r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9638
Expires: Sun, 04 Dec 2022 05:15:14 GMT
Date: Sun, 04 Dec 2022 02:34:36 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2607
Cache-Control: max-age=117603
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 02:34:36 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:14:39 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9232
Expires: Sun, 04 Dec 2022 05:08:28 GMT
Date: Sun, 04 Dec 2022 02:34:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 02:20:02 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 874
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8KUyLG9FMPItNV1SBfgTAlfTDjMNbLe5+Lk7E2W6J1xo8xaWx6YuXIcchR4uwSRjTLUg3/JwTno=
x-amz-request-id: J12125AVYX5K0SVQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 01:46:47 GMT
age: 2869
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 02:34:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
deoseasr.org/acc/acc0unt/acc0unt/news/1474430898-DEO(SE)-Amritsar-AEP%20UC.docx
67.227.226.240200 OK 2.3 kB URL HTTP/1.1 deoseasr.org/acc/acc0unt/acc0unt/news/1474430898-DEO(SE)-Amritsar-AEP%20UC.docx
IP 67.227.226.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (634)
Hash f95af16c8652ddeb5d5b62c76dcf6e14
65032cd9a90fc782e360b9c4544f26a20be04314
682a5f7135e8cbaf1d031baace4e9d9687440ab85f2527bb3df722a0844640a1
GET /acc/acc0unt/acc0unt/news/1474430898-DEO(SE)-Amritsar-AEP%20UC.docx HTTP/1.1
Host: deoseasr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __gsas=ID=a33c251fd1ec1afa:T=1670117088:S=ALNI_Mar2_GmFEXNFDmj5gA2-X7ovh4rog
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 02:34:35 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 02:11:19 GMT
cache-control: public,max-age=3600
age: 1397
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
deoseasr.org/page/bouncy.php?&bpae=GbhGdK3mvUx7j3OE8C65eHwgPcgVzOpakEg1MMUmh%2FF0qWcDwT07g%2FRvF9K1rzSBgfI8aTbT2WFuD9GpZDX4kppIUOA0GGemqxBGbcYW77fOQ8USgzU5bKW4bMCZPPMg1zbA2zmlyNAokf2a8IPdVtnzgwZEq0i%2FgEC2mU8snUUxcjm1gLiqKwzaZkWvEsVpunVBVYRscd3LlATc6R7nMtI1XbnUBiiaFoUCsDFHi3xhHtoDTPzORy1jDeEMUluLW%2B4k5D0H5tgTRV1c%2F%2F21vOfwJ2ygOKzGQr%2BG%2B6ToSQ3Z%2FZihAyWQV1BMy%2BO4hfep%2FIxLVG2pXKxpGWYZkPdQ%2BADDy%2B00APLNDaKMrW3eKWar0YGZAGaJL6dn3KM08JsUNa94pjYacto3gk336mNCQUg4L%2FQso6sW2izLtcz9bb895lwAd1ZAoNoIUHH0hSM7NDF6XKYhEVur2jFXg2F46C8EjYOMtXpH8BV8f04HnCBKr8JXDChP05RzgiT5SA%3D%3D&redirectType=js&inIframe=false&inPopUp=false
67.227.226.240200 OK 982 B URL HTTP/1.1 deoseasr.org/page/bouncy.php?&bpae=GbhGdK3mvUx7j3OE8C65eHwgPcgVzOpakEg1MMUmh%2FF0qWcDwT07g%2FRvF9K1rzSBgfI8aTbT2WFuD9GpZDX4kppIUOA0GGemqxBGbcYW77fOQ8USgzU5bKW4bMCZPPMg1zbA2zmlyNAokf2a8IPdVtnzgwZEq0i%2FgEC2mU8snUUxcjm1gLiqKwzaZkWvEsVpunVBVYRscd3LlATc6R7nMtI1XbnUBiiaFoUCsDFHi3xhHtoDTPzORy1jDeEMUluLW%2B4k5D0H5tgTRV1c%2F%2F21vOfwJ2ygOKzGQr%2BG%2B6ToSQ3Z%2FZihAyWQV1BMy%2BO4hfep%2FIxLVG2pXKxpGWYZkPdQ%2BADDy%2B00APLNDaKMrW3eKWar0YGZAGaJL6dn3KM08JsUNa94pjYacto3gk336mNCQUg4L%2FQso6sW2izLtcz9bb895lwAd1ZAoNoIUHH0hSM7NDF6XKYhEVur2jFXg2F46C8EjYOMtXpH8BV8f04HnCBKr8JXDChP05RzgiT5SA%3D%3D&redirectType=js&inIframe=false&inPopUp=false
IP 67.227.226.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 426588ec024a6f6b6b51abb24d99afb3
4b119eb981892a49b0eef722faa2f95bc05157fe
f662ca58f3128c2fb65261373e5c116c4a5dc76888fdef12438ed8d54b227be1
GET /page/bouncy.php?&bpae=GbhGdK3mvUx7j3OE8C65eHwgPcgVzOpakEg1MMUmh%2FF0qWcDwT07g%2FRvF9K1rzSBgfI8aTbT2WFuD9GpZDX4kppIUOA0GGemqxBGbcYW77fOQ8USgzU5bKW4bMCZPPMg1zbA2zmlyNAokf2a8IPdVtnzgwZEq0i%2FgEC2mU8snUUxcjm1gLiqKwzaZkWvEsVpunVBVYRscd3LlATc6R7nMtI1XbnUBiiaFoUCsDFHi3xhHtoDTPzORy1jDeEMUluLW%2B4k5D0H5tgTRV1c%2F%2F21vOfwJ2ygOKzGQr%2BG%2B6ToSQ3Z%2FZihAyWQV1BMy%2BO4hfep%2FIxLVG2pXKxpGWYZkPdQ%2BADDy%2B00APLNDaKMrW3eKWar0YGZAGaJL6dn3KM08JsUNa94pjYacto3gk336mNCQUg4L%2FQso6sW2izLtcz9bb895lwAd1ZAoNoIUHH0hSM7NDF6XKYhEVur2jFXg2F46C8EjYOMtXpH8BV8f04HnCBKr8JXDChP05RzgiT5SA%3D%3D&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: deoseasr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://deoseasr.org/acc/acc0unt/acc0unt/news/1474430898-DEO(SE)-Amritsar-AEP%20UC.docx
Cookie: __gsas=ID=a33c251fd1ec1afa:T=1670117088:S=ALNI_Mar2_GmFEXNFDmj5gA2-X7ovh4rog
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 02:34:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2580
Cache-Control: max-age=112515
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 02:34:36 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:49:51 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash bdefa67f3905abf7f0c977f783bccbab
b114b2f482439c5df73cd5566456103a139246c3
5dfb873ada1af18c3b541dabff7568cc269c952434515faff86ad3f0f249acd0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123381
Date: Sun, 04 Dec 2022 02:34:36 GMT
Etag: "638b2f49-1d7"
Expires: Mon, 05 Dec 2022 12:50:57 GMT
Last-Modified: Sat, 03 Dec 2022 11:13:13 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Zu1lj6Osj5Srt1MuT_b-MHoIsmB1ONeje_ngDYyaVzeCZFIvIS76KQ==
Age: 5864
push.services.mozilla.com/
52.89.114.252101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.114.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P8oVhexbnAxjOXaR9EJfoA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: v5PX5yYf97fWj7rnEFFp19tgqFs=
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fflirtyhoookup.com%2F%3Futm_source%3Dn19ck4pSWjZsA%26s1%3D719fbd40-273d-47b8-882f-683d1074b172%26s2%3Dwjhuopl0vlcqh2uk2v3hg148&caid=085bd64b-9381-4b3f-a170-3ece47b8393a&zpid=3154bf93-737c-11ed-8f56-1218cc9cbc1d&cid=wjhuopl0vlcqh2uk2v3hg148&rt=R
18.197.36.77302 Found 0 B URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2Fflirtyhoookup.com%2F%3Futm_source%3Dn19ck4pSWjZsA%26s1%3D719fbd40-273d-47b8-882f-683d1074b172%26s2%3Dwjhuopl0vlcqh2uk2v3hg148&caid=085bd64b-9381-4b3f-a170-3ece47b8393a&zpid=3154bf93-737c-11ed-8f56-1218cc9cbc1d&cid=wjhuopl0vlcqh2uk2v3hg148&rt=R
IP 18.197.36.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fflirtyhoookup.com%2F%3Futm_source%3Dn19ck4pSWjZsA%26s1%3D719fbd40-273d-47b8-882f-683d1074b172%26s2%3Dwjhuopl0vlcqh2uk2v3hg148&caid=085bd64b-9381-4b3f-a170-3ece47b8393a&zpid=3154bf93-737c-11ed-8f56-1218cc9cbc1d&cid=wjhuopl0vlcqh2uk2v3hg148&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 02:34:37 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://flirtyhoookup.com/?utm_source=n19ck4pSWjZsA&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=wjhuopl0vlcqh2uk2v3hg148
pragma: no-cache
set-cookie: cc-v4=pA1SekS%2FXf8Uv%2FqcDhX6Eml5Oax0QUeqPgnFd3CupeyLEq6DoZSXAHQF2WeimLH%2BxFkeTj%2FGaU%2BxXV1U4N8%2FB1u7YdPUzIG8t0uOC9rPx%2FAiLHEAJQFxBH3Ad%2FilezP%2BIeMfoOmU7lbe8dUQEwIi4Q%3D%3D; Max-Age=31536000; Expires=Mon, 04-Dec-2023 02:34:37 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
gaut-hil.com/favicon.ico
3.212.50.125404 Not Found 653 B IP 3.212.50.125:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: gaut-hil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/zcredirect?visitid=3154bf93-737c-11ed-8f56-1218cc9cbc1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 04 Dec 2022 02:34:37 GMT
content-type: text/html;charset=utf-8
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: aVaGlhqH
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash ab479ee851d42ab792c2ff771bcf94bb
a81065c4b3dd3df6e34ad2c3d4062db7d2eb8e50
094dc6234361f1f0d35a1f76b0c13299c56136be8d6796f4959521c04747c2af
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 04 Dec 2022 02:34:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 03 Dec 2022 20:15:19 GMT
Expires: Sun, 04 Dec 2022 20:15:19 GMT
ETag: "a81065c4b3dd3df6e34ad2c3d4062db7d2eb8e50"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
flirtyhoookup.com/?utm_source=n19ck4pSWjZsA&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=wjhuopl0vlcqh2uk2v3hg148
104.21.52.165302 Found 329 B URL HTTP/2 flirtyhoookup.com/?utm_source=n19ck4pSWjZsA&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=wjhuopl0vlcqh2uk2v3hg148
IP 104.21.52.165:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (327)
Hash b9fc817e8e2a68477885ac33b92eb16c
7df1161a234e3f66d6e94b55414fbe1af81ebc21
28e28656d10c9b7027ffcae56ca8e6f47634b920e064b62ecbe67646f2d0f81e
GET /?utm_source=n19ck4pSWjZsA&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=wjhuopl0vlcqh2uk2v3hg148 HTTP/1.1
Host: flirtyhoookup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gaut-hil.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 02:34:37 GMT
content-type: text/html; charset=utf-8
location: https://www.arkdcz.com/MSJ7L4/HX6G2NF/?sub1=418543&sub2=zGUGsoKOumBdFWTwzOeRLyQjaxQcrkRCQp
cache-control: max-age=0, private, must-revalidate
cross-origin-window-policy: deny
set-cookie: k=SFMyNTY.g3QAAAAEbQAAAARhdW5xdAAAAAFtAAAABTMxNTQ4bQAAAApwT3hRT1ByYXhSbQAAAANoaWRtAAAAInpHVUdzb0tPdW1CZEZXVHd6T2VSTHlRamF4UWNya1JDUXBtAAAAAmhsZAADbmlsbQAAAAN1bnFtAAAADGFFaHltWlZYanlGRA.G7tD0pu4Rb-55asG4xKy7PIQGaGHzwAhjX0ehKgvi_Y; path=/; expires=Mon, 04 Dec 2023 02:34:37 GMT; max-age=31536000
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZsy5UlOPHp4a5UyY3Umq%2FRvlJA%2B3eofVmJyoei6WK7DeIChvTh30FqYC%2Fmzd36QTr2Zz5FCy%2Fh%2FJObSYyaqRmNeAczuCeEifc6umoDh2Hoj2A%2BeyDAhztCm8BdJcDjxmobA1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774124e079710afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash ab479ee851d42ab792c2ff771bcf94bb
a81065c4b3dd3df6e34ad2c3d4062db7d2eb8e50
094dc6234361f1f0d35a1f76b0c13299c56136be8d6796f4959521c04747c2af
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 04 Dec 2022 02:34:37 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 03 Dec 2022 20:15:19 GMT
Expires: Sun, 04 Dec 2022 20:15:19 GMT
ETag: "a81065c4b3dd3df6e34ad2c3d4062db7d2eb8e50"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 934be6c5b7f346f6c3bfb8b5e0a40dbf
59a2868d3b42e736d79ace0d20ffbeec50814901
b6aebf70bfa95e88d9dae480014c0e4effbd9d4b372dbf0dfd9690a536637e67
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135498
Date: Sun, 04 Dec 2022 02:34:38 GMT
Etag: "638b7588-1d7"
Expires: Mon, 05 Dec 2022 16:12:56 GMT
Last-Modified: Sat, 03 Dec 2022 16:12:56 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TkCXo2n6CmWSaXRs9jwHm281IR-Ezz6vkNByvlaaT1_ENKCD5CoR_Q==
go.cyberslut2069.com/vrfttcyber/assets/images/themes/cyber/logo/logo.png
54.230.111.80200 OK 16 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/themes/cyber/logo/logo.png
IP 54.230.111.80:0
File type PNG image data, 637 x 156, 8-bit/color RGBA, non-interlaced\012- data
Hash 4673cfc8d2708f4ebe2f821483548ccc
815322d33fb4298771be6a43e14b821d365766d7
f2cd404c754d24e0721a08f4b203d5b9853c4bd229c62f339edf1f46195b2154
GET /vrfttcyber/assets/images/themes/cyber/logo/logo.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 16420
last-modified: Thu, 02 Dec 2021 15:26:11 GMT
server: AmazonS3
date: Sat, 03 Dec 2022 05:30:50 GMT
etag: "4673cfc8d2708f4ebe2f821483548ccc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oBI58eYzCd09dcPgPUQM4tkPTd-fM-DAv9nA4gWb3Y-aHe-3Td48BQ==
age: 75829
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/girls/hair01_tits01_tattoo01.png
54.230.111.80200 OK 331 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/girls/hair01_tits01_tattoo01.png
IP 54.230.111.80:0
File type PNG image data, 790 x 1600, 8-bit colormap, non-interlaced\012- data
Size 331 kB (330574 bytes)
Hash 8d7069ee14a82c9f9139a5d08882497a
0310dd9990c5888f8d51b4defa3ca78ce820b3e2
933adcdf66e29312523119f0f868488a25e92a5b05e0443c961ca80aaeb42a9f
GET /vrfttcyber/assets/images/girls/hair01_tits01_tattoo01.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 330574
last-modified: Thu, 02 Dec 2021 15:25:53 GMT
server: AmazonS3
date: Sat, 03 Dec 2022 07:17:06 GMT
etag: "8d7069ee14a82c9f9139a5d08882497a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KmckQvb_65tp_W0V65XuUbxSvKrhZObzhciZVjeOogdY_qUn_-5aQA==
age: 69453
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/flags/us.png
54.230.111.80200 OK 2.4 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/flags/us.png
IP 54.230.111.80:0
File type PNG image data, 250 x 132, 8-bit colormap, non-interlaced\012- data
Hash a2080b2d193dbbd3cb34b32ad919da62
f822886642e0388d79c8f5917b41f27efbdec94b
5b38ab13f52bc95184012a4b6afafa3eca7a6ac03c762515b4550b4337548ca7
GET /vrfttcyber/assets/images/flags/us.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2375
last-modified: Thu, 02 Dec 2021 15:25:52 GMT
server: AmazonS3
date: Sun, 04 Dec 2022 02:23:06 GMT
etag: "a2080b2d193dbbd3cb34b32ad919da62"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qYW7sBNTyA6QvUrLF_JbNVaW2nj3eh3v2R8wJC7Ohhplkm5sJb2YeQ==
age: 3367
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/beyblade.gif
54.230.111.80200 OK 36 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/beyblade.gif
IP 54.230.111.80:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 93a41ee339dd621452c6aa4054e8eca8
a1f75cc251cbe7291cefd06fd91b4c35b6c93612
0ea3f03b9e168629659c281ec66fd5a82d36d7b6fd644381c18ecad41e62a5a3
GET /vrfttcyber/assets/images/beyblade.gif HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 36298
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
server: AmazonS3
date: Sun, 04 Dec 2022 02:34:38 GMT
etag: "93a41ee339dd621452c6aa4054e8eca8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GhFurISaDasDKksioEDA8lJxPlecY6aaWdVMa_JqOSllPqLkpsYp9Q==
age: 80
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b4370dda6c8b6e1a3f6b33c2e102fcaa
00f261bf9abb80f6ec8c72a5093382ea1038548e
2ec3bb1ebd03352ddd975124d636993be849e32b3bdf415493cffd332630ad46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1368
Cache-Control: max-age=159183
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 02:34:38 GMT
Etag: "638bccb5-118"
Expires: Mon, 05 Dec 2022 22:47:41 GMT
Last-Modified: Sat, 03 Dec 2022 22:24:53 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280
go.cyberslut2069.com/vrfttcyber/assets/locale/style/en.css
54.230.111.80200 OK 192 B URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/locale/style/en.css
IP 54.230.111.80:0
Hash 9749fa77c9872329d27a73ea48c2d4c0
4cb73328ffbb21a8f4588d512c9cdffa11232f8d
e75fb29290acb854de53014f67a449f915d8ea8ab263cd6ba8a0bc72023a5c8b
GET /vrfttcyber/assets/locale/style/en.css HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 192
last-modified: Thu, 02 Dec 2021 15:25:59 GMT
server: AmazonS3
date: Sat, 03 Dec 2022 04:33:49 GMT
etag: "9749fa77c9872329d27a73ea48c2d4c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x7cmwfl8LalSL_ZZ0VwSbskgPMAiY1W4ldQiY5bToNlJt8KWUmf6NA==
age: 79250
X-Firefox-Spdy: h2
landers.of-bo.com/bundle.js
172.67.155.108200 OK 18 kB URL HTTP/2 landers.of-bo.com/bundle.js
IP 172.67.155.108:0
File type Unicode text, UTF-8 text, with very long lines (2014)
Hash 648cac248ccf43a42fddc00da7eb0ec8
4310e0f6ff2e6d07178d8ca0cd3ef7f1ecd189b7
d6deec3ac6b13abe866c11ab1ae11753f66b3d400449ad2492137ef7673b8926
GET /bundle.js HTTP/1.1
Host: landers.of-bo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 02:34:38 GMT
content-type: application/javascript
x-amz-id-2: E1iZQsAhGg3SjYuTzzcBGkhQtszxLD0aCyYnpV0H/N6wLcUlGLBdyO4Sc6M4P/KQrNMAcRotfEA=
x-amz-request-id: YGXAS2QERW7Z6X0K
last-modified: Tue, 09 Aug 2022 22:05:52 GMT
etag: W/"2f68fb7cd74453a748e232155e853e64"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3781
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdNykMcvzPvmvkEHCSs90kh2XQCXpLOgA1Ry%2BJ3gjmRpEXsLwFwCi7co8BpqMBtyNI%2BmE4wlqf8sg59VbKrFl2LX%2FC7UEH81TNulgdjMHtJcz%2BtZayUgueP2bkh5Q4Omv%2B9Qmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774124e4ac510b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/themes/cyber/background/bkg.jpg
54.230.111.80200 OK 14 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/themes/cyber/background/bkg.jpg
IP 54.230.111.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1920x1081, components 3\012- data
Hash d5dabdf9d18c947ea72fe90f8c39e31e
33a5e90f4a59072ab4b3d73204fff01d6a08a0f8
d940cab6f0a1fe6a425596757ac2a10b89fb4311acfd34aba2f075c0e2338f09
GET /vrfttcyber/assets/images/themes/cyber/background/bkg.jpg HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 13989
last-modified: Thu, 02 Dec 2021 15:26:08 GMT
server: AmazonS3
date: Sat, 03 Dec 2022 10:27:33 GMT
etag: "d5dabdf9d18c947ea72fe90f8c39e31e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: etjJho-0lhbfyzE9JfX1L3apYSyVkKv8RN8iyArMoNqMiz_jNG4VVA==
age: 58026
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/box.png
54.230.111.80200 OK 13 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/box.png
IP 54.230.111.80:0
File type PNG image data, 747 x 644, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fcc2772acc897c48dae5c6f52093388
c8a80e850168e1fd7b761327dd460054e7451d8e
e73f3a488ee9e68ff4484df002b38a200aee2170617bb0746e05c7f992135805
GET /vrfttcyber/assets/images/box.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 13243
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
server: AmazonS3
date: Sun, 04 Dec 2022 02:26:49 GMT
etag: "0fcc2772acc897c48dae5c6f52093388"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lsFHdbz3zOV-WP0abctbML_2vxDPmlw-eByTvgUAP2WYEhsws4MI3Q==
age: 680
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/btn.png
54.230.111.80200 OK 2.0 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/btn.png
IP 54.230.111.80:0
File type PNG image data, 343 x 79, 8-bit/color RGBA, non-interlaced\012- data
Hash 08913323d52eadb319526e6fbe2e677b
eff7964b7f5ed2ef285593fab5ed7b89e358b401
f0a7b6d7c1ed46c5056a52e6ab470959a0671cf03b5ae22e97a37591ba14aa03
GET /vrfttcyber/assets/images/btn.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1968
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
server: AmazonS3
date: Sat, 03 Dec 2022 07:17:06 GMT
etag: "08913323d52eadb319526e6fbe2e677b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P9deOUpLk7amCITxnKBEqLoJMo2dyKeoGvlv85_OugYpPAHaTJqIHQ==
age: 69453
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/browsers/firefox.png
54.230.111.80200 OK 128 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/browsers/firefox.png
IP 54.230.111.80:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size 128 kB (127454 bytes)
Hash ff5982c71adc3b6a987a2192b6008949
c2819962300bfa4db9dd7ee6f22e35ea910a3808
612ec2b0a5a9d4b3841189d8c4af98509df5ac48eeea5ab1945dfd0e1eab78b3
GET /vrfttcyber/assets/images/browsers/firefox.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 127454
last-modified: Thu, 02 Dec 2021 15:25:36 GMT
server: AmazonS3
date: Sun, 04 Dec 2022 00:59:55 GMT
etag: "ff5982c71adc3b6a987a2192b6008949"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2FdcpM42b5Xw4B7KgCZD9LjsC6RLj4knY20AwTQEdM327kg8U25Heg==
age: 5684
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/sounds/general/click1.mp3
54.230.111.80206 Partial Content 17 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/sounds/general/click1.mp3
IP 54.230.111.80:0
File type Audio file with ID3 version 2.2.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, JntStereo\012- data
Hash 4838176bcd52d9b69d6d48c1870ca579
5a0892ccae91806a9695c5be1f2752e122608d8e
781bb8d577f6448612e8fa861dfa39d64a2e5961c17a58c79ef4bcdf4131847b
Analyzer Verdict Alert fortinet Phishing
GET /vrfttcyber/assets/sounds/general/click1.mp3 HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: application/octet-stream
content-length: 16635
last-modified: Thu, 02 Dec 2021 15:26:03 GMT
server: AmazonS3
date: Sat, 03 Dec 2022 21:29:00 GMT
etag: "4838176bcd52d9b69d6d48c1870ca579"
vary: Accept-Encoding
content-range: bytes 0-16634/16635
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KDorNttHYlLxh_Y2ulKE18x-K3pVJHnjvyo1NpH8SdyIWVemozWkXQ==
age: 18339
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/sounds/general/click2.mp3
54.230.111.80206 Partial Content 16 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/sounds/general/click2.mp3
IP 54.230.111.80:0
File type Audio file with ID3 version 2.2.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, JntStereo\012- data
Hash 2694fd6fc680f77dcf1ae58d9b8ba926
6016e8fb7136ec769fbe6d120c7c97d390922564
4266071bbd14949a438e1d9a958cac2f0b128963b6f6e9fa96b005ed8e718f9e
Analyzer Verdict Alert fortinet Phishing
GET /vrfttcyber/assets/sounds/general/click2.mp3 HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: application/octet-stream
content-length: 15590
last-modified: Thu, 02 Dec 2021 15:26:03 GMT
server: AmazonS3
date: Sat, 03 Dec 2022 06:25:50 GMT
etag: "2694fd6fc680f77dcf1ae58d9b8ba926"
vary: Accept-Encoding
content-range: bytes 0-15589/15590
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1_n47KCuNDGHVh3EPxVK3Rpj31iZtwuVYd5U0fgUN9vJ-aWa6KXpfA==
age: 72529
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/font/tomorrow.ttf
54.230.111.80200 OK 24 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/font/tomorrow.ttf
IP 54.230.111.80:0
Hash 110fedf72017da2ab41933749ede35b4
efb083c13336189fb9717be16705eaa3cf7fa05c
a3635c54629f068f79000ca2f70b36613b6e18c59aa88a901c7ad20c654e7306
Analyzer Verdict Alert fortinet Phishing
GET /vrfttcyber/assets/font/tomorrow.ttf HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-ttf
last-modified: Thu, 02 Dec 2021 15:25:35 GMT
server: AmazonS3
content-encoding: gzip
date: Sat, 03 Dec 2022 14:47:21 GMT
etag: W/"0a9ac70c15e2fc709830d2eccb2b8cff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GFMYNji5jWQPffOK065Ca9FAD0TQMCEUJrdf2yCUNUhi1DNMH-emQg==
age: 42438
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/sounds/general/music.mp3
54.230.111.80206 Partial Content 3.2 MB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/sounds/general/music.mp3
IP 54.230.111.80:0
File type Audio file with ID3 version 2.2.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, JntStereo\012- data
Size 3.2 MB (3165435 bytes)
Hash 8482f7c1977139c5f5bbb2af66e88e01
0a7325177e7b98d2809f05beb496a301fb8a1d3b
6cb796e9dc70bd32aca90e420a8e7b3cc548569f42d876e384e0d073d3b4c7a1
Analyzer Verdict Alert fortinet Phishing
GET /vrfttcyber/assets/sounds/general/music.mp3 HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: application/octet-stream
content-length: 3165435
last-modified: Thu, 02 Dec 2021 15:26:05 GMT
server: AmazonS3
date: Sat, 03 Dec 2022 04:35:04 GMT
etag: "8482f7c1977139c5f5bbb2af66e88e01"
vary: Accept-Encoding
content-range: bytes 0-3165434/3165435
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EfAgb5ACsFGuoE862ozfJBf3JjhGh7xg_ag6___RNqhCGQVUW-nm4A==
age: 79175
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2826
Expires: Sun, 04 Dec 2022 03:21:44 GMT
Date: Sun, 04 Dec 2022 02:34:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2826
Expires: Sun, 04 Dec 2022 03:21:44 GMT
Date: Sun, 04 Dec 2022 02:34:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c37ed587ee5e3fbdc8cab86ef1345f9
364a32a224b2cacc26b138d57a8945c191e537b1
3c66654da4670e0d5ec87afb6c62f0a420d90875c57b280710f2592269a9303e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8285
x-amzn-requestid: 882c673f-4e3f-4f84-a51d-bbac56f716eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAAEWUoAMFWuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-3a2c571d6272b3493ec2a1c5;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wAFD-w3-gBFoOjjOYdnZRDPDkkeCf89uS38upjXPknfUZxtSxRpxvg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:50 GMT
age: 16908
etag: "364a32a224b2cacc26b138d57a8945c191e537b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1521243a6fc065bb631bfbde22886fa2
527220e4e8cd1065ce05fcd0694d0d703d817e2e
b83ebf768bbfb34f49d5467f3dfb43ceb3ca3d30d3454e6f37db9aef72d7689a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11482
x-amzn-requestid: d1db05ab-bd5d-4ad4-96b4-8f439152e435
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clssNEeAoAMFh_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc181-0221c53842a2f5ef071e8071;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t1vmY4fBoLpFjqHbLyMewgUrpvRjqG4QTAuA4BeB4Gl2jqbxI0gYQA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:08 GMT
age: 17070
etag: "527220e4e8cd1065ce05fcd0694d0d703d817e2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b0065d160e7dbd17cf58f2c837b45a7
0ebefb37db37dcbf1ad421ab0cac2cccdcd83a2f
833c0a39ed1d9dcfa4a22f201d06d085e5131121810e98d5e79dd6f84e8fe436
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4782
x-amzn-requestid: 98b5d5ca-7590-4756-9b92-3fb327ecc97b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsANG8koAMF_Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-546b61a82a8b952f664346b9;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ncXSPf1et6vSgEBmWwY_PperGXmgJGEx0hlLr0lhN6XHi0RLRr6WCA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:05 GMT
age: 17253
etag: "0ebefb37db37dcbf1ad421ab0cac2cccdcd83a2f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:26:43 GMT
age: 68875
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32949ec5-eb15-4096-b713-fd83ae7aa650.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32949ec5-eb15-4096-b713-fd83ae7aa650.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7717ff9fcf6cf3268d10312dc3fdaaf
c4f05fdb231c7870b2a918198fa0809d8e8f9c89
bf3b6304a45f172653f45e1e8b4afa7da90096ca36c82b981ca6ec01ccf122a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32949ec5-eb15-4096-b713-fd83ae7aa650.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8286
x-amzn-requestid: 6880d30e-3624-402e-819d-610e35ae27d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAAG1HIAMF6Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-43f8e7d312f96110713a7092;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XcnZ2pTQoGkuHEPsazEI09yhI6WWbmZD6g7QYW7rDf5HsegvjdgkXg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:00 GMT
age: 17438
etag: "c4f05fdb231c7870b2a918198fa0809d8e8f9c89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gaut-hil.com/zcvisitor/3154bf93-737c-11ed-8f56-1218cc9cbc1d/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=37c9e6c0-26dd-11ed-b69b-12beee04f19b
3.212.50.125200 OK 10 kB URL HTTP/2 gaut-hil.com/zcvisitor/3154bf93-737c-11ed-8f56-1218cc9cbc1d/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=37c9e6c0-26dd-11ed-b69b-12beee04f19b
IP 3.212.50.125:0
Hash 7223e67c9971d30446e815107faecaf9
b211fc5f2a4056238c57e2aa6366cfbd7cf43f7d
7ec47e7bf51cb83978e0217c92c8e788609dcad94a8f0f7144bdb8284041f626
GET /zcvisitor/3154bf93-737c-11ed-8f56-1218cc9cbc1d/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=37c9e6c0-26dd-11ed-b69b-12beee04f19b HTTP/1.1
Host: gaut-hil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://deoseasr.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 02:34:37 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: lUlUzhjT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 041f87be8a5914fad15232e511c33a89
77ef31d76eb92db5c126cf5083c008c01a2abd09
c45c6705e7dc389617c0c164f83133e7f25a5a0bcd310baa136fd5ddad6af895
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=125421
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 02:34:38 GMT
Etag: "638b4e2b-117"
Expires: Mon, 05 Dec 2022 13:24:59 GMT
Last-Modified: Sat, 03 Dec 2022 13:24:59 GMT
Server: nginx
Content-Length: 279
go.cyberslut2069.com/vrfttcyber/assets/images/themes/cyber/favicon/favicon.png
54.230.111.80200 OK 1.4 kB URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/themes/cyber/favicon/favicon.png
IP 54.230.111.80:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 93a7efbb00d5e8f3bd556d7b9efb658e
fd6578509d9557cebe3e37fee5ae16dc25b09711
3274036fdc55ac82651c2146f211e508703e5ae97875c722e8b3694df636cd9d
GET /vrfttcyber/assets/images/themes/cyber/favicon/favicon.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1421
last-modified: Thu, 02 Dec 2021 15:26:08 GMT
server: AmazonS3
date: Sat, 03 Dec 2022 09:56:37 GMT
etag: "93a7efbb00d5e8f3bd556d7b9efb658e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MtF29lizsImg8hbbj26YH4Cq2y_YBO8_f3UP6EQ2Y132YcOfaO5CDg==
age: 59882
X-Firefox-Spdy: h2
go.cyberslut2069.com/vrfttcyber/assets/images/flags/no.png
54.230.111.80200 OK 414 B URL HTTP/2 go.cyberslut2069.com/vrfttcyber/assets/images/flags/no.png
IP 54.230.111.80:0
File type PNG image data, 250 x 182, 8-bit colormap, non-interlaced\012- data
Hash 55946900ad615ec4b62748677444f5b7
8a0f25e081a3266ef7f8ab939417d5c7d48a09d7
c82386961fded0d9947ad3320b7ff4c066eea989d082b6409a0815ce0f9a6eb5
GET /vrfttcyber/assets/images/flags/no.png HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 414
last-modified: Thu, 02 Dec 2021 15:25:47 GMT
server: AmazonS3
date: Sun, 04 Dec 2022 00:45:56 GMT
etag: "55946900ad615ec4b62748677444f5b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sUgnYMtdUsbkDXALdNp4TSBMa6rNPPbqYXei37Cv08SJclll8IuMhw==
age: 6523
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 041f87be8a5914fad15232e511c33a89
77ef31d76eb92db5c126cf5083c008c01a2abd09
c45c6705e7dc389617c0c164f83133e7f25a5a0bcd310baa136fd5ddad6af895
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=125421
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 02:34:38 GMT
Etag: "638b4e2b-117"
Expires: Mon, 05 Dec 2022 13:24:59 GMT
Last-Modified: Sat, 03 Dec 2022 13:24:59 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 297cad55040c7dcc8f09930559abbf02
550e843ed909eab05306843d1c2237bde7aebbff
01f7a58506bfe477a86d25a50e9c7e17217a812176f3f5a9bcb5e6e16f2625a9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102369
Date: Sun, 04 Dec 2022 02:34:39 GMT
Etag: "638af420-1d7"
Expires: Mon, 05 Dec 2022 07:00:48 GMT
Last-Modified: Sat, 03 Dec 2022 07:00:48 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jePTzo8Xm19CH57B9-oqh7cXrKGxejWLl0bFChCPTqzaZaP_oOVQtg==
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash e5993b5884b742f81bf8a1488155eac7
b7fd13a08a3574e84a9deeb09204455c2f7d44e1
1139a3c6d70e6d5478f18801f63ebf1cdcbb202ce45fc5424cdf989f3ddfe35d
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 02:34:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 08 Dec 2022 01:38:30 GMT
ETag: "b7fd13a08a3574e84a9deeb09204455c2f7d44e1"
Last-Modified: Sun, 04 Dec 2022 01:38:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774124edab1eb523-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 424f55bbf934e43d432aa1edb753ded1
6a88f145095bef31daa8bea2d475348e320ec5c1
3dbdd3ec3dc9ddc90cb90ff89e87853374b6e67f88c7cfaf3d4e49af4b1c0c5c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3DBDD3EC3DC9DDC90CB90FF89E87853374B6E67F88C7CFAF3D4E49AF4B1C0C5C"
Last-Modified: Thu, 01 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16956
Expires: Sun, 04 Dec 2022 07:17:16 GMT
Date: Sun, 04 Dec 2022 02:34:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 53e1c8e61a54ff0513756ab2affd2a1b
8c056a5eb93b355e9848402451fa0efebecd224e
52d7b496948fa4627f3dce5c6102e9233fb4b794d3d31e36bca7d18d4e53bda8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1618
Cache-Control: max-age=122351
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 02:34:40 GMT
Etag: "638b3bdd-1d7"
Expires: Mon, 05 Dec 2022 12:33:51 GMT
Last-Modified: Sat, 03 Dec 2022 12:06:53 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 02:34:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 02:34:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 02:34:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
152.199.19.160200 OK 20 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
IP 152.199.19.160:0
File type ASCII text, with very long lines (65371)
Hash 7e2bb6028f0b19917a1a2d1944fc72b1
e1837fc75ee2ddd24c6e1df6b309ea212b57e681
cc6093bd7162882fd34252fb5d3e8e7d07247e3b70fad894320bf2a960abeda5
GET /ajax/bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 14848016
cache-control: public,max-age=31536000
content-type: text/css
date: Sun, 04 Dec 2022 02:34:40 GMT
etag: "0e914f2cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:18 GMT
server: ECAcc (ska/F740)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19629
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
152.199.19.160200 OK 9.8 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (32033)
Hash 432ca07a1a844dbb27f9e0ab0d468be5
7fdaf858d702f84536a515c675b4028ce2eb0cfa
12732099d21835fabf83a93eec52f7cf1847cd64a0572d18917b2e13b06d5cf0
GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ywndoa.com
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 11753825
cache-control: public,max-age=31536000
content-type: application/javascript
date: Sun, 04 Dec 2022 02:34:40 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
216.58.207.202200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 216.58.207.202:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ywndoa.com
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:29:29 GMT
expires: Wed, 29 Nov 2023 13:29:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 392711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ywndoa.com/common_tpls/images/icons/email.png
207.120.33.43200 OK 1.3 kB URL HTTP/2 ywndoa.com/common_tpls/images/icons/email.png
IP 207.120.33.43:0
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash a86d99b9176d82a211cfa29b2f0b353f
62947ddfd87e3a21869818885e4bfa4e55ad0c11
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
GET /common_tpls/images/icons/email.png HTTP/1.1
Host: ywndoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47357-896741.415.977bfb75e1d34b548c660b8d10600b99&epcCID=865dB4w17agdOaA2r0p40cL8RfAcscE6m&rtid=01164693073
Cookie: PHPSESSID=9acbc13bb82ad59b95c305235b0628ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 02:34:40 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
section-io-cache-id: 9fc9febeb0aad08b716a32bfc2ffb9b3
x-varnish: 40568215 38942713
age: 5236
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 6dcd77ba06b8bb1aa234c6ade3c690a1
X-Firefox-Spdy: h2
www.fst-ent-lnk.com/ep.php/prmagms:71475/68088:415.977bfb75e1d34b548c660b8d10600b99
35.83.66.86302 Found 1.5 kB URL HTTP/2 www.fst-ent-lnk.com/ep.php/prmagms:71475/68088:415.977bfb75e1d34b548c660b8d10600b99
IP 35.83.66.86:0
File type PNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data
Hash 6f100f1cdbdce928118ffa4c9293ca5b
6b1a3593e792d4c00187d60560dd03fb42df1156
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
GET /ep.php/prmagms:71475/68088:415.977bfb75e1d34b548c660b8d10600b99 HTTP/1.1
Host: www.fst-ent-lnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 02:34:39 GMT
content-type: text/html; charset=UTF-8
location: https://secadmt.com/signup/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47357-896741.415.977bfb75e1d34b548c660b8d10600b99
set-cookie: AWSALB=fnFBHLZBUW6u+UzP/uaAik2ev6LY7XJnaNaWd/7CzuNMSHUUUQCeA/xn3Wm+qIT1iwmBUp7lbDdaDXw9XNYpGYkIk0wlxKbzuVT5kMVSNmr1AdDNMbi+Jqqdz9NR; Expires=Sun, 11 Dec 2022 02:34:39 GMT; Path=/
AWSALBCORS=fnFBHLZBUW6u+UzP/uaAik2ev6LY7XJnaNaWd/7CzuNMSHUUUQCeA/xn3Wm+qIT1iwmBUp7lbDdaDXw9XNYpGYkIk0wlxKbzuVT5kMVSNmr1AdDNMbi+Jqqdz9NR; Expires=Sun, 11 Dec 2022 02:34:39 GMT; Path=/; SameSite=None; Secure
vip_id=68088.47357-896741; expires=Wed, 07-Dec-2022 02:34:39 GMT; Max-Age=259200; path=/
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 02:34:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 02:34:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
104.18.23.52200 OK 2.6 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3
IP 104.18.23.52:0
File type ASCII text, with very long lines (27832)
Hash eaaabd3f60063923cd5333eb1d7a20a1
0da69706105e28896a1f6eeaa91d5bec1b82f7f1
f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ywndoa.com/
Origin: https://ywndoa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 02:34:41 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 198879
accept-ranges: bytes
server: cloudflare
cf-ray: 774124f65c3fb509-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
104.18.23.52200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
IP 104.18.23.52:0
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ywndoa.com/
Origin: https://ywndoa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 02:34:41 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 198879
accept-ranges: bytes
server: cloudflare
cf-ray: 774124f65c3eb509-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
104.18.23.52200 OK 54 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
IP 104.18.23.52:0
File type ASCII text, with very long lines (65397)
Hash dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ywndoa.com/
Origin: https://ywndoa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 02:34:41 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 198879
accept-ranges: bytes
server: cloudflare
cf-ray: 774124f65c3db509-OSL
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash f6f9b3e147894ff708cda187dcbf5826
ac5c0ea0244ac3f509a1946a4fbc9a9afaa0f677
65e70cef4fe640c1fce9f61bf4ef5de07fe78f78b1fdcecbe5ba0c28e37a3b6a
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 02:34:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 07 Dec 2022 23:33:57 GMT
ETag: "ac5c0ea0244ac3f509a1946a4fbc9a9afaa0f677"
Last-Modified: Sat, 03 Dec 2022 23:33:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 19
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774124fb48fdb523-OSL
js-agent.newrelic.com/552.2d6a2503-1220.js
151.101.130.137200 OK 5.9 kB URL HTTP/2 js-agent.newrelic.com/552.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (21423)
Hash 097ef34c5f5d635a147bca3721bd605b
3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2
3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PnZFPtaQ6Oa8SvsR598yLCynwQMleyjLyE8+/6kXxv1ZfRit6gnSEEKUHnQ2vqYi8syHn+Nxcq4=
x-amz-request-id: XM6WHM0J4M8X38WQ
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 02:34:42 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 22
x-timer: S1670121282.136263,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2
js-agent.newrelic.com/290.2d6a2503-1220.js
151.101.130.137200 OK 3.4 kB URL HTTP/2 js-agent.newrelic.com/290.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (8544)
Hash b9baa2cb6a3b1a3d0fda03cd7db51631
42d37467e05182e3cab2fcb54577dc462adcf50b
31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822
GET /290.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: w13KyJHc6nZxbdEwslB41w8/Eu8hqTxWFthe9Ce9ktH5t1CQfPDcADzeIbbM0XmVboDReCBCqwPazqB/yCHcHQ==
x-amz-request-id: ENM21W9CJ64N9SCW
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 02:34:42 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 529
x-timer: S1670121282.275553,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3424
X-Firefox-Spdy: h2
ywndoa.com/common_tpls/js/form_support.js?v=1101202201
207.120.33.43200 OK 2.8 kB URL HTTP/2 ywndoa.com/common_tpls/js/form_support.js?v=1101202201
IP 207.120.33.43:0
File type ASCII text, with very long lines (3382)
Hash a7eeb9a50ef9a030acb0425b48d6c0ac
be21440a9ec642823aac3f50c7c7a920b48dac1c
2b25dd6621c428940ba0952a0ef50b993ecd70235bca9b6371c0352be637fa65
GET /common_tpls/js/form_support.js?v=1101202201 HTTP/1.1
Host: ywndoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47357-896741.415.977bfb75e1d34b548c660b8d10600b99&epcCID=865dB4w17agdOaA2r0p40cL8RfAcscE6m&rtid=01164693073
Cookie: PHPSESSID=9acbc13bb82ad59b95c305235b0628ff
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 02:34:40 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Nov 2022 21:23:38 GMT
etag: W/"6377f7da-ed7"
section-io-cache-id: e6dd7e1d48250ed0695b37076b4a7169
x-varnish: 40568214 38942642
age: 5498
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: c04a82bab519ac7f2ea2e3ab15f64ceb
X-Firefox-Spdy: h2
ywndoa.com/acct/trk/?rtid=01164693073
207.120.33.43200 OK 21 B URL HTTP/2 ywndoa.com/acct/trk/?rtid=01164693073
IP 207.120.33.43:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3263928008d09ab8b485954895f4c7fc
2eada0c86f6a53d1e52cf331f9a67b0fce1652dd
ad6bc7112b816c4def58838538e536a3aca96514406a3a0e4fc752ac13a97006
GET /acct/trk/?rtid=01164693073 HTTP/1.1
Host: ywndoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6IjAwNThlZTIzMWNhNDI4MTUiLCJ0ciI6ImQzZGU5MWMzYjI3MWM4OWQwMmRlNDE3YjJjZTZjN2YwIiwidGkiOjE2NzAxMjEyNzk4NzF9fQ==
traceparent: 00-d3de91c3b271c89d02de417b2ce6c7f0-0058ee231ca42815-01
tracestate: 3355250@nr=0-1-3355250-1103078842-0058ee231ca42815----1670121279871
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://ywndoa.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47357-896741.415.977bfb75e1d34b548c660b8d10600b99&epcCID=865dB4w17agdOaA2r0p40cL8RfAcscE6m&rtid=01164693073
Cookie: PHPSESSID=9acbc13bb82ad59b95c305235b0628ff
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 02:34:42 GMT
content-type: text/json;charset=UTF-8
content-length: 21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 40504427
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: f5b47fff22c30c69bad091d16e8f4db9
X-Firefox-Spdy: h2
country.gameops.tech/geoip/country?callback=window.gapwn.get_country
104.21.70.147200 OK 8.4 kB URL HTTP/2 country.gameops.tech/geoip/country?callback=window.gapwn.get_country
IP 104.21.70.147:0
File type Unicode text, UTF-8 text, with very long lines (478), with no line terminators
Hash a00bb971d7844fb7b6f4f7d0c62c9454
7bbce5758af6cf45d46403a2c3570af138291ad6
3c97d976b1b14ac6ffa79bae468f5f2dc7f07331b12843c3633798793175d9f3
GET /geoip/country?callback=window.gapwn.get_country HTTP/1.1
Host: country.gameops.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.cyberslut2069.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 02:34:38 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
x-content-type-options: nosniff
etag: W/"20d-sKpKw8KGhimKVxiVkhkJPWK187k"
via: 1.1 varnish
age: 55
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1670121279.596036,VS0,VE0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSi6rxVgf7CyeyTQArWsY2ZbpzjeBfJYZSUZk1xdjx05JZiDVmlxz%2FONoBBRTgv1PNKUQFwYDaZbV4NvN36gT5uqNYVdRnqzqkIo9rVOOfjCglJdNsPmR3yBJNnWmFJmhiO%2F7sj%2F7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774124e72b660b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js-agent.newrelic.com/775.2d6a2503-1220.js
151.101.130.137200 OK 632 B URL HTTP/2 js-agent.newrelic.com/775.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (1169)
Hash 661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 7LFMHtjJh1S3I7Y2nadjyW3qD5GSEUAPkhvRiGWUqI2yNIsj2jxS1WztietgESJCTo8b+MSjBS8=
x-amz-request-id: XM6WXR7ZNKJZ7WDR
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 02:34:42 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 395
x-timer: S1670121282.276291,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
geoip.enlistsecureup.com/?v=1
163.171.128.172200 OK 3.1 kB URL HTTP/2 geoip.enlistsecureup.com/?v=1
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
Hash 8a66b25c03753aec49a64eff2ea74ff5
fde5f99bd908ce1ee7723008dafdac202b16d091
2a188019c31f658fbcad1d429f794ca19535808d5ab61b27bd75097a2b77ee79
GET /?v=1 HTTP/1.1
Host: geoip.enlistsecureup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 02:34:42 GMT
content-type: application/javascript
server: waf/4.32.3-0.el6
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-via: 1.1 PS-SJC-011UH181:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
x-ws-request-id: 638c0741_PSdgflkfFRA1je97_42610-51269
set-cookie: HMF_CI=0c1a1d71b377e6998e6a60b62634567021a61299eee1cace568360e4a9960530fb0aed0483e1dcb1ddd125d0b7696d1683471b7a3f00a5d06050c2083f31a9eedc; Expires=Tue, 03-Jan-23 02:34:42 GMT; Path=/
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap
142.250.74.106200 OK 2.8 kB URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap
IP 142.250.74.106:0
File type ASCII text, with very long lines (5198)
Hash a99a12f7809260ba396e63730d478496
153e8756b6e8a74ee7ab04209819e0c50b38849a
8fe7be9d975656d63a46475e06b9dd7f6e3bac7f18565a85fd84886a8ae485c2
GET /css2?family=Poppins:wght@300;400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 02:34:40 GMT
date: Sun, 04 Dec 2022 02:34:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js-agent.newrelic.com/571.2d6a2503-1220.js
151.101.130.137200 OK 1.1 kB URL HTTP/2 js-agent.newrelic.com/571.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (2412)
Hash d392a55faa7a0a2a43781a495891c9aa
1998ba6f85354606c186fa1a29285676f0b596f0
33b4cb21373961aa88430ff72406d46e95ceddf50afc086598ea5bdc3a311815
GET /571.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Cn07g451pzP+BuOyXbJ5c0o8ExPUm1rBYP/GYVQDFxcy7KzhZDW/Ep1gB0iV/QBa/UCWbkhew68=
x-amz-request-id: XM6J6T5Z32K8FRFH
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "04b00905b32fd8d29459545bc125cff6"
x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 02:34:42 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 9
x-timer: S1670121282.276883,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1108
X-Firefox-Spdy: h2
js-agent.newrelic.com/820.2d6a2503-1220.js
151.101.130.137200 OK 3.0 kB URL HTTP/2 js-agent.newrelic.com/820.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (7460)
Hash 7d1295a839190615b34d5a62acceee4f
eef26f5c6d2ae14cb81b3a9b669da224faceacd0
4d59d58f31b6638fbc3792a0b5fddca6e8eafc19a0c9e9aabadb5ad4d9197198
GET /820.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: mfz69jbwDdVjAOvigezanDeGlG58lNEgRQZJ5bHuLqr3T+YzVd1KlatkpX7gSSdNs3YsWLt1rsw=
x-amz-request-id: 7DG6EGGM14MJB93M
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "897a1a72a47e4f4a24c05aec49af638f"
x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 02:34:42 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 210
x-timer: S1670121282.277103,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2979
X-Firefox-Spdy: h2
js-agent.newrelic.com/790.2d6a2503-1220.js
151.101.130.137200 OK 6.1 kB URL HTTP/2 js-agent.newrelic.com/790.2d6a2503-1220.js
IP 151.101.130.137:0
File type ASCII text, with very long lines (17591)
Hash b3193d37837e2f200e10db13deff83a9
d8577b8a972583e81cfd8e31436dcd039aa049b2
5ba2e421fa78af3094294f4f8e30ba63225537da3ad68e35fbab63b2d22a0288
GET /790.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: rOIosPuuEwyY2i5sNYqTXHwZXDs2re4AJB6+I1QFfF9D8vToAF8QBmtRttIasr2/YRes+1f0bv4=
x-amz-request-id: 9HYGKVEA32SEPK1W
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "af8c077a247e90dff929d7af81c94f57"
x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 04 Dec 2022 02:34:42 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 144
x-timer: S1670121282.277231,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 6064
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4287&ck=0&s=e6d121693fed4d3d&ref=https://ywndoa.com/acct/epc68088/add/&ap=82&be=2474&fe=1342&dc=1338&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670121276041,%22n%22:0,%22f%22:1784,%22dn%22:1786,%22dne%22:1817,%22c%22:1818,%22s%22:1928,%22ce%22:2084,%22rq%22:2084,%22rp%22:2356,%22rpe%22:2356,%22dl%22:2361,%22di%22:3801,%22ds%22:3811,%22de%22:3815,%22dc%22:3815,%22l%22:3815,%22le%22:3819%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4287&ck=0&s=e6d121693fed4d3d&ref=https://ywndoa.com/acct/epc68088/add/&ap=82&be=2474&fe=1342&dc=1338&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670121276041,%22n%22:0,%22f%22:1784,%22dn%22:1786,%22dne%22:1817,%22c%22:1818,%22s%22:1928,%22ce%22:2084,%22rq%22:2084,%22rp%22:2356,%22rpe%22:2356,%22dl%22:2361,%22di%22:3801,%22ds%22:3811,%22de%22:3815,%22dc%22:3815,%22l%22:3815,%22le%22:3819%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4287&ck=0&s=e6d121693fed4d3d&ref=https://ywndoa.com/acct/epc68088/add/&ap=82&be=2474&fe=1342&dc=1338&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1670121276041,%22n%22:0,%22f%22:1784,%22dn%22:1786,%22dne%22:1817,%22c%22:1818,%22s%22:1928,%22ce%22:2084,%22rq%22:2084,%22rp%22:2356,%22rpe%22:2356,%22dl%22:2361,%22di%22:3801,%22ds%22:3811,%22de%22:3815,%22dc%22:3815,%22l%22:3815,%22le%22:3819%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 02:34:43 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 774124fffa30b521-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4845&ck=0&s=e6d121693fed4d3d&ref=https://ywndoa.com/acct/epc68088/add/
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4845&ck=0&s=e6d121693fed4d3d&ref=https://ywndoa.com/acct/epc68088/add/
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4845&ck=0&s=e6d121693fed4d3d&ref=https://ywndoa.com/acct/epc68088/add/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 671
Origin: https://ywndoa.com
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 02:34:43 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 774125036b9cb521-OSL
Access-Control-Allow-Origin: https://ywndoa.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
54.230.111.80200 OK 0 B URL HTTP/2 go.cyberslut2069.com/vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4
IP 54.230.111.80:0
GET /vrfttcyber/?bi=pw&sd=1&fk=cyber&ai=68088&ca=415&ci=977bfb75e1d34b548c660b8d10600b99&tk=MSJ7L4 HTTP/1.1
Host: go.cyberslut2069.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gaut-hil.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 23 Dec 2021 16:52:18 GMT
server: AmazonS3
content-encoding: gzip
date: Sat, 03 Dec 2022 21:17:28 GMT
etag: W/"0d1c30819e500f4f596aa3421773d64f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zueGVmw9tPrgoFqdFh0xYot00wsz2AtxVLYS68lGVwoFZwPgYQPxJg==
age: 19031
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.106:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 02:34:40 GMT
date: Sun, 04 Dec 2022 02:34:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ywndoa.com/common_tpls/js/iframeResizer.contentWindow.min.js
207.120.33.43200 OK 0 B URL HTTP/2 ywndoa.com/common_tpls/js/iframeResizer.contentWindow.min.js
IP 207.120.33.43:0
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: ywndoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ywndoa.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47357-896741.415.977bfb75e1d34b548c660b8d10600b99&epcCID=865dB4w17agdOaA2r0p40cL8RfAcscE6m&rtid=01164693073
Cookie: PHPSESSID=9acbc13bb82ad59b95c305235b0628ff
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 02:34:40 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 10e6af6e5f572e91665b1b72f5a41333
x-varnish: 40568216 38942540
age: 5530
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: f0cdf74a17a33686bd1a5f4fe64529cd
X-Firefox-Spdy: h2
gaut-hil.com/zcredirect?visitid=3154bf93-737c-11ed-8f56-1218cc9cbc1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
3.212.50.125200 OK 0 B URL HTTP/2 gaut-hil.com/zcredirect?visitid=3154bf93-737c-11ed-8f56-1218cc9cbc1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 3.212.50.125:0
GET /zcredirect?visitid=3154bf93-737c-11ed-8f56-1218cc9cbc1d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: gaut-hil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/zcvisitor/3154bf93-737c-11ed-8f56-1218cc9cbc1d/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=37c9e6c0-26dd-11ed-b69b-12beee04f19b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 02:34:37 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: bvltnaFN
X-Firefox-Spdy: h2
secadmt.com/signup/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47357-896741.415.977bfb75e1d34b548c660b8d10600b99
163.171.128.172302 Found 0 B URL HTTP/2 secadmt.com/signup/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47357-896741.415.977bfb75e1d34b548c660b8d10600b99
IP 163.171.128.172:0
ASN #54994 QUANTILNETWORKS
GET /signup/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47357-896741.415.977bfb75e1d34b548c660b8d10600b99 HTTP/1.1
Host: secadmt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.cyberslut2069.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 02:34:40 GMT
content-type: text/html; charset=UTF-8
server: PWS/8.3.1.0.8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://ywndoa.com/acct/epc68088/add/?epcVIP=48.1066.g90&lang=en&email=&password=&ci_qcksub=1&act=epc68088.47357-896741.415.977bfb75e1d34b548c660b8d10600b99&epcCID=865dB4w17agdOaA2r0p40cL8RfAcscE6m&rtid=01164693073
via: 1.1 PSmglsjLAX2hu177:8 (W), 1.1 PSdgflkfFRA1vg90:11 (W)
x-px: ms PSdgflkfFRA1vg90FRA,ms PSmglsjLAX2hu177LAX(origin)
x-ws-request-id: 638c073f_PSdgflkfFRA1je97_42108-20522
set-cookie: PHPSESSID=605710577163bbf4e6dc6d92e4d1b3cd; path=/; secure; SameSite=None
HMF_CI=fde1f8e613fd70f4f53bddba2ec533417191d727aa6a8519c12d16f466cfdb381a3251593146e2f126db5714ed931f5e45b58b86e49bcaaa9474e8122a1505adc7; Expires=Tue, 03-Jan-23 02:34:40 GMT; Path=/
X-Firefox-Spdy: h2