01f75f2e14248c4fe313a1e3db21e Sha256: 7d9a1b99865151dec56a5e4ef5e9fc18e160c4eaf0c79db74d46ead857e8ef98
GET /idb.js HTTP/1.1 Host: 7136f7.lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://7136f7.lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil Cookie: _ga_CWF1ZNVXRW=GS1.1.1670199262.1.0.1670199262.0.0.0; _ga=GA1.1.536459742.1670199262 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 7136f7.lifeimpressions.net/idb.js FQDN: 7136f7.lifeimpressions.net IP: 178.128.246.195 HASH: a5dd5c3f8afb3604650604774c3f5fe89043a38135cb1325a242300edf802d1d 178.128.246.195 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:25 GMT Content-Length: 2637 Last-Modified: Fri, 19 Oct 2018 10:36:47 GMT Connection: keep-alive ETag: "5bc9b3bf-a4d" Strict-Transport-Security: max-age=63072000; includeSubdomains Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 2637 Md5: c13f1306227fced1506d250fe914d3e8 Sha1: 7b56f20689cb8339f444767629623e278e90f958 Sha256: a5dd5c3f8afb3604650604774c3f5fe89043a38135cb1325a242300edf802d1d
GET /firebase-messaging-sw.js HTTP/1.1 Host: 7136f7.lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Cookie: _ga_CWF1ZNVXRW=GS1.1.1670199262.1.0.1670199262.0.0.0; _ga=GA1.1.536459742.1670199262 Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	URL: 7136f7.lifeimpressions.net/firebase-messaging-sw.js FQDN: 7136f7.lifeimpressions.net IP: 178.128.246.195 HASH: 23cb8cf8c1a90e17ab07654ccf0815c2af16c0a1d1077fadad77cc539e8deee9 178.128.246.195 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:25 GMT Content-Length: 19262 Last-Modified: Mon, 30 Dec 2019 08:58:46 GMT Connection: keep-alive ETag: "5e09bc46-4b3e" Strict-Transport-Security: max-age=63072000; includeSubdomains Accept-Ranges: bytes --- Additional Info --- Magic: Java source, ASCII text, with very long lines (18959) Size: 19262 Md5: ece2d5dbc7db3df8369f932db4e4a835 Sha1: efb153dbd5b8a9de7c382cd3f43e11033c42a4a7 Sha256: 23cb8cf8c1a90e17ab07654ccf0815c2af16c0a1d1077fadad77cc539e8deee9
GET /favicon.ico HTTP/1.1 Host: 7136f7.lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://7136f7.lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil Cookie: _ga_CWF1ZNVXRW=GS1.1.1670199262.1.0.1670199262.0.0.0; _ga=GA1.1.536459742.1670199262 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 7136f7.lifeimpressions.net/favicon.ico FQDN: 7136f7.lifeimpressions.net IP: 178.128.246.195 HASH: 648d8e644dcbdc4ec115a30bd51d8054071891a3e4971aee01963f1cb17fb4ca 178.128.246.195 HTTP/1.1 404 Not Found Content-Type: text/html Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:25 GMT Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 132 Md5: 3d06c0eef8d0d7b16c06a4d59d7b9a8a Sha1: f1b09ab082acf6c0cc7208e344eb3f6619c49cf9 Sha256: 648d8e644dcbdc4ec115a30bd51d8054071891a3e4971aee01963f1cb17fb4ca
GET /arrow.png HTTP/1.1 Host: 7136f7.lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://7136f7.lifeimpressions.net/style.css Cookie: _ga_CWF1ZNVXRW=GS1.1.1670199262.1.0.1670199262.0.0.0; _ga=GA1.1.536459742.1670199262 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: 7136f7.lifeimpressions.net/arrow.png FQDN: 7136f7.lifeimpressions.net IP: 178.128.246.195 HASH: 21e067de4d0e7648a0c2d58a091ac6630b3a8bc0af8d07030823fd09aada6ea4 178.128.246.195 HTTP/1.1 200 OK Content-Type: image/png Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:25 GMT Content-Length: 592 Last-Modified: Wed, 05 Dec 2018 23:08:48 GMT Connection: keep-alive ETag: "5c085a80-250" Strict-Transport-Security: max-age=63072000; includeSubdomains Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 54 x 86, 8-bit/color RGBA, non-interlaced\012- data Size: 592 Md5: ab953ae92d6d6c014e8bf125f5ea7f6b Sha1: ef3e629267df3bad73d3e9ff0f2ad946d7e69eb9 Sha256: 21e067de4d0e7648a0c2d58a091ac6630b3a8bc0af8d07030823fd09aada6ea4
GET /tXml.js HTTP/1.1 Host: lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lifeimpressions.net/firebase-messaging-sw.js Cookie: _ga_CWF1ZNVXRW=GS1.1.1670199262.1.1.1670199263.0.0.0; _ga=GA1.1.536459742.1670199262 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	URL: lifeimpressions.net/tXml.js FQDN: lifeimpressions.net IP: 178.128.246.195 HASH: 341f686d65ae112c677f82d590028066b09d9926bae6565d795db5d3574c3607 178.128.246.195 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:26 GMT Content-Length: 13979 Last-Modified: Sat, 18 Aug 2018 15:29:28 GMT Connection: keep-alive ETag: "5b783b58-369b" Strict-Transport-Security: max-age=63072000; includeSubdomains Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 13979 Md5: ff0572e0f1d51ff1b8d60e3c2190c88f Sha1: 1749529c3243408f0bee5374d4133507e79cede3 Sha256: 341f686d65ae112c677f82d590028066b09d9926bae6565d795db5d3574c3607
GET /idb.js HTTP/1.1 Host: lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://lifeimpressions.net/firebase-messaging-sw.js Cookie: _ga_CWF1ZNVXRW=GS1.1.1670199262.1.1.1670199263.0.0.0; _ga=GA1.1.536459742.1670199262 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	URL: lifeimpressions.net/idb.js FQDN: lifeimpressions.net IP: 178.128.246.195 HASH: a5dd5c3f8afb3604650604774c3f5fe89043a38135cb1325a242300edf802d1d 178.128.246.195 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:26 GMT Content-Length: 2637 Last-Modified: Fri, 19 Oct 2018 10:36:47 GMT Connection: keep-alive ETag: "5bc9b3bf-a4d" Strict-Transport-Security: max-age=63072000; includeSubdomains Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 2637 Md5: c13f1306227fced1506d250fe914d3e8 Sha1: 7b56f20689cb8339f444767629623e278e90f958 Sha256: a5dd5c3f8afb3604650604774c3f5fe89043a38135cb1325a242300edf802d1d
GET /tXml.js HTTP/1.1 Host: 7136f7.lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://7136f7.lifeimpressions.net/firebase-messaging-sw.js Cookie: _ga_CWF1ZNVXRW=GS1.1.1670199262.1.1.1670199263.0.0.0; _ga=GA1.1.536459742.1670199262 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	URL: 7136f7.lifeimpressions.net/tXml.js FQDN: 7136f7.lifeimpressions.net IP: 178.128.246.195 HASH: 341f686d65ae112c677f82d590028066b09d9926bae6565d795db5d3574c3607 178.128.246.195 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:27 GMT Content-Length: 13979 Last-Modified: Sat, 18 Aug 2018 15:29:28 GMT Connection: keep-alive ETag: "5b783b58-369b" Strict-Transport-Security: max-age=63072000; includeSubdomains Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 13979 Md5: ff0572e0f1d51ff1b8d60e3c2190c88f Sha1: 1749529c3243408f0bee5374d4133507e79cede3 Sha256: 341f686d65ae112c677f82d590028066b09d9926bae6565d795db5d3574c3607
GET /idb.js HTTP/1.1 Host: 7136f7.lifeimpressions.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://7136f7.lifeimpressions.net/firebase-messaging-sw.js Cookie: _ga_CWF1ZNVXRW=GS1.1.1670199262.1.1.1670199263.0.0.0; _ga=GA1.1.536459742.1670199262 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache	URL: 7136f7.lifeimpressions.net/idb.js FQDN: 7136f7.lifeimpressions.net IP: 178.128.246.195 HASH: a5dd5c3f8afb3604650604774c3f5fe89043a38135cb1325a242300edf802d1d 178.128.246.195 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx/1.14.2 Date: Mon, 05 Dec 2022 00:14:27 GMT Content-Length: 2637 Last-Modified: Fri, 19 Oct 2018 10:36:47 GMT Connection: keep-alive ETag: "5bc9b3bf-a4d" Strict-Transport-Security: max-age=63072000; includeSubdomains Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 2637 Md5: c13f1306227fced1506d250fe914d3e8 Sha1: 7b56f20689cb8339f444767629623e278e90f958 Sha256: a5dd5c3f8afb3604650604774c3f5fe89043a38135cb1325a242300edf802d1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f535ce45d68317bad15513d3cd3d21d2c0ef12e93d6ac19cc07b704ee1651f51 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7853 x-amzn-requestid: fa079a7e-1e93-41d6-bb16-2703077a0cb8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cdGrKEGFoAMFnBw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6388517a-076131847c129c197e84901b;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 07:02:18 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: Cri6Vf6-INRisbFQ4ITZ7f8RIvomQXQ-TjkjWAOkkUhmI1yhHIbTYA== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Dec 2022 08:10:52 GMT age: 57818 etag: "f5ed5d03e6969f81349ad78fde0e71390a4ed391" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7853 Md5: dafdb4fe91795a9e16baebb085ccd818 Sha1: f5ed5d03e6969f81349ad78fde0e71390a4ed391 Sha256: f535ce45d68317bad15513d3cd3d21d2c0ef12e93d6ac19cc07b704ee1651f51

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9" 

                                        
                                            
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2634 

                                        
                                            
Expires: Mon, 05 Dec 2022 00:58:16 GMT 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:22 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    cfec3d7283a9b66d2be426ce54d210f3

                                                Sha1:   808c1feb1ba918951d1928c1f6bfc0c253262774

                                                Sha256: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3" 

                                        
                                            
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=9122 

                                        
                                            
Expires: Mon, 05 Dec 2022 02:46:24 GMT 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:22 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    1ea206ac3c440825741687351f8c6e4e

                                                Sha1:   2f38dafd8c43dcce2411a0590bc5c02cd6286735

                                                Sha256: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: y3q18wBmC60OjKQE0Z19JHkxaJG0P+/bCk9+DPBp9jYdaJzKbN0C5mER06Y7fQa/pTeMjznt0LsLE6OPuZT8kg== 

                                        
                                            
x-amz-request-id: TYYBB1G7T0Y39V6Y 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sun, 04 Dec 2022 23:47:45 GMT 

                                        
                                            
age: 1597 

                                        
                                            
last-modified: Thu, 10 Nov 2022 09:21:27 GMT 

                                        
                                            
etag: "9ebddc2b260d081ebbefee47c037cb28" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    9ebddc2b260d081ebbefee47c037cb28

                                                Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39

                                                Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: hfgfgf.d768.uu.wy5532.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://hfgfgf.d768.uu.wy5532.com/ 

                                        
                                            
Cookie: sid=e29c7250-7419-11ed-991c-24895ead6723; __gsas=ID=b1529138c7445ce1:T=1670198801:S=ALNI_MaPlLZrGE5-fHxmXhf5kR0Whrb9dw

                                         185.107.56.199

                                        
                                            HTTP/1.1 404 Not Found

                                        

                                        
                                            
cache-control: max-age=0, private, must-revalidate 

                                        
                                            
connection: close 

                                        
                                            
content-length: 9 

                                        
                                            
date: Mon, 05 Dec 2022 00:14:21 GMT 

                                        
                                            
server: nginx 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   9

                                                Md5:    d8f4a1993546cc4b850cde3599e27aec

                                                Sha1:   094b763b4cfcc0b05e5d040581cd513c3ca08067

                                                Sha256: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 1346 

                                        
                                            
Cache-Control: max-age=119694 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:23 GMT 

                                        
                                            
Etag: "638c632b-1d7" 

                                        
                                            
Expires: Tue, 06 Dec 2022 09:29:17 GMT 

                                        
                                            
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT 

                                        
                                            
Server: ECS (ska/F706) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    31b129c94a90b1e695b21395cb54e378

                                                Sha1:   a3cae46b48d469cc61ab0581303bcd5f5b654db9

                                                Sha256: fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: 1i9iFRcrruPL7IhqHIDnsA== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         54.187.31.159

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: i07qEOiTjdo2p/oa0ruPFzJP3pg= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" 

                                        
                                            
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3281 

                                        
                                            
Expires: Mon, 05 Dec 2022 01:09:04 GMT 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:23 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    83e0936435ad95a15c9ec5ff9520f4fe

                                                Sha1:   a8225ee0d8ae117f977f7ff817c342c62e91b5a9

                                                Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" 

                                        
                                            
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3281 

                                        
                                            
Expires: Mon, 05 Dec 2022 01:09:04 GMT 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:23 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    83e0936435ad95a15c9ec5ff9520f4fe

                                                Sha1:   a8225ee0d8ae117f977f7ff817c342c62e91b5a9

                                                Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" 

                                        
                                            
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3281 

                                        
                                            
Expires: Mon, 05 Dec 2022 01:09:04 GMT 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:23 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    83e0936435ad95a15c9ec5ff9520f4fe

                                                Sha1:   a8225ee0d8ae117f977f7ff817c342c62e91b5a9

                                                Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10183 

                                        
                                            
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: co_uLHQZoAMF4hA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: WDqUFMBT59kulx4WLxNh5XTsHzr4_u524juvZJnGMYBH-mUaJclnTg== 

                                        
                                            
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 04 Dec 2022 21:49:03 GMT 

                                        
                                            
age: 8720 

                                        
                                            
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10183

                                                Md5:    99d1ff8fa2e095dcf2bda3d1e1af1221

                                                Sha1:   f914f04a0e1fb45a221d31d2105bfc73015b03e6

                                                Sha256: 90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2955536-4372-40c4-bbce-37f3da5c8a64.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10031 

                                        
                                            
x-amzn-requestid: ca6c11c5-8842-4ffb-bb9e-5351c4e60c5c 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cjY0CGUVIAMFxog= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638ad4e6-4282be9f505aa5764e9b1fa2;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Dec 2022 04:47:34 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: vg9n0d9YqjfrKwJHGGcztV4gsGENhNYUuC1HUmWFsxRlDdMSpV4IQw== 

                                        
                                            
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 04 Dec 2022 15:58:47 GMT 

                                        
                                            
age: 29736 

                                        
                                            
etag: "cd754bb6094d2e456b95dce8daace45a0de8a121" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10031

                                                Md5:    bb029b41d342a82250aef6d6f713be6e

                                                Sha1:   cd754bb6094d2e456b95dce8daace45a0de8a121

                                                Sha256: c16e364547c9e7a3c487b614073d59c7c495c5e5387b75136afab0dc68bebca4

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6826 

                                        
                                            
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: co_t2FsLIAMFekA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: d5IKLNblcA9AzCoGMpGmIGwUu-kQlHlouju5mm2NwsSOin4MFT40mg== 

                                        
                                            
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 04 Dec 2022 21:56:21 GMT 

                                        
                                            
age: 8282 

                                        
                                            
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6826

                                                Md5:    a349d02cce160f72cc93f6fb6e45fa46

                                                Sha1:   a6f82481ea0a820da0f199e8f9051a4aa4013c82

                                                Sha256: ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: dipaka-ead.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://dipaka-ead.com/zcredirect?visitid=c516f8f3-7431-11ed-b3c5-1225d7af0e1b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

                                         3.212.50.125

                                        
                                            HTTP/1.1 404  

                                        
                                            
Content-Type: text/html;charset=utf-8

                                        

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:24 GMT 

                                        
                                            
Content-Length: 653 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: no-store, no-cache, pre-check=0, post-check=0 

                                        
                                            
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
Content-Language: en 

                                        
                                            
Server: PNWhRqSQ 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators

                                                Size:   653

                                                Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66

                                                Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe

                                                Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 

                                        
                                            
Host: ocsp2.globalsign.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 79 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.21.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:24 GMT 

                                        
                                            
Content-Length: 1423 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Expires: Thu, 08 Dec 2022 22:11:27 GMT 

                                        
                                            
ETag: "78e6d02180bf5582877f794b7fded271ab6870e2" 

                                        
                                            
Last-Modified: Sun, 04 Dec 2022 22:11:28 GMT 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 774894d9ccbcb500-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1423

                                                Md5:    1dd3f26e7b1c32249e136321bd01f999

                                                Sha1:   78e6d02180bf5582877f794b7fded271ab6870e2

                                                Sha256: e613155b2c4db03019b38179699144ab644b50eb7889a73849892d4c4d25dbcc

                                        
                                            GET /style.css HTTP/1.1 

                                        
                                            
Host: lifeimpressions.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         178.128.246.195

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
Server: nginx/1.14.2 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:24 GMT 

                                        
                                            
Content-Length: 11235 

                                        
                                            
Last-Modified: Mon, 11 Nov 2019 17:45:45 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
ETag: "5dc99e49-2be3" 

                                        
                                            
Strict-Transport-Security: max-age=63072000; includeSubdomains 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   11235

                                                Md5:    76e7391051b1944f0d94fb0a15b5eeed

                                                Sha1:   35476d77afeb88c15f09d2eacec3830e471e19fc

                                                Sha256: 4d2fa0064ace3802bc8c465d9d7b2da09b42c8593d0db3c0de15a8686668dc1d

                                        
                                            GET /idb.js HTTP/1.1 

                                        
                                            
Host: lifeimpressions.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         178.128.246.195

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Server: nginx/1.14.2 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:24 GMT 

                                        
                                            
Content-Length: 2637 

                                        
                                            
Last-Modified: Fri, 19 Oct 2018 10:36:47 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
ETag: "5bc9b3bf-a4d" 

                                        
                                            
Strict-Transport-Security: max-age=63072000; includeSubdomains 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   2637

                                                Md5:    c13f1306227fced1506d250fe914d3e8

                                                Sha1:   7b56f20689cb8339f444767629623e278e90f958

                                                Sha256: a5dd5c3f8afb3604650604774c3f5fe89043a38135cb1325a242300edf802d1d

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:24 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    da9700d928847bca71f73dc9ca89bd1c

                                                Sha1:   2f156a1557a7504da776ed9a82dc52563662be6f

                                                Sha256: 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344

                                        
                                            GET /app.js HTTP/1.1 

                                        
                                            
Host: lifeimpressions.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         178.128.246.195

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Server: nginx/1.14.2 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:24 GMT 

                                        
                                            
Content-Length: 10088 

                                        
                                            
Last-Modified: Mon, 15 Mar 2021 15:30:12 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
ETag: "604f7d84-2768" 

                                        
                                            
Strict-Transport-Security: max-age=63072000; includeSubdomains 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (2071)

                                                Size:   10088

                                                Md5:    611d12065f53a2de5b64b785c7677877

                                                Sha1:   401e507307a177c5d5d5d8ce6ce919b0fed5adea

                                                Sha256: b0e6528c41784514715de6de02393df967178c61651d4a249384ab5b1318ba31

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:24 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    122124f83967c12700f5a6f5546b0f1f

                                                Sha1:   d7acd2db61ad811c388a44b7bd407fa5f4aea8ee

                                                Sha256: b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d

                                        
                                            GET /gtag/js?id=G-CWF1ZNVXRW HTTP/1.1 

                                        
                                            
Host: www.googletagmanager.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lifeimpressions.net/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.168

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: Cache-Control 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
date: Mon, 05 Dec 2022 00:14:24 GMT 

                                        
                                            
expires: Mon, 05 Dec 2022 00:14:24 GMT 

                                        
                                            
cache-control: private, max-age=900 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Google Tag Manager 

                                        
                                            
content-length: 76340 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (20080)

                                                Size:   76340

                                                Md5:    503139ca9f8d1f25a714ab8654c2d30a

                                                Sha1:   3eb30e5d07080792dc04da1ebd734acabfd2a7e2

                                                Sha256: 41bdb117230c73b29fd3314217e2a5d9ce4c85a8195629c37ac705bd61e75050

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:24 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    3c4319f54a5675ee9acda96c58f97ac6

                                                Sha1:   210ea86db1836d430b321d59b4bd1b016c914f22

                                                Sha256: cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65

                                        
                                            GET /arrow.png HTTP/1.1 

                                        
                                            
Host: lifeimpressions.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lifeimpressions.net/style.css 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         178.128.246.195

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
Server: nginx/1.14.2 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:24 GMT 

                                        
                                            
Content-Length: 592 

                                        
                                            
Last-Modified: Wed, 05 Dec 2018 23:08:48 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
ETag: "5c085a80-250" 

                                        
                                            
Strict-Transport-Security: max-age=63072000; includeSubdomains 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 54 x 86, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   592

                                                Md5:    ab953ae92d6d6c014e8bf125f5ea7f6b

                                                Sha1:   ef3e629267df3bad73d3e9ff0f2ad946d7e69eb9

                                                Sha256: 21e067de4d0e7648a0c2d58a091ac6630b3a8bc0af8d07030823fd09aada6ea4

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://lifeimpressions.net 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.35

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 15744 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Wed, 30 Nov 2022 19:33:54 GMT 

                                        
                                            
expires: Thu, 30 Nov 2023 19:33:54 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 362430 

                                        
                                            
last-modified: Wed, 11 May 2022 19:24:48 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data

                                                Size:   15744

                                                Md5:    15d9f621c3bd1599f0169dcf0bd5e63e

                                                Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52

                                                Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: lifeimpressions.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         178.128.246.195

                                        
                                            HTTP/1.1 404 Not Found 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Server: nginx/1.14.2 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:24 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   132

                                                Md5:    3d06c0eef8d0d7b16c06a4d59d7b9a8a

                                                Sha1:   f1b09ab082acf6c0cc7208e344eb3f6619c49cf9

                                                Sha256: 648d8e644dcbdc4ec115a30bd51d8054071891a3e4971aee01963f1cb17fb4ca

                                        
                                            POST /g/collect?v=2&tid=G-CWF1ZNVXRW&gtm=2oebu0&_p=124052207&cid=536459742.1670199262&ul=en-us&sr=1280x1024&_s=1&sid=1670199262&sct=1&seg=0&dl=https%3A%2F%2Flifeimpressions.net%2F%3Fz%3D56408%26c%3D12345%26source_id%3D000000000_fil&dr=http%3A%2F%2Fdipaka-ead.com%2F&dt=Checking%20your%20browser%E2%80%A6&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 

                                        
                                            
Host: region1.google-analytics.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://lifeimpressions.net 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lifeimpressions.net/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Content-Length: 0

                                         216.239.32.36

                                        
                                            HTTP/2 204 No Content 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
access-control-allow-origin: https://lifeimpressions.net 

                                        
                                            
date: Mon, 05 Dec 2022 00:14:25 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /idb.js HTTP/1.1 

                                        
                                            
Host: 7136f7.lifeimpressions.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://7136f7.lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil 

                                        
                                            
Cookie: _ga_CWF1ZNVXRW=GS1.1.1670199262.1.0.1670199262.0.0.0; _ga=GA1.1.536459742.1670199262 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         178.128.246.195

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Server: nginx/1.14.2 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:25 GMT 

                                        
                                            
Content-Length: 2637 

                                        
                                            
Last-Modified: Fri, 19 Oct 2018 10:36:47 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
ETag: "5bc9b3bf-a4d" 

                                        
                                            
Strict-Transport-Security: max-age=63072000; includeSubdomains 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   2637

                                                Md5:    c13f1306227fced1506d250fe914d3e8

                                                Sha1:   7b56f20689cb8339f444767629623e278e90f958

                                                Sha256: a5dd5c3f8afb3604650604774c3f5fe89043a38135cb1325a242300edf802d1d

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: 7136f7.lifeimpressions.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://7136f7.lifeimpressions.net/?z=56408&c=12345&source_id=000000000_fil 

                                        
                                            
Cookie: _ga_CWF1ZNVXRW=GS1.1.1670199262.1.0.1670199262.0.0.0; _ga=GA1.1.536459742.1670199262 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         178.128.246.195

                                        
                                            HTTP/1.1 404 Not Found 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Server: nginx/1.14.2 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:25 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   132

                                                Md5:    3d06c0eef8d0d7b16c06a4d59d7b9a8a

                                                Sha1:   f1b09ab082acf6c0cc7208e344eb3f6619c49cf9

                                                Sha256: 648d8e644dcbdc4ec115a30bd51d8054071891a3e4971aee01963f1cb17fb4ca

                                        
                                            GET /tXml.js HTTP/1.1 

                                        
                                            
Host: lifeimpressions.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://lifeimpressions.net/firebase-messaging-sw.js 

                                        
                                            
Cookie: _ga_CWF1ZNVXRW=GS1.1.1670199262.1.1.1670199263.0.0.0; _ga=GA1.1.536459742.1670199262 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         178.128.246.195

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Server: nginx/1.14.2 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:26 GMT 

                                        
                                            
Content-Length: 13979 

                                        
                                            
Last-Modified: Sat, 18 Aug 2018 15:29:28 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
ETag: "5b783b58-369b" 

                                        
                                            
Strict-Transport-Security: max-age=63072000; includeSubdomains 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   13979

                                                Md5:    ff0572e0f1d51ff1b8d60e3c2190c88f

                                                Sha1:   1749529c3243408f0bee5374d4133507e79cede3

                                                Sha256: 341f686d65ae112c677f82d590028066b09d9926bae6565d795db5d3574c3607

                                        
                                            GET /tXml.js HTTP/1.1 

                                        
                                            
Host: 7136f7.lifeimpressions.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://7136f7.lifeimpressions.net/firebase-messaging-sw.js 

                                        
                                            
Cookie: _ga_CWF1ZNVXRW=GS1.1.1670199262.1.1.1670199263.0.0.0; _ga=GA1.1.536459742.1670199262 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         178.128.246.195

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Server: nginx/1.14.2 

                                        
                                            
Date: Mon, 05 Dec 2022 00:14:27 GMT 

                                        
                                            
Content-Length: 13979 

                                        
                                            
Last-Modified: Sat, 18 Aug 2018 15:29:28 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
ETag: "5b783b58-369b" 

                                        
                                            
Strict-Transport-Security: max-age=63072000; includeSubdomains 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   13979

                                                Md5:    ff0572e0f1d51ff1b8d60e3c2190c88f

                                                Sha1:   1749529c3243408f0bee5374d4133507e79cede3

                                                Sha256: 341f686d65ae112c677f82d590028066b09d9926bae6565d795db5d3574c3607

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50c0f516-113b-498b-a6f2-9f0a076ff423.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7853 

                                        
                                            
x-amzn-requestid: fa079a7e-1e93-41d6-bb16-2703077a0cb8 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cdGrKEGFoAMFnBw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6388517a-076131847c129c197e84901b;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 01 Dec 2022 07:02:18 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: Cri6Vf6-INRisbFQ4ITZ7f8RIvomQXQ-TjkjWAOkkUhmI1yhHIbTYA== 

                                        
                                            
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 04 Dec 2022 08:10:52 GMT 

                                        
                                            
age: 57818 

                                        
                                            
etag: "f5ed5d03e6969f81349ad78fde0e71390a4ed391" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7853

                                                Md5:    dafdb4fe91795a9e16baebb085ccd818

                                                Sha1:   f5ed5d03e6969f81349ad78fde0e71390a4ed391

                                                Sha256: f535ce45d68317bad15513d3cd3d21d2c0ef12e93d6ac19cc07b704ee1651f51

URL	hfgfgf.d768.uu.wy5532.com/
IP	37.48.65.155 (Netherlands)
ASN	#60781 LeaseWeb Netherlands B.V.
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-05 00:14:33 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (20)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 37.48.65.155

Last 5 reports on ASN: LeaseWeb Netherlands B.V.

Last 5 reports on domain: wy5532.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (60)

Overview

Domain Summary (20)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 37.48.65.155

Last 5 reports on ASN: LeaseWeb Netherlands B.V.

Last 5 reports on domain: wy5532.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (60)

Network Intrusion Detection Systems