r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8474
Expires: Wed, 01 Feb 2023 18:14:06 GMT
Date: Wed, 01 Feb 2023 15:52:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10336
Expires: Wed, 01 Feb 2023 18:45:08 GMT
Date: Wed, 01 Feb 2023 15:52:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK
939
URL
HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
Magic
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 15:36:02 GMT
content-type: application/json
age: 1010
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2915
Expires: Wed, 01 Feb 2023 16:41:27 GMT
Date: Wed, 01 Feb 2023 15:52:52 GMT
Connection: keep-alive
getclout-co.intuitve.co/
200 OK
214
IP
ASN
#46606 UNIFIEDLAYER-AS-1
Magic
HTML document, ASCII text, with very long lines (2023), with no line terminators
Hash
d3c2b351e7da740f5ab84e99f446cebd
565ee0ad74a18d906d1a7fdccd30cbae82ff5b3a
cd6068a7a8129b3a424b40ab902a7c247169472d71614eac8c31463d6b02c367
GET / HTTP/1.1
Host: getclout-co.intuitve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 15:52:52 GMT
Server: Apache
Vary: Referer,Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 15:52:52 GMT
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 214
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK
5348
URL
HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
Magic
PEM certificate\012- , ASCII text
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TNqTPGX4hVhSrzfpm44TLUTGvaxz6+OS1oWyvq9frcOuzYASh8QfNAs6YWNob9FiJgi8Fm/b57A=
x-amz-request-id: GD3D84V67DXQH3JF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 15:51:37 GMT
age: 75
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK
12
URL
HTTP/2
contile.services.mozilla.com/v1/tiles
IP
Magic
JSON data\012- , ASCII text, with no line terminators
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 15:52:52 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
d0f5aecf6e01b0a174a0c72456de3a2c
fecce67e5e7157782607e50d39d057779dbfd51b
13150d96cff0ad1ef61cbd13255dc91d84bb845b9454bdaaa718af859d6690f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13150D96CFF0AD1EF61CBD13255DC91D84BB845B9454BDAAA718AF859D6690F4"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7729
Expires: Wed, 01 Feb 2023 18:01:41 GMT
Date: Wed, 01 Feb 2023 15:52:52 GMT
Connection: keep-alive
cdn.violetlovelines.com/scripts/global.js?v=2.0.5
200 OK
3603
URL
HTTP/1.1
cdn.violetlovelines.com/scripts/global.js?v=2.0.5
IP
ASN
#24940 Hetzner Online GmbH
Magic
ASCII text, with very long lines (11707), with no line terminators
Hash
59a536b2d045da4d1218d24229454bb2
ff6e01c48e1ab7d7bc3c78f86e43917478a65b14
b7a81a84e8d207c400dda475ef5695726d0a24112dc4f07c2880e21e2b06b561
Analyzer
Verdict
Alert
mnemonic_dns
Sinkholed
GET /scripts/global.js?v=2.0.5 HTTP/1.1
Host: cdn.violetlovelines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://getclout-co.intuitve.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 15:52:52 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 Jan 2023 09:20:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d0f45d-2dbb"
Expires: Sat, 11 Feb 2023 15:52:52 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
getclout-co.intuitve.co/favicon.ico
200 OK
214
URL
HTTP/1.1
getclout-co.intuitve.co/favicon.ico
IP
ASN
#46606 UNIFIEDLAYER-AS-1
Magic
HTML document, ASCII text, with very long lines (2023), with no line terminators
Hash
d3c2b351e7da740f5ab84e99f446cebd
565ee0ad74a18d906d1a7fdccd30cbae82ff5b3a
cd6068a7a8129b3a424b40ab902a7c247169472d71614eac8c31463d6b02c367
GET /favicon.ico HTTP/1.1
Host: getclout-co.intuitve.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://getclout-co.intuitve.co/
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 15:52:52 GMT
Server: Apache
Vary: Referer,Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=2592000
Expires: Fri, 03 Mar 2023 15:52:52 GMT
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 214
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK
329
URL
HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
Magic
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 15:41:42 GMT
age: 670
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
fcbacac5eb95f3ff2259da750f722f9f
b9bb493602c7c53cc8419307230dc727533442fa
7ce7a12bbdda79f1bf740f6cfdf66c683e53ae46b2168d37f45b77833cff8c4c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7CE7A12BBDDA79F1BF740F6CFDF66C683E53AE46B2168D37F45B77833CFF8C4C"
Last-Modified: Tue, 31 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12749
Expires: Wed, 01 Feb 2023 19:25:21 GMT
Date: Wed, 01 Feb 2023 15:52:52 GMT
Connection: keep-alive
dns.firstblackphase.com/scripts/start.js?vl=0.9.5
200 OK
1685
URL
HTTP/1.1
dns.firstblackphase.com/scripts/start.js?vl=0.9.5
IP
ASN
#24940 Hetzner Online GmbH
Magic
ASCII text, with very long lines (1685), with no line terminators
Hash
e8025c2f37df60985c146f189efa904b
6acd32c36a0822a210b267e305821646a42ce3f3
531863f173e405b3149d06c28c9e9b768c18ff354fce7a98f3924d1ddd7e9a60
GET /scripts/start.js?vl=0.9.5 HTTP/1.1
Host: dns.firstblackphase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://getclout-co.intuitve.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 15:52:52 GMT
Content-Type: application/javascript
Content-Length: 1685
Last-Modified: Tue, 31 Jan 2023 11:00:07 GMT
Connection: keep-alive
ETag: "63d8f4b7-695"
Expires: Sat, 11 Feb 2023 15:52:52 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8832
Expires: Wed, 01 Feb 2023 18:20:04 GMT
Date: Wed, 01 Feb 2023 15:52:52 GMT
Connection: keep-alive
away.firstblackphase.com/scripts/take.js?vr=1.8.2
301 Moved Permanently
162
URL
HTTP/1.1
away.firstblackphase.com/scripts/take.js?vr=1.8.2
IP
ASN
#2856 British Telecommunications PLC
Magic
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /scripts/take.js?vr=1.8.2 HTTP/1.1
Host: away.firstblackphase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://getclout-co.intuitve.co/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 01 Feb 2023 15:52:53 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://away.firstblackphase.com/scripts/take.js?vr=1.8.2
push.services.mozilla.com/
101 Switching Protocols
0
URL
HTTP/1.1
push.services.mozilla.com/
IP
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uMPApqq4H6iCj3zgqt0AqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7sftkCueWud7YfKzFwvQYkldATs=
shop.similarwebline.com/zX2nnT?&se_referrer=&default_keyword=&&frm6393271e20c24=script6393271e20c28&_cid=c173b3d5-aa0c-8a4c-da69-bf2ee86a79cd
301 Moved Permanently
0
URL
HTTP/1.1
shop.similarwebline.com/zX2nnT?&se_referrer=&default_keyword=&&frm6393271e20c24=script6393271e20c28&_cid=c173b3d5-aa0c-8a4c-da69-bf2ee86a79cd
IP
ASN
#24940 Hetzner Online GmbH
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer
Verdict
Alert
quad9
Sinkholed
GET /zX2nnT?&se_referrer=&default_keyword=&&frm6393271e20c24=script6393271e20c28&_cid=c173b3d5-aa0c-8a4c-da69-bf2ee86a79cd HTTP/1.1
Host: shop.similarwebline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://getclout-co.intuitve.co/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 01 Feb 2023 15:52:53 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Location: https://shop.similarwebline.com/zX2nnT?&se_referrer=&default_keyword=&&frm6393271e20c24=script6393271e20c28&_cid=c173b3d5-aa0c-8a4c-da69-bf2ee86a79cd
Pragma: no-cache
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
47b6290ce6b7d9ec7e45122eafe9c140
a6633c111d750152038095227dc1fcdbcd7bcf7b
2a697e55ddce87fded019d5311f37194b959bd6a6b049001a066ca77d52cc974
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A697E55DDCE87FDED019D5311F37194B959BD6A6B049001A066CA77D52CC974"
Last-Modified: Tue, 31 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=223
Expires: Wed, 01 Feb 2023 15:56:36 GMT
Date: Wed, 01 Feb 2023 15:52:53 GMT
Connection: keep-alive
store.firstblackphase.com/follow/give.php?id=3467457-33-7843423
302 Found
0
URL
HTTP/1.1
store.firstblackphase.com/follow/give.php?id=3467457-33-7843423
IP
ASN
#2856 British Telecommunications PLC
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /follow/give.php?id=3467457-33-7843423 HTTP/1.1
Host: store.firstblackphase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://getclout-co.intuitve.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 01 Feb 2023 15:52:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://store.firstblackphase.com/follow/give.php?id=93953945-77-345376456-23&qid=8568&wid=76538&kid=863843534&suid=67878056
Access-Control-Allow-Origin: *
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
fead455db0c5a5c375bb3369c673eb05
db9047b2ac26a4a2f5962150631964683bb8a801
14cda7ad9c7777aaecb1216bb321fc250a5a16feed081945fa113d208ec52942
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14CDA7AD9C7777AAECB1216BB321FC250A5A16FEED081945FA113D208EC52942"
Last-Modified: Mon, 30 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7967
Expires: Wed, 01 Feb 2023 18:05:41 GMT
Date: Wed, 01 Feb 2023 15:52:54 GMT
Connection: keep-alive
store.firstblackphase.com/follow/give.php?id=93953945-77-345376456-23&qid=8568&wid=76538&kid=863843534&suid=67878056
200 OK
463
URL
HTTP/1.1
store.firstblackphase.com/follow/give.php?id=93953945-77-345376456-23&qid=8568&wid=76538&kid=863843534&suid=67878056
IP
ASN
#2856 British Telecommunications PLC
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash
f4fb5fcef40258813aadd804bd4e3fe4
a72595e9df38169458504f2b2e1c94e21a328223
c3496a3c77c6eeab755de66198ba494da1fb5cd8ecffb2de10cb9d5c41028538
GET /follow/give.php?id=93953945-77-345376456-23&qid=8568&wid=76538&kid=863843534&suid=67878056 HTTP/1.1
Host: store.firstblackphase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://getclout-co.intuitve.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 15:52:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14575
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 15:52:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14575
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 15:52:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14575
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 15:52:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14575
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 15:52:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK
503
IP
ASN
#20940 Akamai International B.V.
Hash
e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14575
Expires: Wed, 01 Feb 2023 19:55:49 GMT
Date: Wed, 01 Feb 2023 15:52:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
200 OK
8597
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 12:57:00 GMT
age: 10554
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
200 OK
14041
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
78fe9a77211d6f9a462f625af0c6f9bc
ac0b58423d7578e7a1b60a62220c0a57924dda82
e047466c3ae0a55509f4ace49d0476f94271b5a25e71caa3b06ec468a238b652
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14041
x-amzn-requestid: 2be6655d-3b0e-4e65-b44b-11682610b640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRGFpIAMFbMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-5554d18d5db235913afa77a2;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jJHVbOXepgkVHjuNJG9wPcMjDcGbAc-NIpv_KUECG6c-AnJZoIW0zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:56 GMT
age: 65398
etag: "ac0b58423d7578e7a1b60a62220c0a57924dda82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
200 OK
8735
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 65435
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
200 OK
5736
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4yxwz2MFTdpb8I56VVbFU2Zz0qG_uHcYc3aDtn6boQPjhw7UFLLnYw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 10:37:09 GMT
age: 18945
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
200 OK
9600
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 48176
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
200 OK
6819
URL
HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP
Magic
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash
ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: daAf58GNG6Oy-ov_8TUeXnTcvZyW5eL_qwWz7dapr2Sy_5XSiS-3Mw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:56 GMT
age: 65398
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
arctic-farmer.com/favicon.ico
204 No Content
0
URL
HTTP/2
arctic-farmer.com/favicon.ico
IP
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer
Verdict
Alert
quad9
Sinkholed
GET /favicon.ico HTTP/1.1
Host: arctic-farmer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 01 Feb 2023 15:52:54 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
arctic-farmer.com/cTG-FVzWc.zX9Yk_aaXbQc9dM-TfYg3hNiT_Ik2lNmjnc-3pNqDrMsy_MujvQw5xN-TzMAxBMCi_ZEkFdGGHt-uJPKULpMB_dO0PFQ0Rc-zTFUQVRW0_9YFZWaVbd-TdYeVfBgl_SiUjkk2lY-znhorpdqn_RsDtZukvd-GxMykzNA3_JCnDBE0Fb-jH1IDJZK0_pMPNVOHPh-JRSSlTlUu_SWnXZYZZV-1bJcpdWeV_cg1hai0jt-plQmmntoa_aqkrUsytW-XvpwBxNyE_1AXBTCXDl-OFVGEH1I3_TKmLpMZNM-UP5QHRRSX_dUaVVW1Xp-pZTa0bRcs_aeUf9gEhY-zjJkNlVm0_Vo3pTq0rR-EtVu2vxwl_cyWzVACBa-mDpEjFOGU_FIGJQKXLF-JNaOVPhQB_ZSyT0UtVJ-nXJYyZZaX_FcodPeTfl-hhNizjAkz_ZmDnhohpY-zrAswtNuT_Ew3xYy2zY-wBNCWDNEj_YGmHMIzJZ-WLVMiNOOD_EQwROSDTI-4VJWnXJYy_aaWbQc9dN-jfIg3hOiT_hkjlNmTnR-ipMqDrZsh_Mu2vIw5xM-WzEA4BOCT_ZEmFMGDHk-xJMKTLgMy_ZOGPJQhRM-zTAUmVcWn_NYyZYazb1-vddeXfQgm_eimj9kulZ-UnlokpPqT_Qs1tNuzvI-yxMyDzAA
302 Found
0
URL
HTTP/2
arctic-farmer.com/cTG-FVzWc.zX9Yk_aaXbQc9dM-TfYg3hNiT_Ik2lNmjnc-3pNqDrMsy_MujvQw5xN-TzMAxBMCi_ZEkFdGGHt-uJPKULpMB_dO0PFQ0Rc-zTFUQVRW0_9YFZWaVbd-TdYeVfBgl_SiUjkk2lY-znhorpdqn_RsDtZukvd-GxMykzNA3_JCnDBE0Fb-jH1IDJZK0_pMPNVOHPh-JRSSlTlUu_SWnXZYZZV-1bJcpdWeV_cg1hai0jt-plQmmntoa_aqkrUsytW-XvpwBxNyE_1AXBTCXDl-OFVGEH1I3_TKmLpMZNM-UP5QHRRSX_dUaVVW1Xp-pZTa0bRcs_aeUf9gEhY-zjJkNlVm0_Vo3pTq0rR-EtVu2vxwl_cyWzVACBa-mDpEjFOGU_FIGJQKXLF-JNaOVPhQB_ZSyT0UtVJ-nXJYyZZaX_FcodPeTfl-hhNizjAkz_ZmDnhohpY-zrAswtNuT_Ew3xYy2zY-wBNCWDNEj_YGmHMIzJZ-WLVMiNOOD_EQwROSDTI-4VJWnXJYy_aaWbQc9dN-jfIg3hOiT_hkjlNmTnR-ipMqDrZsh_Mu2vIw5xM-WzEA4BOCT_ZEmFMGDHk-xJMKTLgMy_ZOGPJQhRM-zTAUmVcWn_NYyZYazb1-vddeXfQgm_eimj9kulZ-UnlokpPqT_Qs1tNuzvI-yxMyDzAA
IP
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer
Verdict
Alert
fortinet
Phishing
quad9
Sinkholed
POST /cTG-FVzWc.zX9Yk_aaXbQc9dM-TfYg3hNiT_Ik2lNmjnc-3pNqDrMsy_MujvQw5xN-TzMAxBMCi_ZEkFdGGHt-uJPKULpMB_dO0PFQ0Rc-zTFUQVRW0_9YFZWaVbd-TdYeVfBgl_SiUjkk2lY-znhorpdqn_RsDtZukvd-GxMykzNA3_JCnDBE0Fb-jH1IDJZK0_pMPNVOHPh-JRSSlTlUu_SWnXZYZZV-1bJcpdWeV_cg1hai0jt-plQmmntoa_aqkrUsytW-XvpwBxNyE_1AXBTCXDl-OFVGEH1I3_TKmLpMZNM-UP5QHRRSX_dUaVVW1Xp-pZTa0bRcs_aeUf9gEhY-zjJkNlVm0_Vo3pTq0rR-EtVu2vxwl_cyWzVACBa-mDpEjFOGU_FIGJQKXLF-JNaOVPhQB_ZSyT0UtVJ-nXJYyZZaX_FcodPeTfl-hhNizjAkz_ZmDnhohpY-zrAswtNuT_Ew3xYy2zY-wBNCWDNEj_YGmHMIzJZ-WLVMiNOOD_EQwROSDTI-4VJWnXJYy_aaWbQc9dN-jfIg3hOiT_hkjlNmTnR-ipMqDrZsh_Mu2vIw5xM-WzEA4BOCT_ZEmFMGDHk-xJMKTLgMy_ZOGPJQhRM-zTAUmVcWn_NYyZYazb1-vddeXfQgm_eimj9kulZ-UnlokpPqT_Qs1tNuzvI-yxMyDzAA HTTP/1.1
Host: arctic-farmer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
Origin: null
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 01 Feb 2023 15:52:54 GMT
content-type: text/html;charset=UTF-8
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
referrer-policy: no-referrer
p3p: CP="CUR ADM OUR NOR STA NID"
location: http://xml-v4.gipostart-2.co/click?i=i3zrKW6KNUE_0
x-frame-options: DENY
last-modified: Wed, 01 Feb 2023 15:52:54 GMT
set-cookie: kadCCap=79610:1:1674135009;184246:1:1673859446;222582:1:1674318856;219047:1:1667194435;194136:1:1675008656;132751:1:1675084242;236055:1:1675253981;199455:1:1668245056;219484:1:1667715065;218665:1:1673777741;212269:1:1675220948;235975:1:1675248006;222555:1:1671433227;218693:1:1669515516;220335:1:1670435916;171526:1:1673628579;220790:1:1668460505;222775:1:1674305361;221398:1:1674769535;221352:1:1670163762;215297:1:1674141027;223454:1:1674804841;223255:1:1670393482;222513:1:1671568408;223642:1:1674763884;101716:1:1672946010;219652:1:1669330335; max-age=1706802774; path=/
kadACap=445506:1:1669286676;446498:1:1671420411;389299:1:1673726804;346329:1:1670226206;453850:1:1671627132;462319:1:1674949690;453839:1:1675215975;419299:1:1675150383;469907:1:1674927295;272913:1:1674460051;410256:1:1674039938;458045:1:1670528140;424443:1:1674359547;401659:1:1674332133;404163:1:1673226439;460522:1:1675063677;446718:1:1674353140;449523:1:1670210030;456883:1:1671781891;419297:1:1675156199;441369:1:1671297690;445499:1:1670164226;419301:1:1674188761;419321:1:1674357365;419323:1:1674028005;451724:1:1669565807;470673:1:1674289452;419293:1:1675131038;451147:1:1674036929;444748:1:1669841678;471728:1:1674871019;383700:1:1675240028;445081:1:1671894608;451139:1:1673951585;419303:1:1674299014;442019:1:1675112111;407100:1:1668246232;406293:1:1673859446;444785:1:1671894608;465201:1:1674236409;446714:1:1674043083;424441:1:1674948590;346327:1:1675197874;446720:1:1673953397;320498:1:1674924381;453831:1:1674872001;450649:1:1674026353;419295:1:1674030439;458498:1:1672536671;454815:1:1673736038;410252:1:1674308810;417177:1:1674123312;462327:1:1673736144;445788:1:1669918420;320494:1:1675266774;190964:1:1674135009;445735:1:1669286676;468607:1:1674893352;460384:1:1674927276;446013:1:1668228435;419291:1:1675228250;398832:1:1672025828;458041:1:1670526590;424445:1:1675105910;410254:1:1674926948;446531:1:1669270846;446716:1:1674258987; max-age=1706802774; path=/
kadCSCap=212269:1:1675220948;236055:1:1675253981;235975:2:1675182062; path=/
kadASCap=453839:1:1675215975;419291:1:1675228250;383700:1:1675240028;346327:1:1675197874;320494:1:1675266774; path=/
kadRPixJ=bnVsbA==; max-age=1706802774; path=/
kadUnP3=CAEQ1pXqngYaDQjgrZgCEAIY54jnngYaDQiU0ZoCEAEY7v/kngYaDQjVv5kBEAEYsvvlngYaDQj2iP8BEAIYlcblngYaDQioiJcCEAMYhoPpngYiCggDEAEY1pXqngYqDAiDvRIQARiy++WeBioMCLiOJRACGJXG5Z4GKgwIpJMoEAMYhoPpngYqDAiKqSgQAhjniOeeBioMCI3MKBABGO7/5J4G; max-age=1706802774; path=/
x-content-type-options: nosniff
X-Firefox-Spdy: h2
xml-v4.gipostart-2.co/click?i=i3zrKW6KNUE_0
302 Found
0
URL
HTTP/1.1
xml-v4.gipostart-2.co/click?i=i3zrKW6KNUE_0
IP
ASN
#27257 WEBAIR-INTERNET
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=i3zrKW6KNUE_0 HTTP/1.1
Host: xml-v4.gipostart-2.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1669392156&sub4=CYBERMAX300&sub8=_betting&sub6=1669392156&ref_id=EbL4HVkwiJE
Pragma: no-cache
ocsp.digicert.com/
200 OK
279
IP
Hash
0c470b2c6a6d6e0ae8981ff565585af4
281b9f337005160bb8e5372ed0580aaf41605063
c399e11efc5307df36aeb02791be06dd34ad65b6eaa26ce49ef5835b779cf314
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3035
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 15:52:55 GMT
Etag: "63d9b144-117"
Last-Modified: Wed, 01 Feb 2023 15:02:20 GMT
Server: ECS (amb/6BC4)
X-Cache: HIT
Content-Length: 279
link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1669392156&sub4=CYBERMAX300&sub8=_betting&sub6=1669392156&ref_id=EbL4HVkwiJE
302 Found
0
URL
HTTP/2
link.affiliates.cyber.bet/click?b=0&pid=8425&offer_id=53&l=1669392156&sub4=CYBERMAX300&sub8=_betting&sub6=1669392156&ref_id=EbL4HVkwiJE
IP
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?b=0&pid=8425&offer_id=53&l=1669392156&sub4=CYBERMAX300&sub8=_betting&sub6=1669392156&ref_id=EbL4HVkwiJE HTTP/1.1
Host: link.affiliates.cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 01 Feb 2023 15:52:55 GMT
content-length: 0
location: https://cyber.bet/land/casino_spin_football_regform/?cid=63da8ad7902fa000015bc932&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1669392156&slice=
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
set-cookie: afclick=63da8ad7902fa000015bc932; expires=Thu, 01 Feb 2024 15:52:55 GMT; secure; SameSite=None
afoffers={"53":1675266775}; expires=Thu, 01 Feb 2024 15:52:55 GMT; secure; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbySFppPsUs2oAknNDWW2dzyLsw7j5AM6K1yVJhdz873dH%2FkzvjUVtud9NwQsoGnqS4aQpLBlw4ZNRn6uK78JTcwYYGo%2BgPcuQLRcd5jgy%2FCR0xwQBJhVKyCsRmLxDeJtlGsrXY3zd2MCq4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792bdb60e871b515-OSL
X-Firefox-Spdy: h2
cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
200 OK
4688
URL
HTTP/2
cyber.bet/land/casino_spin_football_regform/css/style.css?v=17
IP
Magic
ASCII text, with very long lines (23296), with no line terminators
Hash
80af14ea1d7c05a0b2cedb3a8bf261aa
df43bf2aa1c350802de020bc1b80726135c1ebe1
da4e2fcc2efa7b2b101094bc5ec67ec9792ef39b296e1218d704801c722ce965
GET /land/casino_spin_football_regform/css/style.css?v=17 HTTP/1.1
Host: cyber.bet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cyber.bet/land/casino_spin_football_regform/?cid=63da8ad7902fa000015bc932&pid=8425&subid1=&affs=1&sid=affs&utm_medium=revshare&utm_source=affise&utm_campaign=53_betting&promocode=CYBERMAX300&subid2=&subid3=&aff_bnnr=&aff_land=1669392156&slice=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 15:52:55 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=33037
etag: W/"63824c9c-810d"
last-modified: Sat, 26 Nov 2022 17:27:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2395
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWCWEmirubg0M%2F2zZbwJdOFuA%2FgTz4sUqVtmJHPRs8RETb%2F7fDA%2FFfjeG%2FpWRqhFVJyQ22LXemg7%2Bo2d8rvXUwpuWgkc%2BRsqxL8GeV0vXhfsp4UXw15FgDrwTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 792bdb62cb02b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK
471
162.241.24.161
34.254.83.154
159.69.234.10
139.45.195.8
194.135.30.40
95.101.11.115
35.210.53.219
188.72.219.35![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg"){kind=link}
![URL img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg](/search?q=http.url.addr:"img-getpocket.cdn.mozilla.net%2f296x148%2ffilters%3aformat%28jpeg%29%3aquality%2860%29%3ano_upscale%28%29%3astrip_exif%28%29%2fhttps%253A%252F%252Fs3.amazonaws.com%252Fpocket-curatedcorpusapi-prod-images%252F30335cb7-009a-42f5-8186-d0c302adc827.jpeg"){kind=link}