soldvr.com/zw
188.114.96.1301 Moved Permanently 229 B IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 734ed10fd818b9d98e10acc391cb4288
400af2df38bc480f7031208df56806098cda8722
37062db68142e16a603363afad16aba4303c94da4ff69166c6fc7842f5bc90c0
Analyzer Verdict Alert fortinet Phishing
GET /zw HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 04 Jan 2023 14:16:01 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://soldvr.com/zw/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgWEYIdVrRR%2BtRxU2eAxRmCEPOUyWEbEPfZjQzsbTF4y9sooYNOQItUHMNAVeXqcvMLjfzS4%2FPrk%2F2VSWnsD%2FBpWNKAOiFygt4iuuOF8w66CptGc3lvP2KzrcWxk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496eff8eab4ff-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16803ffa29e10ee999c43eb4e4acfe92
a5ede865a388fa440f20994b43c417d403e9a493
08de8f6abb622e84d2cb6e88dee8fc7c408147ac43da9c24d4cde510ed36b53a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08DE8F6ABB622E84D2CB6E88DEE8FC7C408147AC43DA9C24D4CDE510ED36B53A"
Last-Modified: Mon, 02 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19901
Expires: Wed, 04 Jan 2023 19:47:42 GMT
Date: Wed, 04 Jan 2023 14:16:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7905
Expires: Wed, 04 Jan 2023 16:27:46 GMT
Date: Wed, 04 Jan 2023 14:16:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16388
Expires: Wed, 04 Jan 2023 18:49:09 GMT
Date: Wed, 04 Jan 2023 14:16:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 04 Jan 2023 13:47:44 GMT
content-type: application/json
age: 1697
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: gLq4ymzV9U/gtIL7UJnmUtfhatUiS55NN6AA6XiUdKrK6xfCzq4TK1390komNsi16BxynQZls/k=
x-amz-request-id: KTQEVG0HKXP52DD3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 04 Jan 2023 13:59:09 GMT
age: 1012
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
soldvr.com/zw/
188.114.96.1200 OK 4.5 kB IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 375df107f3eb7abb102b4051820d4a41
660561c17755cf4d1fd312ab423bed78af1a5fda
bbf096e5e6122576020a296d4e0e40c367759e2fd776ebb627c1fc694b26b8a9
Analyzer Verdict Alert fortinet Phishing
GET /zw/ HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:08:58 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yc0%2BxcjekNzAOtCU6yRffzq8AXAVxIotfRWTkiIPHg8v%2F2wbEaC8Kh4TNNRJfb8ZeZxU0%2FDohWkjxUmyM630ADFX9XAlfgnDrsDzLZutn4lsZtmxmKpRu7ctmEnu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496f1bb72b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 04 Jan 2023 14:16:01 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
soldvr.com/zw/en-us/assets/js/w8swl.js
188.114.96.1200 OK 1.6 kB URL HTTP/1.1 soldvr.com/zw/en-us/assets/js/w8swl.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (3648)
Hash 024dd399eecbc969d64efd96a5fb2713
21ea1cb61ff4e370edee51e86b7e93079b6f60ca
643e84876d12cb34ee1f7faba81318e268c42aba3c19bb5c544b5b7f83e95748
Analyzer Verdict Alert fortinet Phishing
GET /zw/en-us/assets/js/w8swl.js HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/zw/
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:01 GMT
Content-Type: application/javascript
Content-Length: 1550
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "1a027c5-e41-5e8a03574d147-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePCOHOZkYDMdfo2TL%2B2UJLg9ITI9ipU4GBhILAnFqyPfZlcl92CNi%2BVOh0y3YYp6lQnnDGpkttsZ9r712J0OMzU5ywur8hReYoLcxE8X7v3HXftCvTWiqCeXQHq%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496f37da4b4ff-OSL
alt-svc: h2=":443"; ma=60
soldvr.com/zw/en-us/assets/css/voucher_layout_layout-products0cee.css
188.114.96.1200 OK 2.2 kB URL HTTP/1.1 soldvr.com/zw/en-us/assets/css/voucher_layout_layout-products0cee.css
IP 188.114.96.1:0
Hash 5cd08ce67e7fea2e47e1da7b6c113dee
87dbd70276696395b11b5e168526840e57c359f5
9b76d70fa735c07ab4127ebfbd942a5cc6b2a59302c949c3f6316bdaaae0c5f2
GET /zw/en-us/assets/css/voucher_layout_layout-products0cee.css HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/zw/
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:01 GMT
Content-Type: text/css
Content-Length: 2236
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "1a03657-35b4-5e8a03574d52f-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAu1kNkeUPVDHv8c%2FrnGy6NRx7FYencJyUXIejieZOVIRVdD2sPRCKmZZHLq%2Bs8mqSl0gUFsbICc%2FPzovNMfzLSCKJbstE5oHbrJK3Be6WnsCPhLOF7CR1Ymc3iJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496f37a7cb4fd-OSL
alt-svc: h2=":443"; ma=60
widgets.amung.us/small.js
172.67.8.141200 OK 3.5 kB URL HTTP/1.1 widgets.amung.us/small.js
IP 172.67.8.141:0
File type ASCII text, with very long lines (8560), with no line terminators
Hash 08283f674ed2a3a87b0ca0b64950ef28
1d6018c4a9104d337726cfe9f67b43ff37acc0cb
442e1c2e9e1692d86c6c4df3c68167fbddb4ec4ec7fa90258fd683f5a5f3578d
GET /small.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:01 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 02 Jan 2023 20:42:09 GMT
etag: W/"63b341a1-2170"
expires: Thu, 05 Jan 2023 13:28:21 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 2860
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784496f40932b4f3-OSL
randomuser.me/api/portraits/men/59.jpg
188.114.97.1200 OK 2.8 kB URL HTTP/2 randomuser.me/api/portraits/men/59.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash ab82a70c4d7efc7199176a584c660a7d
96a17acb548c276ee062bf85e582556fe9035378
57c0787e260e4785a6d858d26ff60a82fd5ae48cbae32fe6e866cb3daf7fe1a4
GET /api/portraits/men/59.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 14:16:01 GMT
content-type: image/jpeg
content-length: 2799
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-aef"
expires: Tue, 03 Jan 2023 12:21:49 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1558025
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEfCF2O4vKUU%2B2lUVnBHQTFOO08au5%2FQcYlAZiJ32%2BSUmU8HgcBFLtYu%2FGmtDQCdZ6zgYiENQsmjGGVwiVarWgVPJDgXq75z2nnzy5FjjEkTLfVqJqEyWn65NXG28x2S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784496f408fd0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
randomuser.me/api/portraits/women/16.jpg
188.114.97.1200 OK 6.9 kB URL HTTP/2 randomuser.me/api/portraits/women/16.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 2d6d19aa420764f4d4343aa57a81ab0c
ba0e62d8ef8830bcadb1f6258e134d0225bf955d
cc6b757fbf1174ae601b39aa711d6dfcda1b236001a2f3a67c4293d73c9fd714
GET /api/portraits/women/16.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 14:16:01 GMT
content-type: image/jpeg
content-length: 6888
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-1ae8"
expires: Tue, 03 Jan 2023 11:52:32 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1399046
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHdbO2lAuZN1RwURQFOxD1JFgyMue09ryDrYiP3xzeM63%2BRJ%2Be6ZNy9ELIG93FMGJjRYh8tJKBLySaIE3ozgyJIz2vPc8AOBz0S%2FWQlFZedYI5lj7u0Vsp1LJkBRSBCp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784496f408ff0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
randomuser.me/api/portraits/women/30.jpg
188.114.97.1200 OK 4.4 kB URL HTTP/2 randomuser.me/api/portraits/women/30.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 1969da0d3fda3aa29c5f883db4ce670c
733eb61b43d010cac0d4f0165d53314f3c767d6f
8d0417f0910586650f889adf5f72fb8ad336f07247cbfd9da9dd6db02546dd00
GET /api/portraits/women/30.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 14:16:01 GMT
content-type: image/jpeg
content-length: 4440
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-1158"
expires: Fri, 23 Dec 2022 18:05:22 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2110063
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zzx0HQeM80zAsD6o7NynlwFJ2i9gxtUnPlyj5HVi380wfu3OO9IbZqDA6xI4%2FHVK%2FC1zJ4xNN7VGmnyhRj6BhLTXJPAcXib4xVDxLUAcHc6bTppAUZ3sC3lwHk1sjg1h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784496f419020b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
randomuser.me/api/portraits/men/54.jpg
188.114.97.1200 OK 5.3 kB URL HTTP/2 randomuser.me/api/portraits/men/54.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash d19b518787fe6e8bd83ce2de827fa34b
9cd09c69251e882df33ebe7f7cbd3176f704bcfc
d1a3e08d4e37d6ee2b7de1db8df87c1dc7acd8ffb004caaf980917de518a60c9
GET /api/portraits/men/54.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 14:16:01 GMT
content-type: image/jpeg
content-length: 5276
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-149c"
expires: Thu, 12 Jan 2023 22:34:54 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 707648
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXC2%2BIAg2245pr4%2BFDfl60ESRwnOgFjIxZNKHhRTqQheUQIpPkdOwxemhOSGESKNpBkxp25LgZk2KxDMIyE7wx17lv8g53TbbeMYiXxXci26kHvi14KVq6KX0u2%2BerdK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784496f419040b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
randomuser.me/api/portraits/men/7.jpg
188.114.97.1200 OK 5.0 kB URL HTTP/2 randomuser.me/api/portraits/men/7.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 605af7fa51e2abb4df27027909bf7c4a
d08645e62b586a65649504745645178b41525999
f25b1b7a6a351c0f748d81bf4fcaf8c5a2f8ed036563c2693d4c1ca3718d9d5d
GET /api/portraits/men/7.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 04 Jan 2023 14:16:01 GMT
content-type: image/jpeg
content-length: 4988
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-137c"
expires: Tue, 03 Jan 2023 11:50:35 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 356673
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDCUahzNfO38zM38LFxI8596scWCVN9bweLuNm3KoslbxCf1qIyVrb4HxHRoL8uQR%2FORQc5DfDIcLd4aYTdQ2f8E2mfhJ1JQSotMR5Vx%2Fxfp7jnDD9mmNjk3a%2FulV4om"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 784496f409010b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
soldvr.com/zw/en-us/assets/css/common76cb.css
188.114.96.1200 OK 823 B URL HTTP/1.1 soldvr.com/zw/en-us/assets/css/common76cb.css
IP 188.114.96.1:0
File type ASCII text, with very long lines (1727)
Hash 7e91d166ba72336c2c25ea7eb2b1dcc6
e9ee71c8165617b4d76056bcc7711903b5db412c
c2e037b12b20cdc0c1d5e4a86043fd66d8214c857c3f89964e5cbd7d076722ce
GET /zw/en-us/assets/css/common76cb.css HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/zw/
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:01 GMT
Content-Type: text/css
Content-Length: 823
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "1a0364f-72b-5e8a03574d52f-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzO9DkveaWrDwIh6Kj6QGpku%2BOqATFJQvx7Bnbs2QR2jiqXKcRGmZ6ldOWhNPgCuX1chfweHFKqqvg%2BxWlmDhv3hgoH%2F%2BGy0EZfYsEiaFbRyQD%2FvMuUFbi8MK4YY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496f37cffb524-OSL
alt-svc: h2=":443"; ma=60
soldvr.com/zw/en-us/assets/css/voucher_color_white7c56.css
188.114.96.1200 OK 1.3 kB URL HTTP/1.1 soldvr.com/zw/en-us/assets/css/voucher_color_white7c56.css
IP 188.114.96.1:0
File type ASCII text, with very long lines (6073), with no line terminators
Hash 73b573b4bc93e117b3751dc2a232d1ca
214e6afb5742f432f4b0a90b81fd29b930db04fc
ed61d52fa0eced742b7e1c3e963fb407b7c15dd3010c2cdbf59a3a989bb2ee18
GET /zw/en-us/assets/css/voucher_color_white7c56.css HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/zw/
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:01 GMT
Content-Type: text/css
Content-Length: 1288
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "1a027d3-17b9-5e8a03574d52f-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPoDS1%2BMV3V4Uc7w6slly8t9PvVH7WLa0yKFrIBx%2BEtkZoLjMpLVnktce%2FeS3RpK4TLhuVwPXV846pEMMgbHPGATX7e4J3iBKMdZm1EQl%2FMdJoYbCYbCiNymX9sb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496f37b24b512-OSL
alt-svc: h2=":443"; ma=60
soldvr.com/zw/en-us/assets/css/voucher_brand_tesco90a7.css
188.114.96.1200 OK 1.3 kB URL HTTP/1.1 soldvr.com/zw/en-us/assets/css/voucher_brand_tesco90a7.css
IP 188.114.96.1:0
File type ASCII text, with very long lines (6291), with no line terminators
Hash 35e76e9856479fa9fa5da5347ea1e0a7
86605475e0a75c3edfdfe44d8024e053aca8bee3
8531742a3972751622d93f91408522942e1247a918d7d1330517fff2044518fd
GET /zw/en-us/assets/css/voucher_brand_tesco90a7.css HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/zw/
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:01 GMT
Content-Type: text/css
Content-Length: 1305
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "1a03652-1893-5e8a03574d52f-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRBDTYQREoh37bxAvytWBGDFP6T5JXK0BJUwuXBZ5xvSEZSXcwCAFUkUJeFGEgUT7nQwnDgRsXaP1hAAgH%2FbudBGGnuu1xxSJQ%2F9EU15GYyK%2FWlCPsR16KJScEKT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496f37c190b3d-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2de4d7e51964d03dfa8f0c6e3979bee2
e513e915c70c92b05bb5d2d3db32cc1542301634
a0f8c063c6d999641753296981e10d9cafb341efe8a8578160a85260fd5fa08e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 14:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
soldvr.com/zw/en-us/assets/css/voucher_main_style0cee.css
188.114.96.1200 OK 25 kB URL HTTP/1.1 soldvr.com/zw/en-us/assets/css/voucher_main_style0cee.css
IP 188.114.96.1:0
File type Unicode text, UTF-8 text, with very long lines (61814)
Hash 10c7ae01cda4659db971f9953775ce5f
6fa3b576d229763bf10a31a389cc251de82029db
1364339547342e8ec9c0003c587dd9c462932d5056e79ed9589579f94288a5d5
GET /zw/en-us/assets/css/voucher_main_style0cee.css HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/zw/
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:01 GMT
Content-Type: text/css
Content-Length: 25053
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "1a027d2-196a2-5e8a03574d52f-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLuXkIENnuw5MBTb3P7knuqcsAqEGqtwz%2BwM9sWz9HTmxlxbsqSp85Ii%2Blx3zXUUh50zbHsxRwxhpwjcoP8HmRcm5IzxLq5FOftZIJ2l%2Ft7ilp7AAxsO1g6ev3is"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496f37b40b527-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2de4d7e51964d03dfa8f0c6e3979bee2
e513e915c70c92b05bb5d2d3db32cc1542301634
a0f8c063c6d999641753296981e10d9cafb341efe8a8578160a85260fd5fa08e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 14:16:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
soldvr.com/zw/en-us/assets/js/custom.min.js
188.114.96.1200 OK 3.4 kB URL HTTP/1.1 soldvr.com/zw/en-us/assets/js/custom.min.js
IP 188.114.96.1:0
File type Unicode text, UTF-8 text, with very long lines (715)
Hash 0af0530047418282475dfbe6c7f131ee
14ab9fb3d5855f35ad7cae1ad333ce4489abc7fc
240fd0acbcf232844ddfda222d1228c8aff77d383f30b214fd212cf2053caad5
Analyzer Verdict Alert fortinet Phishing
GET /zw/en-us/assets/js/custom.min.js HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/zw/
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 3353
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:10:16 GMT
ETag: "1a03658-23aa-5e8a055d7c4a2-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyxIGSuuV77JXfALXnko86NA5FlLw%2B6wBGs5dpJbPy9p8N3d2GZTmmI5QAGFSM5cufCIfBQPzjWEqkNiJzUFSg2JZI0%2FjhEz2EWzfXih2%2FDz84dWgiqG95NFAvRT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496f41b49b4fd-OSL
alt-svc: h2=":443"; ma=60
soldvr.com/zw/ajax/libs/jquery/1-11-3/jquery.min.js
188.114.96.1200 OK 33 kB URL HTTP/1.1 soldvr.com/zw/ajax/libs/jquery/1-11-3/jquery.min.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (32038)
Hash 52b94c239ac654d524aedfea51652120
5e2f762ca56010473d633225f4c5c34ce2f62197
e7da358d6cfe51b08ebf16f2085a31018016b02db285c8c08984300e599ef9d4
Analyzer Verdict Alert fortinet Phishing
GET /zw/ajax/libs/jquery/1-11-3/jquery.min.js HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/zw/
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:02 GMT
Content-Type: application/javascript
Content-Length: 33303
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "1a02615-176f8-5e8a03574c977-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBbdVy9%2F6aoTK2tL9IyOXksS%2FO65%2FcoUjL8150Zeu5BLyndrv7T3J36VI2LWSJtXAJELEdCFEqM3iaQXhl5HdyWx10eWEoQGedgX8Nh%2BhQguhPqNM81Bpr87fXt6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496f41eb3b4ff-OSL
alt-svc: h2=":443"; ma=60
soldvr.com/zw/jh7p1c.jpg
188.114.96.1200 OK 4.9 kB IP 188.114.96.1:0
File type PNG image data, 80 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a050ff00d04052e1d1ce8743bac4dba
d7ebb691ce88884f0053f823129ca7a0dc275d9f
0a581c4110a0a5ca3c2c3cba39493e346594c7fc5d033d3bf599518e30466eb9
GET /zw/jh7p1c.jpg HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/zw/
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:02 GMT
Content-Type: image/jpeg
Content-Length: 4896
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "1a02619-1320-5e8a03574cd5f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSAYEu47xwFJTGZ5FbxWmUWYEAQYxmZeh%2BV76TzxdLeyFKqnRlFRw9orOH69ln5rDSr29iHy9Xna4YtejQmoTicb%2FAMVkCcpXyx7SaxtRcKlXBy2PE8zyj7FensH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784496f47ca0b512-OSL
alt-svc: h2=":443"; ma=60
soldvr.com/zw/zimbabwe.png
188.114.96.1200 OK 21 kB URL HTTP/1.1 soldvr.com/zw/zimbabwe.png
IP 188.114.96.1:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash d5a1c35e496296d21a02ef954227f007
efd99950baf07475ae4917af286c6769006c6bec
b15d1bb0482cbe58b51264ae89282a3d91cb197fcddcdd71f8fcd357f1a89caa
GET /zw/zimbabwe.png HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/zw/
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:02 GMT
Content-Type: image/png
Content-Length: 21179
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:06:56 GMT
ETag: "74613d-52bb-5e8a049f1be1f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXLr2Vig%2FfMu4GsbTnkjmxYkXQI3liR2U2BmiIRZHMgWy0ELl7jJcbFq%2BuTP5%2FVe1zL%2BWnKiUEyV8KnsYkVrzD1vVg9cPigbhKQ9821bidAw74VGxxNPs7lbUaEu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784496f47d020b3d-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbad870248cb8172be5849309582b77f
3e12044d8bf5e6df81ac6260b186ecce175dba86
dc5b6747fdf685bd97307ee6584a5d8109258199ca81a8ddf2e6f1471b6f0cda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 14:16:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/geNBckx.png
151.101.244.193200 OK 162 B IP 151.101.244.193:0
File type PNG image data, 12 x 13, 4-bit colormap, non-interlaced\012- data
Hash d7ae9442add710b1066911bfba428234
38b5869fbcb1147c58066b29cb73e29904799754
75a9efd4b12ff81a1fb3a563e4bf66c1d9ff21b9d01a40702ab5a82da152bd61
GET /geNBckx.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 17 Apr 2020 10:36:52 GMT
etag: "d7ae9442add710b1066911bfba428234"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 04 Jan 2023 14:16:02 GMT
age: 4323535
x-served-by: cache-iad-kcgs7200107-IAD, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 712, 1
x-timer: S1672841762.215195,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 162
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
216.58.207.227200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 19228, version 1.0\012- data
Hash 4de1acb111366ff5358a27c36bfff049
3e746862c43c9bf6080efa2e67985c6017013db1
df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f
GET /s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://soldvr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 13:33:37 GMT
expires: Sat, 30 Dec 2023 13:33:37 GMT
cache-control: public, max-age=31536000
age: 434545
last-modified: Mon, 15 Aug 2022 18:05:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
soldvr.com/zw/sold.png
188.114.96.1200 OK 100 kB IP 188.114.96.1:0
File type PNG image data, 400 x 360, 8-bit/color RGBA, non-interlaced\012- data
Size 100 kB (100522 bytes)
Hash 6bdaaa633c5b0d76439edb5c780f5778
4f8fb4b2ad757cf7350f6f40658b06bb2ee156fc
a773cc2b03abbb2eba3bfd9712370d0ead9b1122bf559ce339768f9b3d1c3fb2
GET /zw/sold.png HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/zw/
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:02 GMT
Content-Type: image/png
Content-Length: 100522
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:07:00 GMT
ETag: "74613e-188aa-5e8a04a294d16"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DzIypOf4LbuEetAppwUHrGcOe11i8jbHRpGKw%2FYrg6kiKR%2FvMyFtfbNk4rrADx0b4k4NW4yjR61KFbQ42YwRBV8LHPDBt6oOAVQcE2ewzxh2WayTWahwbbifKbN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 784496f47e6eb524-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cbad870248cb8172be5849309582b77f
3e12044d8bf5e6df81ac6260b186ecce175dba86
dc5b6747fdf685bd97307ee6584a5d8109258199ca81a8ddf2e6f1471b6f0cda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 14:16:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/RxS8FXk.png
151.101.244.193200 OK 279 B IP 151.101.244.193:0
File type PNG image data, 13 x 13, 8-bit colormap, non-interlaced\012- data
Hash ee4bde320c95dcf9ea57fe5f8eabff77
cb52950826ebf97148b9269ef04de16ce8b224b1
e55380e114a7050333af45d44453084ef42ad9dba7696ebf692ea4b42a0f1222
GET /RxS8FXk.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 17 Apr 2020 10:36:52 GMT
etag: "ee4bde320c95dcf9ea57fe5f8eabff77"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 04 Jan 2023 14:16:02 GMT
age: 2794
x-served-by: cache-iad-kjyo7100141-IAD, cache-hel1410023-HEL
x-cache: HIT, MISS
x-cache-hits: 36, 0
x-timer: S1672841762.205114,VS0,VE97
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 279
X-Firefox-Spdy: h2
i.imgur.com/FUwlTOP.png
151.101.244.193200 OK 293 B IP 151.101.244.193:0
File type PNG image data, 14 x 13, 8-bit colormap, non-interlaced\012- data
Hash 486bfc9a2b39a465bfa7b1f660a16877
4aa237e6f8a82fd09c452990cd25e27c4fa8e281
ccb07a38f5ebf3d51544fc76bbf00aaf9210e48c8338c204aae3f6d3321872b5
GET /FUwlTOP.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 17 Apr 2020 10:36:52 GMT
etag: "486bfc9a2b39a465bfa7b1f660a16877"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 04 Jan 2023 14:16:02 GMT
age: 429224
x-served-by: cache-iad-kiad7000128-IAD, cache-hel1410023-HEL
x-cache: HIT, MISS
x-cache-hits: 4360, 0
x-timer: S1672841762.206260,VS0,VE99
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 293
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 04 Jan 2023 13:33:37 GMT
age: 2545
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/JNJj-Xek6-M
IP 142.250.74.131:0
Hash 55e626553de2a4184e2eaccef074b2dd
d7355221d82bf1b22b3deace1f758a24a9516fb9
7cdbca1ed4bf5976ecba7b7cadbb28e6df0398ed81dd00a2025170fc3b844689
POST /s/gts1p5/JNJj-Xek6-M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 14:16:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
soldvr.com/zw/en-us/assets/css/9eeec628/fonts/proximanovablack/proximanovablack.woff
188.114.96.1200 OK 75 kB URL HTTP/1.1 soldvr.com/zw/en-us/assets/css/9eeec628/fonts/proximanovablack/proximanovablack.woff
IP 188.114.96.1:0
File type Web Open Font Format, TrueType, length 75196, version 1.1\012- data
Hash 2edf02908800d6535704c20c662727d9
3a0f05c005189721e2587af8565dc136807ae703
9792b461aa580c367d843488154f6aec8f4c706d7696c8408d718fb8ee348c2a
Analyzer Verdict Alert fortinet Phishing
GET /zw/en-us/assets/css/9eeec628/fonts/proximanovablack/proximanovablack.woff HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://soldvr.com/zw/en-us/assets/css/voucher_brand_tesco90a7.css
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:02 GMT
Content-Type: font/woff
Content-Length: 75196
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "1b208b1-125bc-5e8a03574f087"
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWBxElV0HezdxV2GTQyZWqLCgIyTcvBgMVvgUiA%2Bvhe1zIFvMIv7j0A5KRKxyc%2BQ%2FRwYvNYS%2Bhc40pYNIRPU1oPr9SMruuj7DtywrWzlhZv%2FokzURvLEbXUyqOZd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496f55e2cb512-OSL
alt-svc: h2=":443"; ma=60
soldvr.com/zw/en-us/assets/css/9eeec628/fonts/proximanovabold/proximanovabold.woff
188.114.96.1200 OK 75 kB URL HTTP/1.1 soldvr.com/zw/en-us/assets/css/9eeec628/fonts/proximanovabold/proximanovabold.woff
IP 188.114.96.1:0
File type Web Open Font Format, TrueType, length 75196, version 1.1\012- data
Hash 2edf02908800d6535704c20c662727d9
3a0f05c005189721e2587af8565dc136807ae703
9792b461aa580c367d843488154f6aec8f4c706d7696c8408d718fb8ee348c2a
Analyzer Verdict Alert fortinet Phishing
GET /zw/en-us/assets/css/9eeec628/fonts/proximanovabold/proximanovabold.woff HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://soldvr.com/zw/en-us/assets/css/voucher_brand_tesco90a7.css
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:02 GMT
Content-Type: font/woff
Content-Length: 75196
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: "1b208aa-125bc-5e8a03574e8b7"
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8giIG8GwJnRkoErxiDDDkr7801a%2BlgMkJM3pcGmQMcROUmY0ojbGalj0IAPBNAEfYNsN%2B0N0h0UFLB8M1E%2FHLoApeOyxoraEUoD4HrGHL6s575b8YakUmrDm4wj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496f5de4b0b3d-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe74c226e54f2f382d278b594df930ae
4e4ebc661443f56b74d7c924ddae50bcb107f0af
511f11fe968867447f6d7e5862d8003e3a5fc18bdb62496ea09d140e9a11f53b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3733
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 14:16:02 GMT
Last-Modified: Wed, 04 Jan 2023 13:13:49 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
soldvr.com/zw/en-us/assets/css/9eeec628/fonts/proximanovaregular/proximanovaregular.ttf
188.114.96.1200 OK 80 kB URL HTTP/1.1 soldvr.com/zw/en-us/assets/css/9eeec628/fonts/proximanovaregular/proximanovaregular.ttf
IP 188.114.96.1:0
File type TrueType Font data, 17 tables, 1st "FFTM", 24 names, Macintosh\012- data
Hash 923c3661fc413eb9ca8b9886bb1c68ed
dc3e1eab51d7568068213a636f1295b3fc30ecb3
0bee46a1d8b6e8a7b1a81a4746f067d271eab88a21a0f047fdbc8d5fdb8c3ab7
Analyzer Verdict Alert fortinet Phishing
GET /zw/en-us/assets/css/9eeec628/fonts/proximanovaregular/proximanovaregular.ttf HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/zw/en-us/assets/css/voucher_brand_tesco90a7.css
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:02 GMT
Content-Type: font/ttf
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 10:01:12 GMT
ETag: W/"1b208ad-2d398-5e8a03574e8b7"
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bvzDrbPYYePTM90ouw3ZwVsQFpxfDFrYLK54HiCsHTxR%2FdkiS7YRQequvwG1Z0a%2FzB2NrFQLxqRVXKmRPZo0UnqWt4jfioCBW5oKeYk49ETqEl4h0S2tYVfi57f"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496f55dceb527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f239920b11acb26d109b7a1b8cf58e46
f7bab98d3c21794c3e3d08d88c4331ef48420c13
c580620be129f2651f775f95daaeae659d6e62cdf2b8eb2277e6c794c7e53673
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 14:16:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 04 Jan 2023 13:34:02 GMT
expires: Wed, 04 Jan 2023 15:34:02 GMT
cache-control: public, max-age=7200
age: 2520
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
soldvr.com/favicon.ico
188.114.96.1404 Not Found 842 B IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0806ffc02244eff919b07f94921d182e
d6065d0eaaa14dbe98dc441cf1dc50cae450bf9a
bd1ef5abf64225b2c54d27a7c056d47dfb2f8cf44dd3b9870fd79837949baee5
GET /favicon.ico HTTP/1.1
Host: soldvr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/zw/
HTTP/1.1 404 Not Found
Date: Wed, 04 Jan 2023 14:16:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gc3dZJ7uscbtNPZZpybyVdkxiBdMDBnaZwsiRowAEsh8xJiGoF%2B4UgZ94HNdjcLh9J7QWrtUwcIelJlmBQWuEen%2Bca6Hxe0LCihJGGm4mWrmNprvfLI%2B2Gn0cUtI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 784496f8bbe8b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f239920b11acb26d109b7a1b8cf58e46
f7bab98d3c21794c3e3d08d88c4331ef48420c13
c580620be129f2651f775f95daaeae659d6e62cdf2b8eb2277e6c794c7e53673
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 04 Jan 2023 14:16:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
whos.amung.us/pingjs/?k=soldzw&t=Zimbabwe%20%3A%20Free%20credit&c=s&x=http%3A%2F%2Fsoldvr.com%2Fzw%2F%23&y=&a=-1&d=1.021&v=27&r=7662
104.22.74.171200 OK 45 B URL HTTP/1.1 whos.amung.us/pingjs/?k=soldzw&t=Zimbabwe%20%3A%20Free%20credit&c=s&x=http%3A%2F%2Fsoldvr.com%2Fzw%2F%23&y=&a=-1&d=1.021&v=27&r=7662
IP 104.22.74.171:0
File type ASCII text, with no line terminators
Hash 6814bc1f9e0aaf5d665512c21d621270
2c656ebfe2f61405470ab6596e5a869038dc7ad4
b20e1192b382f9692b91f5125d54f18f8b5340b51b39069079d39258d9a4cb4a
GET /pingjs/?k=soldzw&t=Zimbabwe%20%3A%20Free%20credit&c=s&x=http%3A%2F%2Fsoldvr.com%2Fzw%2F%23&y=&a=-1&d=1.021&v=27&r=7662 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldvr.com/
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:02 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784496f8cf4c992a-ARN
push.services.mozilla.com/
35.163.62.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.62.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zkDzssSAgTlAkgRzdhivfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: upb+4GN4JDOOQYlAIMRjFAIWmDM=
t.dtscout.com/i/?l=http%3A%2F%2Fsoldvr.com%2Fzw%2F%23&j=
141.101.120.11200 OK 1.1 kB URL HTTP/2 t.dtscout.com/i/?l=http%3A%2F%2Fsoldvr.com%2Fzw%2F%23&j=
IP 141.101.120.11:0
File type ASCII text, with very long lines (2077)
Hash 1761952aeba54f0e2bbaf358e1d80490
de761132820aa1ab31104dccd37083edffcf8271
d9be511cfce56ecd69359d41fa5dc97f399578922ccb173938c4f4ce99e5fdfe
GET /i/?l=http%3A%2F%2Fsoldvr.com%2Fzw%2F%23&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 14:16:02 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Wed, 04-Jan-2023 15:39:22 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Wed, 04-Jan-2023 18:16:02 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1672841762; Domain=dtscout.com; Expires=Fri, 14-Apr-2023 14:16:02 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.523
expires: Wed, 04 Jan 2023 14:16:01 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFpVpggrd%2BOr7acGYagM9Nf1rS41Y%2Bpppf52dda81IdczJRO9ksh8S7ZytsIgPJV8DeU2EEI6jf6HZRS13SBGxB07QpuG9sSPHssT627uqeVMLw00n9YhcEqlZNup8A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 784496f6fa890a28-ARN
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d814daa26bea827745fac608652d1db7
24bd0962c8690c7446ded3b313598182a6e4f5d6
da19dc373fb8565f7aca0e5dec3db08bbb62ba877efe696eb6fc9bd2c55e3c39
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 04 Jan 2023 14:16:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 01 Jan 2023 11:33:41 GMT
Expires: Sun, 08 Jan 2023 11:33:40 GMT
Etag: "24bd0962c8690c7446ded3b313598182a6e4f5d6"
Cache-Control: max-age=335256,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 784496fa4813b4f1-OSL
cdn.tynt.com/tc.js
104.18.36.173200 OK 6.7 kB IP 104.18.36.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash 1c19de1014ecbb64bf79594584b7e243
e2ab949e99c448f107245a0a39c10e0b30130e9f
5c80cda6336fe83e049aea16c899b4983fa70744beccddd14d75ee0c178c5c77
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 04 Jan 2023 14:16:03 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
vary: Accept-Encoding
etag: W/"62d96946-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 168429
expires: Sat, 07 Jan 2023 14:16:03 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 784496fb9c02b511-OSL
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9&t=Zimbabwe%20%3A%20Free%20credit&cu=https%3A%2F%2Finternet.com%2F
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9&t=Zimbabwe%20%3A%20Free%20credit&cu=https%3A%2F%2Finternet.com%2F
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9&t=Zimbabwe%20%3A%20Free%20credit&cu=https%3A%2F%2Finternet.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 04 Jan 2023 14:16:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9&t=Zimbabwe%20%3A%20Free%20credit
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9&t=Zimbabwe%20%3A%20Free%20credit
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9&t=Zimbabwe%20%3A%20Free%20credit HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 04 Jan 2023 14:16:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!soldzw&dn=TC&cc=1&r=
67.202.105.31200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!soldzw&dn=TC&cc=1&r=
IP 67.202.105.31:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!soldzw&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Thu, 05 Jan 2023 14:16:03 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Wed, 04 Jan 2023 14:16:03 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 04 Jan 2023 14:16:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png&ct=Urgent!%20for%20all%20Zimbabwean%F0%9F%8C%B9 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 04 Jan 2023 14:16:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8781
Expires: Wed, 04 Jan 2023 16:42:25 GMT
Date: Wed, 04 Jan 2023 14:16:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8781
Expires: Wed, 04 Jan 2023 16:42:25 GMT
Date: Wed, 04 Jan 2023 14:16:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8781
Expires: Wed, 04 Jan 2023 16:42:25 GMT
Date: Wed, 04 Jan 2023 14:16:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8781
Expires: Wed, 04 Jan 2023 16:42:25 GMT
Date: Wed, 04 Jan 2023 14:16:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8781
Expires: Wed, 04 Jan 2023 16:42:25 GMT
Date: Wed, 04 Jan 2023 14:16:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F583a7e45-0f5f-4df3-8000-12fe5b734405.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F583a7e45-0f5f-4df3-8000-12fe5b734405.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0a3f1c5f64bf24552675ebaa5041eb80
154d37e62377156196439764eeef6ec310199f6a
ab23bdaa30844bdf698e80f8f96e08d723a43a9ed5eb88a01585e9fac2ed9f72
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F583a7e45-0f5f-4df3-8000-12fe5b734405.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9033
x-amzn-requestid: 552d4626-ab67-43bb-ab9b-ef0c5d0eeef9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3HsGjXoAMFR_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49efd-461b5be35679186e36a33883;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:32:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1G9Y7P6hbiUaQB4YILj7Lj1NrDvOSRf8QECzGgPX9IaBB7ESb8v5Yw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:50:00 GMT
age: 59164
etag: "154d37e62377156196439764eeef6ec310199f6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fae0836-a888-409d-9ad4-e4791536b146.png
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fae0836-a888-409d-9ad4-e4791536b146.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8a37f8d46e8ab1478a0347c1de2d647
4547e54e620a8f45bd76d55f78eb05d5ad175f1f
176804e5630d33ded9d117504d63dbb718c8e682afdf8cbc18390d0f25790a80
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fae0836-a888-409d-9ad4-e4791536b146.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9531
x-amzn-requestid: 18053309-6970-4993-92b2-1c567542baa2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL4N2EoNoAMFafA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4a0be-5030fcc056a4cd26341f1bcd;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M-JtEYOFV8yssEu0dxlrDPoY_BSlARR3Pu8lfC3dYV4sL_Xg_wYAdA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:50:43 GMT
etag: "4547e54e620a8f45bd76d55f78eb05d5ad175f1f"
content-type: image/jpeg
age: 59121
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 359f30e64bec00d0a01acd69a08b684d
ac965c8642c4d1e47713965060fa2fc8f19088b1
fff1b001462468cc953092a2312650c03f307e95c40e2c6bb7356e2a8b9b0283
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ff2360c-5204-4d20-b397-821a4c4421e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11877
x-amzn-requestid: 884b9243-6a8a-4434-9b2a-e5eff84d4e99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL33bFnDoAMFpoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4a02f-3f7043ae29d21e010ddc1ff9;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:37:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WcUVY1LHWCEWWyJZEhS8M5tlXhx5WDnIr9RmxLMvqIilnREfwORJew==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 22:12:53 GMT
age: 57791
etag: "ac965c8642c4d1e47713965060fa2fc8f19088b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f7ef195ef59caf6b47f13ceae04987f
dbff30aac035b502e27a3a538dbdfd475d3fc1d4
b31c198d6b76827201a870da6f9fe9b28c2cffe0d3f7f3d8e0530223ea8fc9d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8476606b-7383-49cb-8c93-76705bedbbb8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8148
x-amzn-requestid: 7712cf7e-ea08-47da-876a-ba70c723b68b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL33cHXsIAMFhhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4a02f-3c965abb517a33ce31cbdf4c;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:37:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oJ4e7NUOg62KQDiD04fLCiSoQgBO_AQGw6mrIYbqcgdrylEMwoDQUA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:50:17 GMT
age: 59147
etag: "dbff30aac035b502e27a3a538dbdfd475d3fc1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0&img=sold.png HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 04 Jan 2023 14:16:03 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af78916e285d0f6c5c5a5ff33894e108
96df0d8c10c666811cfeb98187ca93e65480c2ff
7bcb20dc641e46d033dee76b3d92b701b31aecfbf88241a5a95dfdc1c5e95885
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03ececd-3935-4a1b-ae41-45a5aea9ebe3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5018
x-amzn-requestid: 7a68cfb1-dedd-4f08-8d99-4678c1087422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eL3HtFHkoAMFwYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b49efd-7880e5f93c99cc794f9a03bb;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 21:32:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MvV5dXthUr0Qo499_5eG6Z_yW0gmflen3kRBrse7ngQjUgOVA0OMvg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 03 Jan 2023 21:50:49 GMT
age: 59115
etag: "96df0d8c10c666811cfeb98187ca93e65480c2ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V8_4JXT2EDqqzVxBjZK7SUVVS9Pez_EbpGP8BCMX0FrS2x2srUr2Ug==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 04 Jan 2023 02:06:31 GMT
age: 43773
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldzw&lm=0&ts=1672841753591&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 04 Jan 2023 14:16:04 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu|Lora
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu|Lora
IP 142.250.74.106:0
GET /css?family=Ubuntu|Lora HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 04 Jan 2023 14:16:01 GMT
date: Wed, 04 Jan 2023 14:16:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
IP 142.250.74.106:0
GET /css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldvr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 04 Jan 2023 14:16:02 GMT
date: Wed, 04 Jan 2023 14:16:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2