freefire.host/
31.220.106.227301 Moved Permanently 707 B IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Mon, 06 Feb 2023 06:04:51 GMT
server: LiteSpeed
location: https://freefire.host/
platform: hostinger
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19973
Expires: Mon, 06 Feb 2023 11:37:44 GMT
Date: Mon, 06 Feb 2023 06:04:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4031
Expires: Mon, 06 Feb 2023 07:12:02 GMT
Date: Mon, 06 Feb 2023 06:04:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 05:34:02 GMT
content-type: application/json
age: 1849
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11671
Expires: Mon, 06 Feb 2023 09:19:22 GMT
Date: Mon, 06 Feb 2023 06:04:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OT6VyS1LUjXilMUSeV3TrSsAPSsiyUHYMXdl+QHruFITAntw+/kZLmxptxcPHoiW9LDSVv4UCzx9bZDSmIoe2g==
x-amz-request-id: G36DRGGNZQ3083ZA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 05:53:35 GMT
age: 676
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 06:04:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9d33c511de6560ef3a8fd5e62d0f86c2
161d654a2ac308a10ba21427846444c5670b4fb9
9e334c755b8b7a0174ecab60fe54f98fd01df598754e49df806c8563983ed455
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E334C755B8B7A0174ECAB60FE54F98FD01DF598754E49DF806C8563983ED455"
Last-Modified: Sun, 05 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 06 Feb 2023 12:04:51 GMT
Date: Mon, 06 Feb 2023 06:04:51 GMT
Connection: keep-alive
freefire.host/
31.220.106.227200 OK 4.0 kB IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1068)
Hash 0c68c96cd44fb93f18bbbcb4cec7fc75
7da4e98b73c7cb7d5fb539b454c44d52ff5a00f1
88db27e561215ed20d33d1f3a2a90f0a58f87e97017e5cb7cd6beede08b81f77
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
last-modified: Fri, 11 Nov 2022 17:35:11 GMT
etag: "4f1e-636e87cf-131a65d7e4fe51fc;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4033
date: Mon, 06 Feb 2023 06:04:51 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
freefire.host/css/bootstrap.min.css
31.220.106.227200 OK 19 kB URL HTTP/2 freefire.host/css/bootstrap.min.css
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (65319), with CRLF line terminators
Hash b14c1528aec6442c918e33909484b479
83792f6b3440225e729138cc5088a09a283b4bf3
02bdc127515fe7519cbc1e712acd164bf397967dfc5f771920bedb72c455ec09
GET /css/bootstrap.min.css HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: text/css
last-modified: Fri, 11 Nov 2022 17:31:51 GMT
etag: "2268e-636e8707-b861ae612044cc79;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18709
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/css/style.css
31.220.106.227200 OK 1.6 kB URL HTTP/2 freefire.host/css/style.css
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (4195), with CRLF line terminators
Hash dfb658c7a0f606ca91b10300f04c588b
80079ce85c2aa2769761f16576e14b885a292062
39efaec9babb5c31b07388504f08defcaa36876c0c14c21e78ba82faf7e733d0
GET /css/style.css HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: text/css
last-modified: Fri, 11 Nov 2022 17:31:50 GMT
etag: "1a10-636e8706-44114ba58130c99d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1629
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/images/4.jpg
31.220.106.227200 OK 2.5 kB URL HTTP/2 freefire.host/images/4.jpg
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type JPEG image data, progressive, precision 8, 98x98, components 3\012- data
Hash b4984c8ece8f32e797d5b70b8f63210b
ac4482b037feb44df14e8ba6c54362258261b83a
b75b4f1990897e7ae31f786931198f2fb04b175dee4a4f47096567ea689c6c36
GET /images/4.jpg HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: image/jpeg
last-modified: Fri, 11 Nov 2022 17:31:59 GMT
etag: "9de-636e870f-807cb8d40a67aaa0;;;"
accept-ranges: bytes
content-length: 2526
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/images/1.jpg
31.220.106.227200 OK 2.9 kB URL HTTP/2 freefire.host/images/1.jpg
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type JPEG image data, progressive, precision 8, 98x98, components 3\012- data
Hash eec1ab934197af88828c04cb99f85639
8ea27df57366984b03f53bca80d0e92d80d90d69
09ea08582a9b74dbc6062c638ea67fe9c5e5f7421b1205bcf1e1cd46fb64732c
GET /images/1.jpg HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: image/jpeg
last-modified: Fri, 11 Nov 2022 17:31:59 GMT
etag: "b43-636e870f-3da69e1a1fb1dd;;;"
accept-ranges: bytes
content-length: 2883
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/images/2.jpg
31.220.106.227200 OK 2.9 kB URL HTTP/2 freefire.host/images/2.jpg
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type JPEG image data, progressive, precision 8, 98x98, components 3\012- data
Hash fb882b573a7891300385811007670a1e
ca1ac132a6efd62059e1a39d949fe77da7cbe72e
70fd220923d4baff8f65b4263f32a0e6c8ad2d1001ff2fcb87d9ade7b45c008b
GET /images/2.jpg HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: image/jpeg
last-modified: Fri, 11 Nov 2022 17:31:59 GMT
etag: "b84-636e870f-e41516d545930138;;;"
accept-ranges: bytes
content-length: 2948
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/images/5.jpg
31.220.106.227200 OK 2.5 kB URL HTTP/2 freefire.host/images/5.jpg
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type JPEG image data, progressive, precision 8, 98x98, components 3\012- data
Hash 09522631a1a557082da85bb5edb16346
3435d750036df6545c473b354cd2e4174040ee0e
efd29ac0de55b0af03f5f31bd4dd853a56a1caf65eb7889c6384eebf281f9200
GET /images/5.jpg HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: image/jpeg
last-modified: Fri, 11 Nov 2022 17:31:59 GMT
etag: "998-636e870f-8ed56968afeb63a8;;;"
accept-ranges: bytes
content-length: 2456
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/images/6.jpg
31.220.106.227200 OK 2.8 kB URL HTTP/2 freefire.host/images/6.jpg
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type JPEG image data, progressive, precision 8, 98x98, components 3\012- data
Hash 7b9bf836f4574147b14b88de9fc5baa1
9f8508111dddc73278448f37fb8245c83050abcc
33db5666c37a12fa4026759e1440e4bbb247b24489099289006100e1eb5e54b8
GET /images/6.jpg HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: image/jpeg
last-modified: Fri, 11 Nov 2022 17:31:59 GMT
etag: "afb-636e870f-d506ea90439a0a90;;;"
accept-ranges: bytes
content-length: 2811
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/images/3.jpg
31.220.106.227200 OK 2.4 kB URL HTTP/2 freefire.host/images/3.jpg
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type JPEG image data, progressive, precision 8, 98x98, components 3\012- data
Hash 824e0af4effaf7ada1afd3b3d6169a1b
d2ba2f7bbd1b578147586367c4aaa997f5d49902
84668bd2974f00e938783f61501e2920671919a54862ba0c8f852cc32ae98fa8
GET /images/3.jpg HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: image/jpeg
last-modified: Fri, 11 Nov 2022 17:31:59 GMT
etag: "935-636e870f-327f72c43d2c4d6e;;;"
accept-ranges: bytes
content-length: 2357
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/images/7.jpg
31.220.106.227200 OK 3.0 kB URL HTTP/2 freefire.host/images/7.jpg
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type JPEG image data, progressive, precision 8, 98x98, components 3\012- data
Hash 9e96d3aa44c7debe3faddac1d75aa171
1d01c491cc271cff612a30d022b314704f68b9e0
e775b50ef989e5aaf58ec26910a2bf8898d16b0cd0d6d927af9eb420868b0a94
GET /images/7.jpg HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: image/jpeg
last-modified: Fri, 11 Nov 2022 17:32:00 GMT
etag: "bcd-636e8710-8c7574bd62089349;;;"
accept-ranges: bytes
content-length: 3021
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/images/freefirelogoo%20(1).png
31.220.106.227200 OK 40 kB URL HTTP/2 freefire.host/images/freefirelogoo%20(1).png
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x321, components 3\012- data
Hash 9fdd9d0659776a3f21219733a8be9b12
c5b3636fdd7e2ded430e53914242a09544a37acd
6a61f3983d04bf59fdf416ae6d54eeeb36932ae825a832236adfd94e93c3f634
GET /images/freefirelogoo%20(1).png HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: image/png
last-modified: Fri, 11 Nov 2022 17:32:03 GMT
etag: "9a51-636e8713-d08562098efc22e0;;;"
accept-ranges: bytes
content-length: 39505
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/js/jquery.min.js
31.220.106.227200 OK 32 kB URL HTTP/2 freefire.host/js/jquery.min.js
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (32341)
Hash 4790748297022f8847954ea1f8567f57
be7e70c597fe190f0dc52ad065ce3c313e6e7349
80a7ed89b1bad2f16645f406ba86830e18a5ecb693ebee886adef4c74baa69d6
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.min.js HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Nov 2022 17:32:05 GMT
etag: "1787d-636e8715-b7965e44319e45ce;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32181
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/js/bootstrap.js
31.220.106.227200 OK 13 kB URL HTTP/2 freefire.host/js/bootstrap.js
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
Hash 241cc6ac0bb67a84d10895d2943432c0
13e7cff79db2dd3465cf364f6e2d8448ab117155
9d8ceb139387b54816569a6324cd6bcc9c2438a8a689459d3e04575f8c49fe20
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.js HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Nov 2022 17:32:05 GMT
etag: "10d5a-636e8715-883d06e27ce8f3d2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13273
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/images/acc1.png
31.220.106.227200 OK 402 kB URL HTTP/2 freefire.host/images/acc1.png
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type PNG image data, 627 x 697, 8-bit/color RGBA, non-interlaced\012- data
Size 402 kB (401563 bytes)
Hash 6602e2b79fbe1935c21a0e64428c670e
a2c651373fac334cf88d6e07275db24756f9104c
0e53261b6335a99684a9d70e46db2a9b4e1f06aed27c66de4f2d998c5a6d2c3c
GET /images/acc1.png HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: image/png
last-modified: Fri, 11 Nov 2022 17:32:07 GMT
etag: "6209b-636e8717-ef034703dbfb97ab;;;"
accept-ranges: bytes
content-length: 401563
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/images/acc2.png
31.220.106.227200 OK 404 kB URL HTTP/2 freefire.host/images/acc2.png
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type PNG image data, 551 x 708, 8-bit/color RGBA, non-interlaced\012- data
Size 404 kB (404162 bytes)
Hash 8ddce95a400a1542321a71cee34cbde5
7388f91d57f6d4e39404bb1ecc288a0cec57e016
d3bfefb431dfb2f5bca4e22f5cf3ef8f9387a5c50ed5856fe3e7e57c63491d56
GET /images/acc2.png HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: image/png
last-modified: Fri, 11 Nov 2022 17:32:09 GMT
etag: "62ac2-636e8719-4a85aff3368a198f;;;"
accept-ranges: bytes
content-length: 404162
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
freefire.host/images/acc3.png
31.220.106.227200 OK 454 kB URL HTTP/2 freefire.host/images/acc3.png
IP 31.220.106.227:0
ASN #47583 Hostinger International Limited
File type PNG image data, 564 x 688, 8-bit/color RGBA, non-interlaced\012- data
Size 454 kB (454272 bytes)
Hash 892777d830a3c3131e05c5a834b85f9e
484c5c3d40bac4f4aef62895078f9cb39434c6a2
6fad6a66bb90a84a6ef5fd75757340b160f0d5230e1f7a6c1df1d2a4795fd3c3
GET /images/acc3.png HTTP/1.1
Host: freefire.host
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 13 Feb 2023 06:04:52 GMT
content-type: image/png
last-modified: Fri, 11 Nov 2022 17:32:08 GMT
etag: "6ee80-636e8718-efcd3b227c551768;;;"
accept-ranges: bytes
content-length: 454272
date: Mon, 06 Feb 2023 06:04:52 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 05:07:20 GMT
age: 3452
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14070
Expires: Mon, 06 Feb 2023 09:59:22 GMT
Date: Mon, 06 Feb 2023 06:04:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fceeca0681aa2b1c30bc0779365e01c2
5dde94d4be340672d32f251311da67234e34c7a9
9ce02fcfa1fd5e73b3f2def05f48e59007cf393378a652a7732d65ee8a13c05a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9CE02FCFA1FD5E73B3F2DEF05F48E59007CF393378A652A7732D65EE8A13C05A"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17626
Expires: Mon, 06 Feb 2023 10:58:38 GMT
Date: Mon, 06 Feb 2023 06:04:52 GMT
Connection: keep-alive
push.services.mozilla.com/
54.149.203.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.203.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nLR9hxJrfSC6vOcFeTSwLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zn5AQgiDrZ3u1WGWECvmknleRlQ=
appverification.net/cl/js/7dp21k
23.22.126.183200 OK 12 kB URL HTTP/2 appverification.net/cl/js/7dp21k
IP 23.22.126.183:0
Hash 103d33104aeec7fe72b110017e8d9d28
121c6052a6a73623b3108aff553166ff64ac90db
29c24cba0e28e2da32d1068ee868a7f15c4f0dd9b8063864fa57f9e2ddc4399d
GET /cl/js/7dp21k HTTP/1.1
Host: appverification.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://freefire.host/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 06:04:52 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: none
set-cookie: XSRF-TOKEN=eyJpdiI6IlZ1QmZaQmttVk50UmJlajFZV0I2UEE9PSIsInZhbHVlIjoiT3dNUkRENUFPc3dlZmxVR0xkc3JyU3h4L3dKSlFUdDgrSmlqdWpDTEMyUEdNTFBMY3duMXV3dXN6dTl1SS9YdEt2U0VZd2V4ZXhhdkZJMnVnN1RMTFlhS05mSjJwbXBIN0lyY0p0SjdTZW9Gb2duZ0dUakEyaVZYT002MUtkMS8iLCJtYWMiOiI3NTliNWEyMjA4N2Y2MWMyYWNjODIxMGUyNWE4M2VlZDJjNjdjMjZjYjM1OWUwNzYwNWRlZTZkYTkxNjdkY2Q3IiwidGFnIjoiIn0%3D; expires=Tue, 07 Feb 2023 02:04:52 GMT; Max-Age=72000; path=/; secure; samesite=none
ogads_session=eyJpdiI6ImVIRDB5WWpZR2p0b3U4ZmhWT2E4R0E9PSIsInZhbHVlIjoiMGwwUGlDYk5yb0JOOS9vNGh0U281SkxRNG5KWkFrcTZtVHpqZ09zbVFrTlpxMEZ3NXBPZ1hMYUl3OVFLVnJLZ3VmWlBReCswK2JGS3BRc0x3YkMyZmRCZGJvWi90WmxiY2pDS2NmNFBjallCRXJDUGV0bFk0WnBQVE41dk56TTYiLCJtYWMiOiI5OGIyYmEzZWViNDU0YjNjMmZmNGQzMWMyOGRmNTkwNzRkOWE3OTIyODY4ZGY5MTM0Nzc5MTI5YWRkZGRkNTFmIiwidGFnIjoiIn0%3D; expires=Tue, 07 Feb 2023 02:04:52 GMT; Max-Age=72000; path=/; secure; httponly; samesite=none
x-xss-protection: 1; mode=block, 1; mode=block
x-content-type-options: DENY, nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5896
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 06:04:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5896
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 06:04:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5896
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 06:04:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5896
Expires: Mon, 06 Feb 2023 07:43:09 GMT
Date: Mon, 06 Feb 2023 06:04:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3482c5eb-0e83-4722-a14e-ee2eefae5e03.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3482c5eb-0e83-4722-a14e-ee2eefae5e03.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5eb98d203ce09cf8d1964decb2e44058
004d35f6af8f06b453a4c047e202fddbd410aaf4
80232fe0b4ce7393653076fc39d2d315274e8c17f76a4f754576f4a8a1b3baef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3482c5eb-0e83-4722-a14e-ee2eefae5e03.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6779
x-amzn-requestid: e2a59d9f-577d-4071-8d40-80e54051fc18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVx6FjwoAMFyNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033f-1fcd55e1413543440d46307c;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q7yMHmaEpwLuUNkDG-InGzSE6Lsl-4BJAfAliwalUwb57vEF9Vtixg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 07:11:11 GMT
age: 82423
etag: "004d35f6af8f06b453a4c047e202fddbd410aaf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 29691
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b08a4dc42d2e08b2b18c9545ce9a2fdb
b688557ebba4b3c987275761e9a1f5993ad3d8a5
641402fb9282208b33877e4812cb9392b035dba85fcb3a344a2a1072d5a69f28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F028c7ce9-e4c6-4453-bc20-0c0fefbadfec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11630
x-amzn-requestid: 3912e3f9-44a5-405c-9edb-d8409faa0b04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pkUHUoIAMFzcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022e8-03e547e96b085d9e29a1852b;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vrf1axqufJTrf057F6nY_97NtiM_Wt0tZXpTGN42rvAOV7a4CPe1ig==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:12:02 GMT
age: 28372
etag: "b688557ebba4b3c987275761e9a1f5993ad3d8a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 929818fabd5a6ee5200499ca445d121e
3951cfa614e0a8674b730c4850f6483e35f73f6a
9f56ead2f8c136f6d6906fbb8a0ee5e0fd879e8ed104512ed4edf3ba3ece6917
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4c26323-ca84-49c2-9f28-1ea4944d5cd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8481
x-amzn-requestid: 77c27205-9d32-42d4-b2c4-e5c3941bbe72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pcuG8VoAMFTaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022b7-76fae5a943c7a1d242f7a758;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:42:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Et74Co732_uh0XdLXtBoER9YtKrPXnac-OGNxyuLmjIHsvgi1XwtYA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:26 GMT
age: 28288
etag: "3951cfa614e0a8674b730c4850f6483e35f73f6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714723c38877e0d1655c7118a88ec064
809a42ce7c76cea0ce16af8172d852723c3a5f02
6bad7253694d155de31a8f5a3c635545a39aac340ca49d1bc10efb6739d4a356
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 0054e925-c381-4737-bd92-32b2af3a604e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQHRFoAMFw6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-45ea5ee33d07326c593d21d3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ixAMZh_xOYWVESJ0jOEPOXZ4GQBDUZZsh26yEDYfl8APcBF2x2sZYg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 29691
etag: "809a42ce7c76cea0ce16af8172d852723c3a5f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe482817c-a09c-4952-a819-3ff2f99810ae.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe482817c-a09c-4952-a819-3ff2f99810ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 336b665bfad04ec8ed14b01bbf17566d
92102d4c75d2c7efd8197be88e3cb467d2682190
1e21687a242c058a3b442909b168c5e706175b1e93e51cfce691c6f033f795d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe482817c-a09c-4952-a819-3ff2f99810ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8039
x-amzn-requestid: b36a6062-0676-4abc-820c-959bc02810f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pkoECwIAMF4hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022ea-52faddc079b7107004e8cfea;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:43:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MOgI0aopvRaUSJ-YFH6QFNpGxhUNlpnLk7VeCeOsmcrGTUYIESN2Hg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:04:24 GMT
age: 28830
etag: "92102d4c75d2c7efd8197be88e3cb467d2682190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2