firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 06:43:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0mQnQTrtgBQUeTAYUuLdN0J8pqRRDdaff8DARzpXSSV_C92nmrdi4A==
Age: 1504
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17644
Expires: Mon, 05 Sep 2022 12:03:05 GMT
Date: Mon, 05 Sep 2022 07:09:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LyZotoASbdHh9J2bhf3VUs3QhvCrKyzR4Ty_PO1rFoOk0whp-3s66A==
age: 21224
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 07:09:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
104.21.43.29200 OK 5.5 kB URL HTTP/1.1 www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
IP 104.21.43.29:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1817), with CRLF, LF line terminators
Hash 4c8bbd1ddced357d4a37fbcecc20afc8
9274c5d236b0151230e083bdfe1711a293f9e95e
a387c72e2b52ff776acb95c89e1e9f31637465086bf23cd090d57680186bb386
Analyzer Verdict Alert quad9 Sinkholed
GET /survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9 HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache
Set-Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9; expires=Mon, 12-Sep-2022 05:48:02 GMT; Max-Age=599940; path=/; httponly
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpZ3JwDjAtJF9aLd9ZGonEx9GpCW19IVKMOWBGbrLsC6iF2%2BXB8kdTyq40u%2BJ3u7mRheblb4AnE9v5%2FHBf81cTT1ihaUGFgFiXWD7De4xtf%2B9qUJ4Wox%2FYlJ5SaTCSb2hBob"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745d2314fd69b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 05 Sep 2022 06:38:16 GMT
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 07:15:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2UScprVC4Ngow_rfqaUVqWceXbquQE9xnne3jNAhke1ImI589XsrZw==
Age: 1846
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 07:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.fortgift.com/js/plugins/base64decode/webtoolkit.base64.js
104.21.43.29200 OK 1.1 kB URL HTTP/1.1 www.fortgift.com/js/plugins/base64decode/webtoolkit.base64.js
IP 104.21.43.29:0
Hash 54cf5258f60909c053784b5a5190d0e9
45e44c232d3011fedd8f3b6dd6a08771e3619727
8f24e122c8e501d5848884b7f9f7bd037d530565118acd5dfafe8490349b64e4
Analyzer Verdict Alert quad9 Sinkholed
GET /js/plugins/base64decode/webtoolkit.base64.js HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 19 Jun 2020 11:41:06 GMT
Vary: Accept-Encoding
ETag: W/"5eeca452-d67"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnVNqhZZEkSBtKRTecFmw03c6gxbNL5wDZVY4Kdk%2FKUqYinuaRHUjgRtQQK2WuPetcAi7UVVUUUwpco1WRuwvmwykmN%2FUB9xmHe8wWVk3sX258056Z2XuY3X79VznAarI2he"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745d23197cacb512-OSL
alt-svc: h2=":443"; ma=60
www.fortgift.com/assets/font-awesome/css/font-awesome.min.css
104.21.43.29200 OK 7.9 kB URL HTTP/1.1 www.fortgift.com/assets/font-awesome/css/font-awesome.min.css
IP 104.21.43.29:0
File type ASCII text, with very long lines (30837)
Hash 103f21b72014a566bb04f62aa8162a5c
0901754088a97f071b312c4cafcb3ab379d925f7
1fe16cbb06573d874d9d143f536623d7db5688ed4e86d7fe3889a52b7dae3f2b
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 16 Oct 2017 10:55:51 GMT
Vary: Accept-Encoding
ETag: W/"59e49037-7918"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hTH8e9Y2y55FfkVCdUVhJW5jRprbahbWl%2FKWh7VxcXhz%2B24jl3EK31warTnvky7TR54hONt2zusYiiUcEKMpe3EqJRbQgUNgPsPc4%2FPrCPv4uU87Eo%2BQNpRXRxZPPLtpy8A"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745d231988740b39-OSL
alt-svc: h2=":443"; ma=60
www.fortgift.com/js/plugins/jqueryCookie/jquery.cookie.js
104.21.43.29200 OK 1.4 kB URL HTTP/1.1 www.fortgift.com/js/plugins/jqueryCookie/jquery.cookie.js
IP 104.21.43.29:0
Hash df9bc2ca94581a9f0d4778857f2dd204
c3bc1c54c929e4682371a6612c46025346fb04b4
2660c68222b1a6bf81d0cb331e601fdd2fdd8c304603b11f72a6fbd31fc5e8be
Analyzer Verdict Alert quad9 Sinkholed
GET /js/plugins/jqueryCookie/jquery.cookie.js HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Jun 2017 09:55:44 GMT
Vary: Accept-Encoding
ETag: W/"59410820-c31"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsTHvA5aQaA8GuoHlUKCqqlvjxKmACjCZjegUU0v7YnweapsqoYPleTzVFmCJkfApFsSnAIqn%2B996etehvjgkQUR8bEvRQ2%2BtKRXsd3yX6ZNH3%2BgqSyYa%2FyM8KYX1WT22pGM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745d231988790b39-OSL
alt-svc: h2=":443"; ma=60
www.fortgift.com/css/backend.css
104.21.43.29200 OK 729 B URL HTTP/1.1 www.fortgift.com/css/backend.css
IP 104.21.43.29:0
Hash 512485967b9476e8ac57df9cba5e160e
907cc60d8f308d523ce31a4876a690184123e8bb
dd4c95b8ac49f56fb3e5acc7f31d8d58abf9997b10cfb20b536c847ae6d6e2cd
Analyzer Verdict Alert quad9 Sinkholed
GET /css/backend.css HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Jun 2017 10:13:06 GMT
Vary: Accept-Encoding
ETag: W/"59410c32-8ab"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRnF8yUMvIwT%2BD6fkzmo9yJ0fni%2Bd4r9C10zokcVBMFD0uOZ11GRhCnuKJxMMgj7SFNlGS0mXecPm2LwDbjQCvAqkrIDLA2rvZh1xGxgf%2BDrN7Q4Kw4%2Fw5lhOsmZWbSC7tCB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745d23198803b506-OSL
alt-svc: h2=":443"; ma=60
www.fortgift.com/css/tpl_css/track_trace_v2/track_trace_v2.css
104.21.43.29200 OK 7.9 kB URL HTTP/1.1 www.fortgift.com/css/tpl_css/track_trace_v2/track_trace_v2.css
IP 104.21.43.29:0
Hash e0fd1a10516342e09a9faf8058c7c213
78eefdfd07d8fabaff6120fbb6d8c54bfe770025
4bb0ade002030464270e80f8343b4c0d35fed9e1dd31fb12d4a13ed5bee33934
Analyzer Verdict Alert quad9 Sinkholed
GET /css/tpl_css/track_trace_v2/track_trace_v2.css HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 25 Jun 2019 10:25:18 GMT
Vary: Accept-Encoding
ETag: W/"5d11f68e-825a"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtYyLTXL5THfHj3q%2FMaEirv8hDAvQq%2BVljMEN5ZSGWqaDElL%2BSnIiFL7B9IOPbZx%2Fyuej0OsAgC5prkD48gUQf%2BlduT%2FVnw6Dx%2FrkUJRPBV3iRkoyP1JW5C9LQljyzDOdSr2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745d23198ab8fac8-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Lato:700
142.250.74.10200 OK 332 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lato:700
IP 142.250.74.10:0
Hash 9cc27774596fed247a4eae0a8cbb6d40
97d03a65398a1481cb1b30e046d836efe8c5e484
a4b03bf467e90bdb0b1e94ec59d655a889952d39129678ca37b92d4c38d47eb0
GET /css?family=Lato:700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fortgift.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 05 Sep 2022 07:09:02 GMT
Date: Mon, 05 Sep 2022 07:09:02 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.fortgift.com/custom_js/currency_cnd2.js
104.21.43.29200 OK 521 B URL HTTP/1.1 www.fortgift.com/custom_js/currency_cnd2.js
IP 104.21.43.29:0
Hash 6fdf507ab6734c9639dc0eb8ae39aaa1
da6da50ffd83ad9daf904427639fb8d59bf9c428
db21cf31808932d16659346639644d8d03c5aeca9de0dab60701c141d0801025
Analyzer Verdict Alert quad9 Sinkholed
GET /custom_js/currency_cnd2.js HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Jun 2017 10:12:22 GMT
Vary: Accept-Encoding
ETag: W/"59410c06-5f4"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOwbTzkcWMuBmJPLVFUIucvujKmI11ODTzVJpvNEhCyXMjJ9vQhJr%2BcDaTbk9RpbBz58S4TeOSFmP%2BHvgdindpeN2lHxNAiKqFNOYF83uZld2st%2FIdhEwm5Yn382cmhhnumm"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745d231a1d73b512-OSL
alt-svc: h2=":443"; ma=60
www.fortgift.com/js/jquery.js
104.21.43.29200 OK 104 kB URL HTTP/1.1 www.fortgift.com/js/jquery.js
IP 104.21.43.29:0
Size 104 kB (103527 bytes)
Hash 64d51a91842027c9b0fa6d320c76e0e9
cb8f4124034b10289daf906b446ad78a4f0d7145
5d3429fe9a31d9435a4457fab6931d7f16308afebf8b39baad4306c536b05892
Analyzer Verdict Alert quad9 Sinkholed
GET /js/jquery.js HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Jun 2017 09:51:56 GMT
Vary: Accept-Encoding
ETag: W/"5941073c-456ea"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFci0TdV8vC5Uei0tRGRX%2Fp6hImlsaAzqnQC%2FNxWUKlsN%2FyheDJ0cUNMc9r72bklHHO9xue%2BOK4GRyWF4lcLxCJML33kL83nlYrh6Keb2EHsmMzthm4h6n%2FzN6nXXBHk9zch"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745d2319898eb517-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 77d035f38a45e8a1ec30d5fe9611880b
01cf34de95257da64dac90edf5a86203f1160271
7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1389
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 07:09:02 GMT
Last-Modified: Mon, 05 Sep 2022 06:45:53 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
www.fortgift.com/uploads/20220715095536_3753223535eb92fffd4c731f719079c4.png
104.21.43.29200 OK 18 kB URL HTTP/1.1 www.fortgift.com/uploads/20220715095536_3753223535eb92fffd4c731f719079c4.png
IP 104.21.43.29:0
File type PNG image data, 200 x 133, 8-bit colormap, non-interlaced\012- data
Hash 9a1060928c4c80bc3c817af01e939040
ec60717eda3540eb60ea24f1fba11e6e1e93cb01
3b19eeb21d7fbd9b8b260e57c2d9198f83732339a9e3cbd5d2264f77e722df26
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/20220715095536_3753223535eb92fffd4c731f719079c4.png HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: image/png
Content-Length: 17622
Connection: keep-alive
Last-Modified: Fri, 15 Jul 2022 07:55:36 GMT
ETag: "62d11d78-44d6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHpLW3blmgXfyHBt1End5lqvutjUk5TYHjXCM7JLu6nGdSK43%2BOei1Qu4WLXl0fR%2FP9yi1ym6n%2Bcdlv9rwBgaFIWg5%2BVmQTkO7Sa77wzhjqHTQ5s8h117MxLcltyAxrv2FHk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745d231acbc8fac8-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 07:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.fortgift.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:30:59 GMT
expires: Thu, 31 Aug 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 387483
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 07:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 07:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.fortgift.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:32:09 GMT
expires: Thu, 31 Aug 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 387413
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.163200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.fortgift.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:30:59 GMT
expires: Thu, 31 Aug 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 387483
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.fortgift.com/img/track_trace_v2/icons.svg
104.21.43.29200 OK 2.4 kB URL HTTP/1.1 www.fortgift.com/img/track_trace_v2/icons.svg
IP 104.21.43.29:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1709)
Hash 79f1ad76e914485e430e1ccc99de35bb
9177c780e021783b35a9bf042e270cd0ee2d8695
a8535540533a4ce82b08367042df5ed004331fa10f5dc9db10b601be0159060b
Analyzer Verdict Alert quad9 Sinkholed
GET /img/track_trace_v2/icons.svg HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 18 Jun 2019 10:45:08 GMT
Vary: Accept-Encoding
ETag: W/"5d08c0b4-1a9c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8RHZWZ8lZwom0wQIZhFsdJmZWq0QBZftQPMbrOCiob8iZH3fRlKBIq3Wau5d5Q%2BJMbLfGXRi0FilbbHuvYHaBXL3Uzl37Zk%2BKYt7qHF7ekUUSuYIxzhlmlejX0jzGrHFg2P"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745d231b5c31b517-OSL
alt-svc: h2=":443"; ma=60
www.fortgift.com/uploads/20220715092752_cfd24c10f8270a7dfb8b83cd84ccefda.png
104.21.43.29200 OK 12 kB URL HTTP/1.1 www.fortgift.com/uploads/20220715092752_cfd24c10f8270a7dfb8b83cd84ccefda.png
IP 104.21.43.29:0
File type PNG image data, 1447 x 445, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e1e5b0b1083fe16647aa86ba62f620c
6dbd179c6f0e6f1f7a88f64d563058473693f914
2bd9c32c309cdbd21a9d9ee1436e5b6e92cccc57e59918d88c1fe4cab59137c1
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/20220715092752_cfd24c10f8270a7dfb8b83cd84ccefda.png HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: image/png
Content-Length: 11488
Connection: keep-alive
Last-Modified: Fri, 15 Jul 2022 07:27:52 GMT
ETag: "62d116f8-2ce0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAJIcyMD1rfzu1jkeVtVwwhTLbF5PHlwgI1wOuqursJZZBrG7G94ADWNXk4SOCbGmXUbTuSSKWYCitKayOe%2Fl9zKz5NZAaqzpPu96Mr91sAjNiRinpSMzJ8tgc%2FsgtYujTC2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745d231b5ad20b39-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 07:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.fortgift.com/uploads/products/50636_20220715102437_cloned
104.21.43.29200 OK 122 kB URL HTTP/1.1 www.fortgift.com/uploads/products/50636_20220715102437_cloned
IP 104.21.43.29:0
File type PNG image data, 1100 x 730, 8-bit/color RGBA, non-interlaced\012- data
Size 122 kB (122436 bytes)
Hash 9112ef6888a45d1973e0d2bc06ce3083
4c41bfae2f654b1bddc0baa9e63bc51f79a0910c
2e7e23613260052d99ce6395e24259061ef0976b2300bf01f91b9dcea7b440c0
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/products/50636_20220715102437_cloned HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: application/octet-stream
Content-Length: 122436
Connection: keep-alive
Last-Modified: Fri, 15 Jul 2022 08:24:37 GMT
ETag: "62d12445-1de44"
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4T3BhcgAF8aK8YfkjZTbzJ%2BBHFpMLn4XxQNrEg8YlWIors%2BTZju5q1uEuyQIoFkWKmRNxu4lttZmVnxNyXOadYyq6EpTpiFbiM9BY7Yt%2B1S%2F6TZ8qVInSUIwaMD9w55uDqg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745d231aca380b39-OSL
alt-svc: h2=":443"; ma=60
www.fortgift.com/survey/survey
104.21.43.29200 OK 45 B URL HTTP/1.1 www.fortgift.com/survey/survey
IP 104.21.43.29:0
File type ASCII text, with no line terminators
Hash d88fef5a412e7cce7c705420a2d64cbc
e6d03282e5397b0d27957eec3f7f9b64a04ed9ce
f9c5b9c02235ec077e8a2a78b66d785661e88ef943d8e41cdbac8c8251269ded
Analyzer Verdict Alert quad9 Sinkholed
POST /survey/survey HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 62
Origin: http://www.fortgift.com
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9; b2ZmZXJXYWxs=%7B%22campaign%22%3A%22Mjc0NDQ%3D%22%2C%22survey%22%3A49374%2C%22source%22%3A%2210-908%22%2C%22subid%22%3A%22subid%3D10%22%2C%22firstSession%22%3A%227f00eFKYFZmNCgin3Z7b54mvFPaRV95LCQp5p7f2_Mjc0NDQ%3D%22%7D; survey_id_49374=true
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: http://www.fortgift.com
Cache-Control: no-cache
Set-Cookie: laravel_session=eyJpdiI6Im5qQUxaRnFIY1Zha1orbFF6aXFCK1E9PSIsInZhbHVlIjoic1dYd2hlcWhBM0kwR2U5cDRNeHZlaWhSTUVQZVVSNHZ6MUg2aHU0SmNrTmJWSXNEam5VUjdxaE1FT21hR3l3Q2pXNnZcL25jN2FUTlpORkNoM2Yzc25RPT0iLCJtYWMiOiIyZmJkYzE4MzQ3ZGFkNzY3MmRjYTA0OTM3ZDliYzlhYTY1OTIwYjEzOGY3NWM2YzhiNDE1MWE1ZDY4MjA3NTA4In0%3D; expires=Mon, 12-Sep-2022 05:48:02 GMT; Max-Age=599940; path=/; httponly
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwwTr0l3giULeSY2bGN%2F1xsL0hCfP3%2FLBRvvgfoGO7VPDqjxNjrMMgki594OEMF2VQOoJ70i6Ic6res2UVS2VR0DH%2BNUKfPtuRBlAkX7M6ES8nJLzu0DTVzJpyaxblTDYoS6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745d231b7f9cb512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.fortgift.com/survey/survey
104.21.43.29200 OK 150 B URL HTTP/1.1 www.fortgift.com/survey/survey
IP 104.21.43.29:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d4de2b786bfd947f1a07a13e90aa0bf9
04ac41028e532910873d0563583dd5748ba4d3c0
50ce1e00b21bc818f2b3a3778f9a8708d7ac8b1112e075cf6a75792a3393dabc
Analyzer Verdict Alert quad9 Sinkholed
POST /survey/survey HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 70
Origin: http://www.fortgift.com
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6InpFcjdEYWFTVUdOd2o4MGozc0R2TkE9PSIsInZhbHVlIjoiWHdJVUFLVFwvM1JPSmNoUlhEU1ZJZjRlMjRMUk1oUmtocmhSYlFKZXYwUlNcL2M1ZkVSUUxBaXl0czZ1VnhiY1dzZlNBZHV4UHJVS1VxM3M4VFVKaGN6dz09IiwibWFjIjoiNjY4NGNkOGFjMjI4ZjM3ZWExMWIxZWY5OWU0NzE1NWJhOTBjNzc3M2E2YWRiZTljYjM0MzI4MTRhNTM5NjQyYyJ9; b2ZmZXJXYWxs=%7B%22campaign%22%3A%22Mjc0NDQ%3D%22%2C%22survey%22%3A49374%2C%22source%22%3A%2210-908%22%2C%22subid%22%3A%22subid%3D10%22%2C%22firstSession%22%3A%227f00eFKYFZmNCgin3Z7b54mvFPaRV95LCQp5p7f2_Mjc0NDQ%3D%22%7D; survey_id_49374=true
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: http://www.fortgift.com
Cache-Control: no-cache
Set-Cookie: laravel_session=eyJpdiI6IkZXSzFnTFRkOE1EZFwvNkU5UkUwS0pnPT0iLCJ2YWx1ZSI6IkxQNGh2citBeVRjT2I1dFwvR3VpWlZJdXRzR3B0Tit4VHpxaFNEeWt4MDF5MEpxNGNnWHEzaEdcL3VTcDdxSHQzOUpPbU93XC9HN2pQeklCUHkwWXdDdWFBPT0iLCJtYWMiOiJiYjVjNjU5NWUzODUxMWYzYjUyMjdiMjlhNDljMTA5ODdmOWQzODNkNjVkNGJjNTdjYzE3MjBiYmEzN2IzNGNjIn0%3D; expires=Mon, 12-Sep-2022 05:48:02 GMT; Max-Age=599940; path=/; httponly
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgErvbHQEUN%2B0XfhqsIyP0ffQJn78IgkCkqwpEdLqMhArEpbkB4S%2Bt8Ld%2FFUa0sl2icKXOlZypkmEpyOOccw9DqXXZEcF89n1YBTmZdQRvG7%2BZOKHqrwtX3Ebyh5xNgb%2FJku"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 745d231b6aefb506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
35.162.35.244101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.35.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GEgCcJ/7bRKlLLVNxfEloA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ciFK8CgOqbIoxzR7Jt75Gdr2RhM=
www.fortgift.com/uploads/20220715092527_yes.ico
104.21.43.29200 OK 1.7 kB URL HTTP/1.1 www.fortgift.com/uploads/20220715092527_yes.ico
IP 104.21.43.29:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash bbfbce8bd892eb52b9ab46f954849cb8
3beb9287ec4a24e4752769d1b8df98e0a244bd58
5684c9dabbc7f208e285370a8f8c071c061006eedade82125fd31f9149d9d87d
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/20220715092527_yes.ico HTTP/1.1
Host: www.fortgift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.fortgift.com/survey/44472/source=10-908/subid=10/nrp=7b5ce34fca2946469114cd14dbd412d9
Cookie: laravel_session=eyJpdiI6IkZXSzFnTFRkOE1EZFwvNkU5UkUwS0pnPT0iLCJ2YWx1ZSI6IkxQNGh2citBeVRjT2I1dFwvR3VpWlZJdXRzR3B0Tit4VHpxaFNEeWt4MDF5MEpxNGNnWHEzaEdcL3VTcDdxSHQzOUpPbU93XC9HN2pQeklCUHkwWXdDdWFBPT0iLCJtYWMiOiJiYjVjNjU5NWUzODUxMWYzYjUyMjdiMjlhNDljMTA5ODdmOWQzODNkNjVkNGJjNTdjYzE3MjBiYmEzN2IzNGNjIn0%3D; b2ZmZXJXYWxs=%7B%22campaign%22%3A%22Mjc0NDQ%3D%22%2C%22survey%22%3A49374%2C%22source%22%3A%2210-908%22%2C%22subid%22%3A%22subid%3D10%22%2C%22firstSession%22%3A%227f00eFKYFZmNCgin3Z7b54mvFPaRV95LCQp5p7f2_Mjc0NDQ%3D%22%7D; survey_id_49374=true
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 07:09:02 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 15 Jul 2022 07:25:27 GMT
ETag: W/"62d11667-3c2e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xn5uLm6wybEPek43J6J1C1LhaoCHBRP6CKtqI0XUCe1Z9OjUXn802O%2FwSQQFaijtzYVc407vBvhVKxRo75htwicF6H9Tyr8Lqy97CZxLx0a6UoOVAdGM0Z3YlGgX0s4%2BbmgD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 745d231c5bfe0b39-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12099
Expires: Mon, 05 Sep 2022 10:30:43 GMT
Date: Mon, 05 Sep 2022 07:09:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12099
Expires: Mon, 05 Sep 2022 10:30:43 GMT
Date: Mon, 05 Sep 2022 07:09:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12099
Expires: Mon, 05 Sep 2022 10:30:43 GMT
Date: Mon, 05 Sep 2022 07:09:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12099
Expires: Mon, 05 Sep 2022 10:30:43 GMT
Date: Mon, 05 Sep 2022 07:09:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12099
Expires: Mon, 05 Sep 2022 10:30:43 GMT
Date: Mon, 05 Sep 2022 07:09:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0855d1b6-f16d-4dd0-9fde-a9453425f201.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0855d1b6-f16d-4dd0-9fde-a9453425f201.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c96c8c1d4fe4a550a59dd4ba09843a7c
99ece60b2c12ebc34512a58c886c997e273ad1ad
78157b35e481a8d31e3fbdf60d01332ae97a4bb939235e8ba566b1bd4e1d8d7b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0855d1b6-f16d-4dd0-9fde-a9453425f201.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7431
x-amzn-requestid: 0953983e-8c57-49ae-9b52-fe127c73a4a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaH8IGUmIAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6307204d-06266aa31b508580324f07ab;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:10:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NkadqENBWW1-qAK4_05zp0mUJ7lBApClnUDaojmgPEzZuiOZQ2lXsQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 03:44:55 GMT
age: 12249
etag: "99ece60b2c12ebc34512a58c886c997e273ad1ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GuATNx2xnWnEl0cr_2ZWZo_jOWbHlSBYksIeHFDoHAK9o5Tf0PPliQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:03:29 GMT
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
age: 32735
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b72072c-e8d1-4d87-8b3d-88a344002b6a.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b72072c-e8d1-4d87-8b3d-88a344002b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3fa914e288ca54908967c65ae6000607
b470ee66546236df6932247b8de7982a081e3170
04dc2796377fdd129e03e1a1902207ba57f23933f4296908794097353f2de13f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b72072c-e8d1-4d87-8b3d-88a344002b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9632
x-amzn-requestid: aee8c394-86b7-4b7e-8a1b-134b4de8454f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTxZF0rIAMFodg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c666f-2f2a9e20556d8899447fc662;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:10:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 77bXbuBtQ1AUHqlplB8HwTfSd83WZTTsmHsN2hZiTk83XvP5Bdpfhg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 19:05:29 GMT
age: 43415
etag: "b470ee66546236df6932247b8de7982a081e3170"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fe061740ad833cfe7ff0fe078d6810d
15d0fc3fdced758b5797361bae0fd53341e0581d
5409b6775bca5afd03901975c61c27f267efe2c8a8e739f05ebc52a938c5a368
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5459
x-amzn-requestid: a75bf8a5-dc96-4a88-9de5-b79d1d62ff21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxB_bFMFoAMFkEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631049fc-2685c90962d8af5f4a7b5908;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 05:58:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rZh0s85w1Nt6qZdZybNBcQHEXMWQIJvtAyCbF4oWsYUOlIKuNS5Fpg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:38:48 GMT
age: 30616
etag: "15d0fc3fdced758b5797361bae0fd53341e0581d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1944c2a5-23d6-45f7-ab9f-78685b5e5be8.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1944c2a5-23d6-45f7-ab9f-78685b5e5be8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1556a0afcd327679e471ac6373ca29f
15ac095f9a744d85d7054d6c48af8a3f9ec9fc3a
d3537c985a20cf69290064fbd46778a6fbe6604cb6b37b272c8058142f02ffdf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1944c2a5-23d6-45f7-ab9f-78685b5e5be8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4452
x-amzn-requestid: 882486d7-8cdc-4986-8562-6ec196c2a8e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt-dIFk7IAMFs4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f1120-5a4edfae33e2ef3f133e22f6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:43:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dmOD872bprnv74JVQ9X7Te_N8O5MQZQIv5a_svfRf_SkYMJNu3g07g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 04:32:13 GMT
age: 9411
etag: "15ac095f9a744d85d7054d6c48af8a3f9ec9fc3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19cfd495-15a1-4f00-830a-847f2f2dd961.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19cfd495-15a1-4f00-830a-847f2f2dd961.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e2e5ba9413ee60c9e54787384c04f06
cae52e3364fe3b9ccc3c4c3477452d7a52835cd7
3ef1d513413b4a19adb7bbf302c1cea3e16e805e1e2e35ce6bcf40003d81d5db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19cfd495-15a1-4f00-830a-847f2f2dd961.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7369
x-amzn-requestid: 6fecc130-8646-4700-bbc7-8e63b7a91330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqUKNG9gIAMF2qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d9a41-6cd70c1565bbab583d4d0642;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 05:04:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GrR7xCd0iP38mxB11MgI4o6ncLmfASttA_9EGF7yZH8xleO1KfkErw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 07:16:46 GMT
age: 85938
etag: "cae52e3364fe3b9ccc3c4c3477452d7a52835cd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:400,500,600,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:400,500,600,700
IP 142.250.74.10:0
GET /css?family=Poppins:400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.fortgift.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 07:09:02 GMT
date: Mon, 05 Sep 2022 07:09:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
your-choice-center.com/embed.js
104.21.90.72200 OK 0 B URL HTTP/2 your-choice-center.com/embed.js
IP 104.21.90.72:0
Analyzer Verdict Alert quad9 Sinkholed
GET /embed.js HTTP/1.1
Host: your-choice-center.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.fortgift.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 07:09:02 GMT
content-type: application/javascript
etag: W/"61ade779-58b1"
last-modified: Mon, 06 Dec 2021 10:35:37 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCwuRc%2FX%2F4BSnLYyHCe8WE5bIf10%2BLn9Vk3CoR0PNwRKDI%2Be3b7F9m3LLFdQUumuVtT7tFmS%2FynbgnkLr1NBSkQiauNEYZUFApagSZfJ1qTpmqUMHIBlpsncMX1VbfqlfvgucIScAFk%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 745d2319cd08b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2