| fssquad.com/redirect?to=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg== |  172.67.220.8 | 301 Moved Permanently | 0 B |
URL HTTP/1.1fssquad.com/redirect?to=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg== IP172.67.220.8:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?to=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg== HTTP/1.1
Host: fssquad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Sep 2022 22:14:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 23 Sep 2022 23:14:23 GMT
Location: https://fssquad.com/redirect?to=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lz4MKr25Q%2F2y8OHYRq0Kh9WudFpkGTTwZDRYCM7GXNeFgUUxWJIfW9W7AyUsbionrixlu2MZ13Iuqo%2FnhEtYmyBeO8BNHsSqC3pWvmOeiS3a1Mxa%2B9j4TRVR%2BzzrYg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74f6a20b8b9a0b51-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash09a973de929ab7452edc342c780d3668 3f14f6e0a36f76863c0aea6fb561c266404a7ea3 e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7745
Expires: Sat, 24 Sep 2022 00:23:28 GMT
Date: Fri, 23 Sep 2022 22:14:23 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 18.165.201.80 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP18.165.201.80:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 22:05:16 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 680c9e756bdd27fcfeee763a87afaa06.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: aDRWa21sx4sAQp_QICSMKy6R7i1LtrUm9eulBkBcemdgxnQyYwIjiA==
Age: 547
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashafb65a07bf7214addf83d17a53acba32 a8e973204431320aa7b362a4e73944520c4b51b9 46e1a9e6c98245afb7fa84bc6d9ba6844105024e2d3f56e28748e6c321475d02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E1A9E6C98245AFB7FA84BC6D9BA6844105024E2D3F56E28748E6C321475D02"
Last-Modified: Wed, 21 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4210
Expires: Fri, 23 Sep 2022 23:24:33 GMT
Date: Fri, 23 Sep 2022 22:14:23 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash20142e9889cfb065930b45bd87e269c2 483def3ed7a761cae4d5bb86fa35aedd7a86ebc7 fa9d7d56611e4a21bf87d77affe1f3c7a79d61843f8372528c36fb0e6a2b979a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4718
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 22:14:23 GMT
Last-Modified: Fri, 23 Sep 2022 20:55:45 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DC/bNczROHvDnIZI1YIac2t+Ef5pvpLLmyij/A3Tt7NjcA2dEDyTTo33CnJA5yBmm2Hs+Efm4pE=
x-amz-request-id: W3E3N331R95RV5QW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Sep 2022 21:47:14 GMT
age: 1629
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 22:14:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 18.165.201.80 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP18.165.201.80:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 21:33:00 GMT
Expires: Fri, 23 Sep 2022 21:34:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 543bd78e28d38334d97d31a1d7aded16.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: _wAfmDKUINUAqy0Csd9QeafNnemwP94UKVPmA0GcCL6T7LCRa7jWxw==
Age: 2483
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashf714931cf870bfa33815fd259b7246fd 38e411ef8ca1b31ead8415ee5f21d98bd9653a86 897675130112daff8bdf6fa25b56faa4b9fdb367daca2b2645ed65c83a2e423f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4974
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 22:14:23 GMT
Last-Modified: Fri, 23 Sep 2022 20:51:29 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash20142e9889cfb065930b45bd87e269c2 483def3ed7a761cae4d5bb86fa35aedd7a86ebc7 fa9d7d56611e4a21bf87d77affe1f3c7a79d61843f8372528c36fb0e6a2b979a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4719
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 22:14:24 GMT
Last-Modified: Fri, 23 Sep 2022 20:55:45 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
|
|
| push.services.mozilla.com/ | 35.164.47.107 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.164.47.107:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /msvalT5dzzFx9/QTH8D3w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0o4uHvEdqJA6YiPoRD48KxJvOwQ=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7038cca95198779d8bb479045eb56652 e9dcf9451e849f4d55b0909b33a51bd0b1a35296 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4229
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 22:14:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7038cca95198779d8bb479045eb56652 e9dcf9451e849f4d55b0909b33a51bd0b1a35296 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4229
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 22:14:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7038cca95198779d8bb479045eb56652 e9dcf9451e849f4d55b0909b33a51bd0b1a35296 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4229
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 22:14:25 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7038cca95198779d8bb479045eb56652 e9dcf9451e849f4d55b0909b33a51bd0b1a35296 0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4229
Expires: Fri, 23 Sep 2022 23:24:54 GMT
Date: Fri, 23 Sep 2022 22:14:25 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175a85c3-10d3-4e8f-bb64-d8da75a938c4.jpeg | 34.120.237.76 | 200 OK | 6.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175a85c3-10d3-4e8f-bb64-d8da75a938c4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash007aba90cc24589b974c6039372121d3 c308f846b81275e50122f99a229ae3fec0b5fe4c dac4561f24f52c33e79e86b0794eab704866a879d6967ec120fdf7bc5a4e2d8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175a85c3-10d3-4e8f-bb64-d8da75a938c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6294
x-amzn-requestid: 4007bdf7-f31a-414b-8711-f319aa09692b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7ruHG-loAMF-QA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e265a-18dc206b23fe3e383c1eb9cc;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:34:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Qvt0ZGsgQJ6WpKx36eDB6Q22qDIkhcFOxLYyZJgiZCM7vTsLb7L8lQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:25 GMT
age: 1560
etag: "c308f846b81275e50122f99a229ae3fec0b5fe4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F860e3a33-2946-4ad5-9687-6cc6953b920d.jpeg | 34.120.237.76 | 200 OK | 5.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F860e3a33-2946-4ad5-9687-6cc6953b920d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb4a034f8a3f2e69e852a69075d20b0e3 a7a6043178f05f547a08808ea8b34a6703154b42 8f1a045214d7049cb9f9a1ab2c55b6753907741b7cbfcb2e02f916f95a56ddcc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F860e3a33-2946-4ad5-9687-6cc6953b920d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5179
x-amzn-requestid: 57451c31-0b96-4aa5-ae63-54f949ab3d68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQlGrRIAMFklA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2736-0bd483e47d880a837c7316ce;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OEBChdfqreTTNtWpSQfl4Eqsjj--P1EoJsFESumBcVJHdFNGSpN7gQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:26 GMT
age: 1559
etag: "a7a6043178f05f547a08808ea8b34a6703154b42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe84af5-cb77-4bce-b050-bb28c67f2536.jpeg | 34.120.237.76 | 200 OK | 3.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe84af5-cb77-4bce-b050-bb28c67f2536.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash05cc8199d072ccff34e3c0b2ecd65a09 7eda659464993f2945f2c5f4332f96fec9dc0e4c 4fb425a78b4664385741112795978280166b6331baf461aa4ba9440d0ef3826d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe84af5-cb77-4bce-b050-bb28c67f2536.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3936
x-amzn-requestid: f0dba0d5-752b-4a36-bedd-56e9dd7b508e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shFH_iIAMF28w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-260fa8c121160aa44b30bd5a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sLH1U82dYcrJhJQNJ8eFcGT3AMa0MITTZwtCwgVMKCRidqmMOMMqTA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:46:45 GMT
age: 1660
etag: "7eda659464993f2945f2c5f4332f96fec9dc0e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg IP34.120.237.76:0
Hashfdd4f7995316745fba36c328ca41c817 cd4c20a6d06af9ecefad53e68da766387cb75293 e6d6abe3baa09f0099447f4aa2f988ffe7d079f51bba0f79daf904a6ccd0107f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1500786-3bbf-46d0-b16e-4aff6d48a585.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14579
x-amzn-requestid: bce2c126-0883-4255-9246-d8055860f898
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCj6FYCoAMF9Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e18-66ba2e5d64b6a5b32b7ab36b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: igIWZ2IhMA_GIovp4HgIHtGeDt5xoX0iThoQFKjnNJUYP_uMdO7FHw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 22:11:52 GMT
age: 153
etag: "16e42ba7b20555bf5a8615e5f4bb561204aeeb5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg | 34.120.237.76 | 200 OK | 8.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf727cc665bfa383779422949037a83a7 24d4dcad1590e79e89a1ffe343bd7fe616528c5a 72dc66286d9ea7b71b6c9a116ff69380a97253c73f1ba2a5b3da34790e321e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F993a9251-cb79-4060-b043-aacb127c6565.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8907
x-amzn-requestid: 974b20af-4775-45bd-9e3f-55e5aa363c2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQRGPtIAMFZCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2734-18aebf577efb8aaa0182aeed;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ANAYROIRBWe_Y5TxqYp9IDnqnuOHQGjvyj1K8Z85m7C9DGCXXuQ-Cw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:31 GMT
age: 1554
etag: "24d4dcad1590e79e89a1ffe343bd7fe616528c5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe1087dcce202bbbc8c84196bd2050662 670d89082f8da643e1196b11fb64bf71707f0e8d f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pVtBCTCGh0DCF_1Vf9qMWttoDUQO_xSCkpdis9Gu3o4_cVEqaHngVg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:30 GMT
age: 1555
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash884fee6973d8922f6aa93cbb98119571 2c912292febdee920bfaa6090ff0e8939166e49f d1ba800ab55e6b931319094811aac003f1cfb00777f8c0b4a26589c2c2ff2437
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1BA800AB55E6B931319094811AAC003F1CFB00777F8C0B4A26589C2C2FF2437"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8639
Expires: Sat, 24 Sep 2022 00:38:24 GMT
Date: Fri, 23 Sep 2022 22:14:25 GMT
Connection: keep-alive
|
|
| gxgu9gktreso.com/5871d75f9984fcbc64fd6d63d474bb3d/invoke.js | 192.243.59.20 | 200 OK | 57 kB |
URL HTTP/1.1gxgu9gktreso.com/5871d75f9984fcbc64fd6d63d474bb3d/invoke.js IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashb990030b16f3d4551851c7bc97f44ff6 f816cabe3ff67bf435f274425ec56b8366d4d4cc 210415c7e462c9f3921a1d5df0a143113d4149521882f836223067976a333217
GET /5871d75f9984fcbc64fd6d63d474bb3d/invoke.js HTTP/1.1
Host: gxgu9gktreso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 23 Sep 2022 22:14:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fe74dfacd7a7c8189c6dbb407dc8e62d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.sca1b.amazontrust.com/ | 18.165.196.217 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP18.165.196.217:0
Hashb912b648b93421767076bd6436ae2a36 0fc695b3079e70d1d7cf4fa415d4bd00e4350f9d be7e29208c3efbb0f655fcf49ce1c51889aa4d4af8722f96e17abdc88eca9735
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 22:14:26 GMT
Last-Modified: Fri, 23 Sep 2022 21:17:18 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 04bb33465149b34afca4988622dca584.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: BkMmFRa5kxji2oVSeHbdlbZQ4g0NXevif65pJKwP5ddI6FarULNBsw==
Age: 3429
|
|
| simplewebanalysis.com/stats |  52.29.95.124 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP52.29.95.124:0
File typeASCII text, with no line terminators Hash61390a80272fd5cd58aea9a83b9d31ed a1b6336ff71106b1eb95ed2324bc37f120579440 633090b93ab83226d54dc7b113cc8d55dcd69dbd5e498c34f56029a9956a5e5a
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fssquad.com
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:14:26 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://fssquad.com
access-control-allow-credentials: true
set-cookie: uid_id2=98e825f1-89ba-4dd4-a5e4-f13d9b0b445a:2:1; expires=Mon, 20 Sep 2032 22:14:26 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6ff6abba97b335e95e3dc40f1cd79d8b 6536cde2bef2c7134ff84a6eedfcb1b6d317e7be 0526231fa27b9ffc653476d90d58f987ad0b130b305c902e9b3459112c2de751
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0526231FA27B9FFC653476D90D58F987AD0B130B305C902E9B3459112C2DE751"
Last-Modified: Wed, 21 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11519
Expires: Sat, 24 Sep 2022 01:26:25 GMT
Date: Fri, 23 Sep 2022 22:14:26 GMT
Connection: keep-alive
|
|
| incomprehensibleacrid.com/watch.388366410256.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22redirecting%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fredirect%3Fto%3DaHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg%3D%3D&tz=0&dev=r&res=12.31&uuid=98e825f1-89ba-4dd4-a5e4-f13d9b0b445a%3A2%3A1 | 173.233.137.60 | 307 Temporary Redirect | 0 B |
URL HTTP/1.1incomprehensibleacrid.com/watch.388366410256.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22redirecting%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fredirect%3Fto%3DaHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg%3D%3D&tz=0&dev=r&res=12.31&uuid=98e825f1-89ba-4dd4-a5e4-f13d9b0b445a%3A2%3A1 IP173.233.137.60:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /watch.388366410256.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22redirecting%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fredirect%3Fto%3DaHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg%3D%3D&tz=0&dev=r&res=12.31&uuid=98e825f1-89ba-4dd4-a5e4-f13d9b0b445a%3A2%3A1 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fssquad.com
Connection: keep-alive
Referer: https://fssquad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 23 Sep 2022 22:14:26 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fssquad.com
Access-Control-Allow-Origin: https://fssquad.com
Access-Control-Allow-Credentials: true
Location: https://incomprehensibleacrid.com/watch.388366410256.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22redirecting%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fredirect%3Fto%3DaHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg%3D%3D&tz=0&dev=r&res=12.31&uuid=98e825f1-89ba-4dd4-a5e4-f13d9b0b445a%3A2%3A1&shu=0d21bed0a3ac5c331feca1f816e1c82375f0334fcac7ce442068462bfa581ab461c97854e36808870ac654d42f85e5721b3aa530fcf8c5f73e8673b3615c309c17790ff1967e037855a70de629e1eee92654d2b71c3848ab4743501c598aed1fb0&pst=1663971326&rmtc=t
Set-Cookie: u_pl=16321429; expires=Sat, 24 Sep 2022 22:14:26 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMyMTQyOSwiayI6IjU4NzFkNzVmOTk4NGZjYmM2NGZkNmQ2M2Q0NzRiYjNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg3MjgzLCJwaWQiOjIwMjk0OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjozMiwicHQiOjQsInBrIjoiejJ1dHlzeXMwIiwiY3BrcyI6eyAiMjgiOiJmMmQwYjdlYzE4YmQ2ZGI5NmM1ZWEwZGNkNmRiMmY5NiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZnNzcXVhZC5jb20vcmVkaXJlY3Q_dG89YUhSMGNITTZMeTlzYVc1ckxYUmhjbWRsZEM1dVpYUXZORGd5TmpBd0wzQnZiR2x6YUcxMVptWnBiZz09In19.YaNdzJsRXj8WyxjWAnfIf95h0GB_-7LAA-Ls1YDXdeE; expires=Fri, 23 Sep 2022 22:15:26 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cff857e3b4d15143223a38185bef808a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| incomprehensibleacrid.com/watch.388366410256.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22redirecting%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fredirect%3Fto%3DaHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg%3D%3D&tz=0&dev=r&res=12.31&uuid=98e825f1-89ba-4dd4-a5e4-f13d9b0b445a%3A2%3A1&shu=0d21bed0a3ac5c331feca1f816e1c82375f0334fcac7ce442068462bfa581ab461c97854e36808870ac654d42f85e5721b3aa530fcf8c5f73e8673b3615c309c17790ff1967e037855a70de629e1eee92654d2b71c3848ab4743501c598aed1fb0&pst=1663971326&rmtc=t | 173.233.137.60 | 200 OK | 51 kB |
URL HTTP/1.1incomprehensibleacrid.com/watch.388366410256.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22redirecting%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fredirect%3Fto%3DaHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg%3D%3D&tz=0&dev=r&res=12.31&uuid=98e825f1-89ba-4dd4-a5e4-f13d9b0b445a%3A2%3A1&shu=0d21bed0a3ac5c331feca1f816e1c82375f0334fcac7ce442068462bfa581ab461c97854e36808870ac654d42f85e5721b3aa530fcf8c5f73e8673b3615c309c17790ff1967e037855a70de629e1eee92654d2b71c3848ab4743501c598aed1fb0&pst=1663971326&rmtc=t IP173.233.137.60:0
Hashe179b961139d956ce155a1b326c49a3e 1fb7655a44f8f24ca4db6c9f2b03ccef095356ed 6cfb1b3327583cb58bc0929bc2ac47e9974075fb90ad4c02bcf5457f14be88b4
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /watch.388366410256.js?key=5871d75f9984fcbc64fd6d63d474bb3d&kw=%5B%22redirecting%22%2C%22fssquad%22%5D&refer=https%3A%2F%2Ffssquad.com%2Fredirect%3Fto%3DaHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg%3D%3D&tz=0&dev=r&res=12.31&uuid=98e825f1-89ba-4dd4-a5e4-f13d9b0b445a%3A2%3A1&shu=0d21bed0a3ac5c331feca1f816e1c82375f0334fcac7ce442068462bfa581ab461c97854e36808870ac654d42f85e5721b3aa530fcf8c5f73e8673b3615c309c17790ff1967e037855a70de629e1eee92654d2b71c3848ab4743501c598aed1fb0&pst=1663971326&rmtc=t HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fssquad.com
Referer: https://fssquad.com/
Connection: keep-alive
Cookie: u_pl=16321429; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMyMTQyOSwiayI6IjU4NzFkNzVmOTk4NGZjYmM2NGZkNmQ2M2Q0NzRiYjNkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg3MjgzLCJwaWQiOjIwMjk0OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjozMiwicHQiOjQsInBrIjoiejJ1dHlzeXMwIiwiY3BrcyI6eyAiMjgiOiJmMmQwYjdlYzE4YmQ2ZGI5NmM1ZWEwZGNkNmRiMmY5NiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vZnNzcXVhZC5jb20vcmVkaXJlY3Q_dG89YUhSMGNITTZMeTlzYVc1ckxYUmhjbWRsZEM1dVpYUXZORGd5TmpBd0wzQnZiR2x6YUcxMVptWnBiZz09In19.YaNdzJsRXj8WyxjWAnfIf95h0GB_-7LAA-Ls1YDXdeE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 23 Sep 2022 22:14:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://fssquad.com
Access-Control-Allow-Origin: https://fssquad.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=98e825f1-89ba-4dd4-a5e4-f13d9b0b445a:2:1; expires=Fri, 30 Sep 2022 22:14:26 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 24 Sep 2022 22:14:26 GMT; secure; SameSite=None
uncs=1; expires=Sat, 24 Sep 2022 22:14:26 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sat, 24 Sep 2022 22:14:26 GMT; secure; SameSite=None
uncs32=1; expires=Sat, 24 Sep 2022 22:14:26 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 466752a94432844f592cd0044967d917
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashcae5fcdd09783524eef5f8e8b850092b c939f84eb5656000e67cccad93aef492ac502115 cfc15ce5f0c38caeeac023aebfc065e597959176d2cd36a00605bb6411eb62ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFC15CE5F0C38CAEEAC023AEBFC065E597959176D2CD36A00605BB6411EB62AD"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6129
Expires: Fri, 23 Sep 2022 23:56:36 GMT
Date: Fri, 23 Sep 2022 22:14:27 GMT
Connection: keep-alive
|
|
| cdn.cloudimagesb.com/cti/2b/01/7a/2b017a9d88eb8d322026381fed5dcab7/1663334838.png | 45.133.44.9 | 200 OK | 26 kB |
URL HTTP/2cdn.cloudimagesb.com/cti/2b/01/7a/2b017a9d88eb8d322026381fed5dcab7/1663334838.png IP45.133.44.9:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 320 x 50, 8-bit/color RGB, non-interlaced\012- data Hash391366bcddc18750b0ec5d69aa98a04a 65fd4b76a4e48e9252fc48b7835c4028b16ac2f6 7c033631e5c2b57de9c62be11f285180988b72730d50d43ffd951eb009bf0dad
GET /cti/2b/01/7a/2b017a9d88eb8d322026381fed5dcab7/1663334838.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Connection: keep-alive
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:14:27 GMT
content-type: image/png
content-length: 26172
server: nginx/1.17.6
last-modified: Fri, 16 Sep 2022 13:27:26 GMT
etag: "632479be-663c"
expires: Sun, 25 Sep 2022 22:14:27 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fssquad.com/redirect?to=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg== | 172.67.220.8 | 200 OK | 0 B |
URL HTTP/2fssquad.com/redirect?to=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg== IP172.67.220.8:0
GET /redirect?to=aHR0cHM6Ly9saW5rLXRhcmdldC5uZXQvNDgyNjAwL3BvbGlzaG11ZmZpbg== HTTP/1.1
Host: fssquad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 23 Sep 2022 22:14:24 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
vary: Accept-Encoding
set-cookie: xf_csrf=umc6_18uxPHOXyAS; path=/; secure
last-modified: Fri, 23 Sep 2022 22:18:15 GMT
x-powered-by: PleskLin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ps0HkDQs7iSfjCDw5Ft2vyAcQuPDrhz0V4XymOR8LoqYrBbTWfF2Bg3rpXp%2FqBlxEs1SoZoV7bs0iy8mOJOmiokfLwyKq99oSBQCtNSe9s8a5KcxKWmTChIERtkH0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74f6a20ca8abb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
104.21.51.31
0.0.0.0