Overview

URLwaebi.fr/
IP 104.21.0.224 ()
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-18 05:14:50 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (14)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-17 05:55:20 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.148.69.31
jqkkq.excelientdates.net (4) 0 No data No data 63.32.216.166 Unknown ranking
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-18 02:29:13 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
ocsp.pki.goog (7) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
fonts.googleapis.com (3) 8877 2013-06-10 20:14:26 UTC 2022-11-18 02:13:48 UTC 142.250.74.10
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-17 21:25:27 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-17 05:55:30 UTC 34.102.187.140
waebi.fr (8) 0 2020-12-20 18:28:29 UTC 2022-08-14 18:50:03 UTC 172.67.128.88 Unknown ranking
cdn-dimi.akamaized.net (15) 0 No data No data 184.31.15.67 Domain (akamaized.net) ranked at: 280

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-18 2 jqkkq.excelientdates.net/js/pushjs/1.0.0/utils.js Phishing
2022-11-18 2 jqkkq.excelientdates.net/js/pushjs/1.0.0/subscriber.js Phishing
2022-11-18 2 jqkkq.excelientdates.net/js/service-worker.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 104.21.0.224
Date UQ / IDS / BL URL IP
2022-12-15 06:07:47 +0000 0 - 0 - 2 wooden-chair.iu7k.in/ga/unsubscribe/2-2112981 (...) 104.21.0.224
2022-11-18 09:23:41 +0000 0 - 0 - 9 xxrdmdnt.gq/ 104.21.0.224
2022-11-18 05:14:50 +0000 0 - 0 - 3 waebi.fr/ 104.21.0.224


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-03 17:46:46 +0000 0 - 6 - 0 www.mediafire.com/file/9fq129brifuvw8g/!@sush (...) 104.16.53.48
2023-02-03 17:43:53 +0000 0 - 1 - 0 cdn.discordapp.com/attachments/10573592827079 (...) 162.159.129.233
2023-02-03 17:43:25 +0000 0 - 0 - 1 soundigital.com.br/ebuk/signin/password.php 104.21.74.75
2023-02-03 17:43:13 +0000 0 - 0 - 3 komrep.com/r/02m/us_bronze.php 172.67.131.66
2023-02-03 17:42:08 +0000 0 - 4 - 0 www.elegoo.com/tutorial/Elegoo%2037%20Sensor% (...) 23.227.38.74


Last 1 reports on domain: waebi.fr
Date UQ / IDS / BL URL IP
2022-11-18 05:14:50 +0000 0 - 0 - 3 waebi.fr/ 104.21.0.224


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-30 22:40:42 +0000 0 - 0 - 6 eu.bvmprp.xyz/request/69629e3a-a67b-4c24-b391 (...) 188.114.97.1
2023-01-30 08:12:46 +0000 0 - 0 - 8 f0p8gg7.cyou/180-chemmsusuocn651 185.143.223.48
2023-01-29 21:17:49 +0000 0 - 0 - 4 clck.ru/32d3f6?IMO 213.180.204.221
2023-01-29 15:29:55 +0000 0 - 1 - 3 www.trackmwsg.digital/?sl=5497933-f304f&data1 (...) 51.68.82.147
2023-01-28 23:54:11 +0000 0 - 0 - 6 eu.bvmprp.xyz/request/69629e3a-a67b-4c24-b391 (...) 188.114.97.1

JavaScript

Executed Scripts (26)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (59)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3744
Expires: Fri, 18 Nov 2022 06:17:03 GMT
Date: Fri, 18 Nov 2022 05:14:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3336
Expires: Fri, 18 Nov 2022 06:10:15 GMT
Date: Fri, 18 Nov 2022 05:14:39 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: WmmVFVvIQLifRCSdLCUKKdxeemefhTLOja/IkHaRzRYRe8vhLJ8OoQiNkdIgFwB7u65g8SmUxDVFzR72AETs2w==
x-amz-request-id: TX62HB409TZHRSWW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 04:52:45 GMT
age: 1314
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2711
Cache-Control: 'max-age=158059'
Date: Fri, 18 Nov 2022 05:14:39 GMT
Last-Modified: Fri, 18 Nov 2022 04:29:28 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 04:44:46 GMT
cache-control: public,max-age=3600
age: 1793
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 18 Nov 2022 05:14:39 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: waebi.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.67.128.88
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 18 Nov 2022 05:14:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmDUEU6pR5rNHvMZnT0O8syxcLFoNp3GRJwN2DBoH0na5CIVXShCWUx%2FjSoHi%2B4RD7giZ3q3PfRpmF9yNNbBjDTZkFawPCKytOSp%2Bv80y%2Fj%2FtCOzvD5IWjtPAA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76be394acf2d0b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11880)
Size:   10666
Md5:    45f219eb731bc40ad09ac56b8953eace
Sha1:   fd0fea23a1ab89ea25097e1100eb637188ff5419
Sha256: c595b54e8d07aa2d70616d6ae2024bdd8fbaadf9bd79cd97ccb242d447df1462
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 05:14:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 05:14:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 04:25:01 GMT
cache-control: public,max-age=3600
age: 2979
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /templates/blogg/wp-content/themes/blogg/assets/css/bootstrap-reboot.css HTTP/1.1 
Host: waebi.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://waebi.fr/

search
                                         172.67.128.88
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 18 Nov 2022 05:14:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 28 Sep 2018 15:09:19 GMT
Vary: Accept-Encoding
ETag: W/"5bae441f-143a"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFNu8ABILKT6tbRhhBkn2XdA%2FTzmBfgsZlHdRput%2BiD0MUSSadForAP9NWF6kADd%2Fkvxqd4BOzSydDc7OkqN%2B92NRs9Nz5S60BpF06sRj0dSKtluuFPRoKnNTA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76be394f89060b02-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1919
Md5:    121cc549216254b49dbe68c42b81dfdb
Sha1:   282b7bf833ae4fa927a07b5cf2d7b219fced152b
Sha256: c5995bc595f6512e4b13c7798581a500f7fbbd1991f015ca4f744e65f1ba7cda
                                        
                                            GET /templates/blogg/wp-content/themes/blogg/style.css HTTP/1.1 
Host: waebi.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://waebi.fr/

search
                                         172.67.128.88
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 18 Nov 2022 05:14:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 28 Sep 2018 15:09:19 GMT
Vary: Accept-Encoding
ETag: W/"5bae441f-d10b"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMD3%2BjeZtm%2FItlPxxhrw%2FkWAU%2FHNtU78T%2BTRL3AcCEXZ0b%2FPT%2Bsi5GuQwt0DviiNR5oQG9qcMTxmMuz9urwgoj9e6O8pjaIl6mZcYoHHGvLxWzRRxmdV6JCwew%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76be394f89070b02-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (891)
Size:   14009
Md5:    6be09c8737758b25dc8b0e76c1ffb29d
Sha1:   f7daa91234efd201097957259b6a4a180f4a1522
Sha256: 76ea0c418e7a13e6d06b2c96b3e446288a1e8e09d447a23f7d5ccf49f533bdb5
                                        
                                            GET /templates/blogg/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1 
Host: waebi.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://waebi.fr/

search
                                         172.67.128.88
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Fri, 18 Nov 2022 05:14:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 28 Sep 2018 15:09:19 GMT
Vary: Accept-Encoding
ETag: W/"5bae441f-2748"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5c7IWmDgVQwoIWXZafU%2FYKMyYF6HV1cHbdHtQAZ80Hgj2O2HIFIuR5IeY5HMXQnl9m35N9BpeToGFk7n%2F19lIFdwB8mL%2FosI3DiHwlqp4pUJ%2BZtIEG3UoZYRg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76be394f8ef90af6-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (9959)
Size:   4306
Md5:    95cd29a10119a85432df5ed805d90441
Sha1:   3a8e99e4fe7aca3f5a67964a6318ab768ecd96df
Sha256: 500ae1c9295bc99d8e7c7ab04253ceeda1d8813fb6414b20ecbd3f57f178ec06
                                        
                                            GET /templates/blogg/wp-content/themes/blogg/assets/js/navigation.js HTTP/1.1 
Host: waebi.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://waebi.fr/

search
                                         172.67.128.88
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Fri, 18 Nov 2022 05:14:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 28 Sep 2018 15:09:19 GMT
Vary: Accept-Encoding
ETag: W/"5bae441f-1af6"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Asgn27ve1RDmMySq55oIVRW45%2BIMGpZLOnxQIAneK9TfpcCJJcUZbOvBttafopfidsySCf1itC0r1TcZmK13YfGs62HyEK3xfDD5omNRI2Dpt1sGnPSnKCF2RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76be394f8cfe1bfe-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text
Size:   1845
Md5:    6fa1d0605ee00e410da2d3cc79efa87e
Sha1:   60ab77a6075da80c04b0b596bfe0c435dfeb9914
Sha256: 01768096da690a5a6f557e1905633506cac3dce975f62e394ba5fbd4d1e7df38
                                        
                                            GET /templates/blogg/wp-content/themes/blogg/assets/css/bootstrap-grid.css HTTP/1.1 
Host: waebi.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://waebi.fr/

search
                                         172.67.128.88
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 18 Nov 2022 05:14:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 28 Sep 2018 15:09:19 GMT
Vary: Accept-Encoding
ETag: W/"5bae441f-930c"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bz1yYjN2Y3uthJsPzJixqQ8JfECSzjO4lBvp2uwaMJYQtJXS8x6yqiCFwuhd3Ng3lJBRphjPvbqCi3trhbZHX5isQxHBKaomCYyHFhR18cXAOZ7lkyiZOF0ijg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76be394f8f5cb521-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text
Size:   5780
Md5:    7624427d6a3a9dfb67cb4673e3bb27c7
Sha1:   6183cf31862e5fa4cf37c42ea01c5f5cfd9eeacd
Sha256: f1410518b0c9a55740e77bc52f5198e2d0896b9fa168758686564a38bb6da799
                                        
                                            GET /templates/blogg/wp-includes/js/jquery/jquery.js HTTP/1.1 
Host: waebi.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://waebi.fr/

search
                                         172.67.128.88
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Fri, 18 Nov 2022 05:14:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 28 Sep 2018 15:09:19 GMT
Vary: Accept-Encoding
ETag: W/"5bae441f-17ba0"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JIgvmSby10g5ynjdrCdypLJ29J0NyMytBctge9p9mbjCNUuhMYg3XoDgKOapU9LjNUDckJrod%2F1ykZqt%2BS2iZ4LapJ%2BtpHcIrtj3YezsqVlJXSBAQTnmOx3rg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76be394f8ec8b529-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (32077)
Size:   39407
Md5:    11ce2598dd8bfd0c4a5698bcf4eb2671
Sha1:   3acdcbf4d26d0eb4d58f731be2f2fbd87f1c3c4e
Sha256: 9382bc810545a9b59877f5000477402706605e2da44c3e62f5a7382b6841295b
                                        
                                            GET /templates/blogg/wp-content/themes/blogg/assets/js/skip-link-focus-fix.js HTTP/1.1 
Host: waebi.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://waebi.fr/

search
                                         172.67.128.88
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Date: Fri, 18 Nov 2022 05:14:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 28 Sep 2018 15:09:19 GMT
ETag: W/"5bae441f-2ad"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fz7m5f48adz4NtuNj1yXoi%2BgqWjha5kjnEJHl4O3n%2FchNcu7W6jlA4BxXtmC2kMGTOyvz8fJdifTW9SvTMMBB4ZUWQK6oifvDrzWBZhi7kduEie%2FhRkI4son5g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76be39510a070b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text
Size:   416
Md5:    a58187e217f4b2ee9cd10e8954eda607
Sha1:   49f6e0418c24f410db3a8c8681a7d98455d15e9d
Sha256: 69bf8d27242351ec81cf610c4d994e047c2ab1b5868b9e252596eee0a3d6d278
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4620
Cache-Control: max-age=104955
Date: Fri, 18 Nov 2022 05:14:40 GMT
Etag: "6375f9af-1d7"
Expires: Sat, 19 Nov 2022 10:23:55 GMT
Last-Modified: Thu, 17 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9325380AAD635B42126F90DB605DCD702A0BA8312A6B453CF668A51CA47D42E8"
Last-Modified: Thu, 17 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19925
Expires: Fri, 18 Nov 2022 10:46:45 GMT
Date: Fri, 18 Nov 2022 05:14:40 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cLyprpgng/IVeWiqBdC6RA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.148.69.31
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xgjpJkMUsdCNCkjKqxKyI26cGcQ=

                                        
                                            GET /landings/274421/1665476197/js/function.js?1665476197 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: VdhGu9zmWaVqkocbmydA/D12aTuuZcdNycmSv7+8m7eyjfu3p5j1gYdP9aoGXw3yp5nJ3qMx97Q=
x-amz-request-id: 5FK64K20CYM5Z772
Last-Modified: Tue, 11 Oct 2022 08:16:41 GMT
ETag: "5da2c51949f2a873bf0091a104658e72"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 18 Nov 2022 05:14:40 GMT
Content-Length: 688
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   688
Md5:    ba7deda1bcbc1e2d5c127678e05b71a1
Sha1:   4707fef7ab43a522b3cf7f5c0db4c148c5a43701
Sha256: 303187afb2cbbbf6095724df7eaf8c7967bb019dc17e1224d9e2366ac7f381c5
                                        
                                            GET /landings/274421/1665476197/css/popup.css?1665476197 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: VckAuhBsOCe1Y09j6NpQJnW18UwkLIuttl9dhxP+Wk2jp+UVg4JL35GX3Wk7LbRsLo2+ztMVDB0=
x-amz-request-id: 5FK7GTEVJYDZ7HJM
Last-Modified: Tue, 11 Oct 2022 08:16:41 GMT
ETag: "5a61d45142ce5764a2b36dc75343fcd5"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 18 Nov 2022 05:14:40 GMT
Content-Length: 635
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   635
Md5:    4ed05a608a8ec589e8aa5b040f7bb878
Sha1:   c58649a707ba64aed8b285d3be9f6b06a85ea6cb
Sha256: bcc5d06c7b102eed1477b062020dc4414e4f6c4f9e390e3e67fa675a5f0fa363
                                        
                                            GET /landings/274421/1665476197/js/vegas.js?1665476197 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 0eMT4koabHT9GPZ6EMpJ8fY/enZiDdahrDwddUnZCsoOqzzyk80ncN4Wu3mB2J7BbIur0PZKSHY=
x-amz-request-id: EBYKSGB7HH0Y7XRY
Last-Modified: Tue, 11 Oct 2022 08:16:41 GMT
ETag: "9acc66fdf18dea05bd75165eb5a96259"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 18 Nov 2022 05:14:40 GMT
Content-Length: 3401
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (11568), with CRLF line terminators
Size:   3401
Md5:    156c4046496d16408b06eb605ce1ab09
Sha1:   0dde2c6bbb3cf64132989866bdc1161be62474e3
Sha256: 657aac4fd9cd122e452b9da290c486d115af6b8fe8d409f39ab1d1d3dff44144
                                        
                                            GET /landings/274421/1665476197/css/style.css?1665476197 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: dtXQkYJqfNOHS17PU0x0Cfgy84xXm7y/w1ljXiuAW20W7EkxzpgZIF/JpQTMdH9LRzDmcsvvTHU=
x-amz-request-id: 5FK4G1ZB5XBKE3DE
Last-Modified: Tue, 11 Oct 2022 08:16:41 GMT
ETag: "3b2600a52194200f3e571497278a82b6"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 18 Nov 2022 05:14:40 GMT
Content-Length: 2984
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   2984
Md5:    11c307ab54e4794178f8fdd350f18f7d
Sha1:   64719759a84339efeb7d27df155eeb7d19a418a2
Sha256: 79595d638cf44d8d7b46c0d590bd77703256eb4b04611373f7d566fc733e44c1
                                        
                                            GET /landings/274421/1665476197/js/translates.js?1665476197 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: vu1ucyXOBFWgv4fnKNSvlvMpL7uMz02fRFh/snhOu2ZJKnhcETFEA7B+QtVy8SkgWNu0ThPG7p4=
x-amz-request-id: RT7YK4XR05JF9WZ3
Last-Modified: Tue, 11 Oct 2022 08:16:41 GMT
ETag: "07cee83d1be10af1ca991d1c60abd6e2"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 18 Nov 2022 05:14:40 GMT
Content-Length: 10048
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   10048
Md5:    f54e5331f7d782d475a884cce1db33fd
Sha1:   d5145e3ebcab1a21d4cdff8632c9901db93b962f
Sha256: 73c4aa8abb0450fbb7eef37c3afc3d6f11f0c2bc3f0a101323364b59298e4e2f
                                        
                                            GET /landings/274421/1665476197/js/jquery-2.2.4.min.js?1665476197 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: povQPQpLbRUVPnTpuUfc8XEQMZzH1lt6Sx1MYy+n9/W2McUe+PZLeAotsijwiA0hKg9bAFbUgyg=
x-amz-request-id: MN4KF5C3Q59AW9S2
Last-Modified: Tue, 11 Oct 2022 08:16:41 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 18 Nov 2022 05:14:40 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   29855
Md5:    2fa28552f1ee4e1382ee43930b53afb8
Sha1:   803670da6a35378bf4eb73acc8e72fe4feb5ca30
Sha256: ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
                                        
                                            GET /landings/274421/1665476197/js/title_tanslate.js?1665476197 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: xbCMBptedXjL0Zgb1MuLUU7Lc7gJcHp+Dmsg5K3r9h/iQuZ3ZyUx1k091EiBzZAXJE3DS8h+syo=
x-amz-request-id: 5FK1GMCZ4R19RW3C
Last-Modified: Tue, 11 Oct 2022 08:16:41 GMT
ETag: "5f373fa5bf21c44b9ad23b70ef96e73d"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 18 Nov 2022 05:14:40 GMT
Content-Length: 1298
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   1298
Md5:    0e212ad4454c941c45c2e57df42c2b4f
Sha1:   fe9d7c484c2c0d7a6475692ef984c53a06c95406
Sha256: e950a9e5e696f39d02028b27a4cd82fab1b6fd07fa34a238d3a3f7f5e90d95c3
                                        
                                            GET /landings/274421/1665476197/js/tn_pHash.js?1665476197 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: g+e/I9Y7/sLMuGRFOYmRJ0PA4nHXT2BlRn+QM7O4CR5hpHkLI95D83Dngrd7glV51JZpzi33eWQ=
x-amz-request-id: 5FK128ME24K9G3NZ
Last-Modified: Tue, 11 Oct 2022 08:16:41 GMT
ETag: "3544c08851825a863747a126548d6993"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 252
Date: Fri, 18 Nov 2022 05:14:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   252
Md5:    3544c08851825a863747a126548d6993
Sha1:   01882998e61b9f93d5f346386fa633f6b8d95b2d
Sha256: 9804b1c7443db74b2d7fe81cf11d84c8f0d9a7dee281b4fe8c15552bdc7eed69
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 05:14:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 05:14:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /c/da57dc555e50572d?s1=15966&s2=56630&j1=1&j3=1&s3=1.testfr16&click_id=68-1381-20221118081436dbcb17fc HTTP/1.1 
Host: jqkkq.excelientdates.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://waebi.fr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Fri, 18 Nov 2022 05:14:40 GMT
set-cookie: unique_id=6376b046000325dd; Path=/; Expires=Tue, 17 Jan 2023 05:14:40 GMT; Secure; SameSite=None unique_id2=6376b04600047c48; Path=/; Expires=Thu, 16 Feb 2023 05:14:40 GMT; Secure; SameSite=None 6376b04600047c48_c=1; Path=/; Expires=Thu, 16 Feb 2023 05:14:40 GMT; Secure; SameSite=None ref_token=15966_1018_808_178740; Path=/; Expires=Sun, 18 Dec 2022 05:14:40 GMT; Secure; SameSite=None impression=; Path=/; Expires=Fri, 18 Nov 2022 05:14:40 GMT; Secure; SameSite=None 6376b04600047c48_sl=[274421]; Path=/; Expires=Fri, 02 Dec 2022 05:14:40 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   15954
Md5:    9c69b7e9097d5e2cbf2a75437d7f60e4
Sha1:   40e71efd5e20de8b2fee3257e14340c6692a8b83
Sha256: 607c5c42a56c4d0c75634c9fedebb47e2484b178f506ca03421cbe27407bd7da
                                        
                                            GET /landings/274421/1665476197/images/110010_2.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: ZTSjQ3OjduGU6+N8E14MaMk9oSub6o/92F6D3hy3OvjGhCbYi8i0v7dzpjrgGgpaOUeVcxxkC6g=
x-amz-request-id: VAP4DPZP69DZQB38
Last-Modified: Tue, 11 Oct 2022 08:16:41 GMT
ETag: "2b8ac4e50a5bbbe4e6ea964bec7f3086"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 29319
Date: Fri, 18 Nov 2022 05:14:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 682x388, components 3\012- data
Size:   29319
Md5:    2b8ac4e50a5bbbe4e6ea964bec7f3086
Sha1:   5486267315a7cd9eca01fa2fc6007060189c8b4f
Sha256: 8f700ae9dd68bd1130d528b77e1de92b4945e036060fdb01a02ccc148ab24ab3
                                        
                                            GET /landings/274421/1665476197/images/logo.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: InrAZSCddJLjTI8Jz1ppF+VCBKAY4TnJaJyi2GY8i0is4BCsRB+7ntfPrT9biEoqQIz6wrXiqog=
x-amz-request-id: VAPA9EQ4R2ZT76AK
Last-Modified: Tue, 11 Oct 2022 08:16:40 GMT
ETag: "c0647e470e90e4e76c886ef3f4c651ac"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 40774
Date: Fri, 18 Nov 2022 05:14:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 1024 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size:   40774
Md5:    c0647e470e90e4e76c886ef3f4c651ac
Sha1:   fe1dd72ac0432bd8f261672c7c336cf902503d3c
Sha256: 1d4ad487984a8f689c904f3c2532f034b03d361c081dae581752cdc20d983037
                                        
                                            GET /landings/274421/1665476197/images/1.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: wjrNzaPibZbNpYqC7vW/ZNgWWQkav+0m/yceiRpzXr2H5MJGL15jgF7SHoUXLs0RFSoBfoe4tfg=
x-amz-request-id: VAPFMG40VEXR8854
Last-Modified: Tue, 11 Oct 2022 08:16:40 GMT
ETag: "765620bf3d6dcdb5495b70409b6b4ba8"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 62164
Date: Fri, 18 Nov 2022 05:14:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 900x1280, components 3\012- data
Size:   62164
Md5:    765620bf3d6dcdb5495b70409b6b4ba8
Sha1:   f4a00a38ca93130e5e0398deea0ba2f928e2172b
Sha256: e0d65a21b743f7fe6de2f4bd57316546e7f30c7810740d68322a44dfe3004373
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 05:14:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 05:14:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jqkkq.excelientdates.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 121232
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /css2?family=Ubuntu:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 05:14:40 GMT
date: Fri, 18 Nov 2022 05:14:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16401
Md5:    89bd320f7d4fd5dd2fe2e36cbc33da5f
Sha1:   7730043441df8c482ac9fc91594977c5b7df1c9c
Sha256: 6e82a5acfa476ae9e8e1882bc8bfe44fefa49cbb3e10edc8985a48c34549ad6c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Nov 2022 05:14:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/274421/1665476197/images/favicon.png?t=20221118051440 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: gUOuXNnPyvPY/tNlUng/vTCdwOZ1HZV1CjXjFqHTQT8BAkuo4vGVuU8PZu1OwiXaIkfms/rODW4=
x-amz-request-id: XXNDRXTXWC8Z36X9
Last-Modified: Tue, 11 Oct 2022 08:16:41 GMT
ETag: "40a54c3ecf143b64096b063ff793fdbb"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4093
Date: Fri, 18 Nov 2022 05:14:41 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   4093
Md5:    40a54c3ecf143b64096b063ff793fdbb
Sha1:   017eafffc5e55226a2aec0dd3c03f1b6130a6bab
Sha256: 39b439471019cb16f819e05166d23492593310fd55cce8471062d8f2dc5de423
                                        
                                            GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 18:29:53 GMT
expires: Tue, 14 Nov 2023 18:29:53 GMT
cache-control: public, max-age=31536000
age: 297888
last-modified: Thu, 10 May 2018 20:35:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35547)
Size:   10017
Md5:    fa9987a23f5a9d865766e952511baa30
Sha1:   f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
Sha256: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
                                        
                                            GET /js/pushjs/1.0.0/utils.js HTTP/1.1 
Host: jqkkq.excelientdates.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/c/da57dc555e50572d?s1=15966&s2=56630&s3=1.testfr16&s5=backuser&click_id=68-1381-20221118081436dbcb17fc&iexpp=1&j1=1&j3=1
Cookie: unique_id=6376b046000325dd; unique_id2=6376b04600047c48; 6376b04600047c48_c=1; ref_token=15966_1018_808_178740; impression=; 6376b04600047c48_sl=[274421]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 18 Nov 2022 05:14:41 GMT
expires: Fri, 25 Nov 2022 05:14:41 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (32159)
Size:   11991
Md5:    262c195b66413b88c5fa395ffad05796
Sha1:   d2a9689d861d63c9f6e6857be9f53aa292e43462
Sha256: 33a8085f0dfed0a9f9046173aa24aa4b0c0f25051a0461a2045479904d508815

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20235
Expires: Fri, 18 Nov 2022 10:51:56 GMT
Date: Fri, 18 Nov 2022 05:14:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20235
Expires: Fri, 18 Nov 2022 10:51:56 GMT
Date: Fri, 18 Nov 2022 05:14:41 GMT
Connection: keep-alive

                                        
                                            GET /css?family=Lato%3A300%2C400%2C700%2C700i%2C900%2C900i%7CMolle%3A400i&subset=latin%2Clatin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://waebi.fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 05:14:40 GMT
date: Fri, 18 Nov 2022 05:14:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1019
Md5:    52999d3d2177611c9a344b295bb31e0b
Sha1:   c63a07e579c8d9d9a1d196201f6136dc93591a9c
Sha256: 18d9bfaac353097ae600ef735265d53598d1f2cfb2a7bd99eeab380251f4c6b6
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20235
Expires: Fri, 18 Nov 2022 10:51:56 GMT
Date: Fri, 18 Nov 2022 05:14:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20235
Expires: Fri, 18 Nov 2022 10:51:56 GMT
Date: Fri, 18 Nov 2022 05:14:41 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10349
x-amzn-requestid: fc85e078-a81a-4fed-899e-15249961f59c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7tHGLIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7d-4224d193517794684fcdc0ad;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UK-XD_8EcfPwfLb-QVwfLr8aG-sqVBoUJcbPb5hKAlQS68eOxdgM5g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:05:52 GMT
age: 25729
etag: "fa7c5c9a1d16355859196271f3d13f3850931888"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10349
Md5:    7d16e5ff718353c095d266b080fe547f
Sha1:   fa7c5c9a1d16355859196271f3d13f3850931888
Sha256: 9a94d8eb20cc56d0898b1e2b80c0006ebbef75c15ad94e907050c5be4e19a960
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38915691-004a-4ae6-a5c6-fd071040ffba.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6339
x-amzn-requestid: 0be5dee5-272d-4577-ba55-5cdb7935ea60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MCExBoAMFz6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa4c-15fd613336aa6fcb165d0b26;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NYs-Nf0PzWqhXP5nkvanTjhJ6vfwRIU--YD06RFIGPEuwDCu6fvEPg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:01:30 GMT
age: 25991
etag: "4369c8ebe61b9944e639bb2731feb51c5a758fe7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6339
Md5:    4998f097d23ee5f19cae27d5b938e5fc
Sha1:   4369c8ebe61b9944e639bb2731feb51c5a758fe7
Sha256: 5691c66766c9578e9c4aa71240608653821162c668abc63ee40e553ede2450e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qpoQa1Lhe-h27dGooXDCtujesSTg7Tb0Ov-PNLnUP0288ZofwHxkhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:24:12 GMT
age: 24629
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7631
Md5:    b2b393e36ee2c9649d90db136aa49542
Sha1:   e88c5832ff0c49bab181d948c3a510d88343bb6f
Sha256: 8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5zDWKjYmvVLCemXw5Swm2qkhw1mQtD5c07Fl7Krydo_XR5FFyHDu4Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 07:15:37 GMT
age: 79144
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11667
Md5:    032386e5c9dffff1ba1ee5e8a322d438
Sha1:   dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
Sha256: 0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e567bc1-d4b1-4dd2-b17e-3595ad1753e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10281
x-amzn-requestid: 11dffc4e-71d7-4195-8890-62c8a2092728
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-77EWaIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-3c0dc7e43023af827ac26958;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Xbau-BXu_W5Hu8QaCg3tvwfYMb_8L8F_muNp4gVukeNTmiDW4BAXhA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:24:03 GMT
age: 24638
etag: "90a146aef85765630a5e09e46a0a8682e204bec1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10281
Md5:    35da1192dcadc6e329a9e60c16904301
Sha1:   90a146aef85765630a5e09e46a0a8682e204bec1
Sha256: 816d1387a3a91a82f0bdaa2b703b45aa30be206d30d4dd1e8ac5deca13de57ad
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:08:54 GMT
age: 25547
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3759
Md5:    5d0b6106f00f9fd8b89c2d484a559a1a
Sha1:   399ac393209dcdac7d2188d7aa8d95f04570ef7c
Sha256: 5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4
                                        
                                            GET /landings/274421/1665476197/images/2.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: f4AErSkpeOGggssrw8lVyBwMxSQfQ85caE9gNj/A2G1fYVq323VtgI8+8JCng+xk11HIE+XC8KA=
x-amz-request-id: CR7WENHYMTRWH2YR
Last-Modified: Tue, 11 Oct 2022 08:16:40 GMT
ETag: "3b8b455b24c71ae1f928266241e9517e"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 102832
Date: Fri, 18 Nov 2022 05:14:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 960x1280, components 3\012- data
Size:   102832
Md5:    3b8b455b24c71ae1f928266241e9517e
Sha1:   8b98ca60c92b83e039c3b996f090883ed8b7ca75
Sha256: c8d05f7eda85f68f0a08307eeee4e481282fda95570dd53f300b8aadd4f504f6
                                        
                                            GET /landings/274421/1665476197/images/3.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: aMT1VkHY+x412lDaG9IN4uFmpcu2VslHklM08t4Ttwf+pCC02fvEzWoOBITLxEmuEKyHB1NmHGc=
x-amz-request-id: 35SACX03E4JDRB3Y
Last-Modified: Tue, 11 Oct 2022 08:16:40 GMT
ETag: "8ff03d86c53d978e5527374b5bcd5114"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 149812
Date: Fri, 18 Nov 2022 05:14:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1108x1280, components 3\012- data
Size:   149812
Md5:    8ff03d86c53d978e5527374b5bcd5114
Sha1:   2b63b0853d74e24d74d26dbf9622c407e3c74ea9
Sha256: 10dedae19a11a0cf1cea2db4646bde720e63e35140f38ae3453fa2a4e4649e1c
                                        
                                            GET /landings/274421/1665476197/images/1.mp4 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
x-amz-id-2: ukOVCXisFX14+w0taBv0t+G+kpe4AHXmSr6omVzCp1j1hmUR1jxd8VJ4gVmiX7atGRausZA0cO4=
x-amz-request-id: MZ8F15BZ9VJHN3AP
Last-Modified: Tue, 11 Oct 2022 08:16:40 GMT
ETag: "379ddec6d7d6e118bd7565d1c83dbb90"
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 18 Nov 2022 05:14:42 GMT
Content-Range: bytes 0-1560163/1560164
Content-Length: 1560164
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   1560164
Md5:    379ddec6d7d6e118bd7565d1c83dbb90
Sha1:   16becb1b44f3f35b0fa239668901338cba6eff06
Sha256: 5635dd2c6c23dfdc3e4eb82afc4231a27e8522ec332b8568a3fc7ae8755fec94
                                        
                                            GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1 
Host: jqkkq.excelientdates.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/c/da57dc555e50572d?s1=15966&s2=56630&s3=1.testfr16&s5=backuser&click_id=68-1381-20221118081436dbcb17fc&iexpp=1&j1=1&j3=1
Cookie: unique_id=6376b046000325dd; unique_id2=6376b04600047c48; 6376b04600047c48_c=1; ref_token=15966_1018_808_178740; impression=; 6376b04600047c48_sl=[274421]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 18 Nov 2022 05:14:40 GMT
expires: Fri, 25 Nov 2022 05:14:40 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css2?family=Roboto:wght@300;400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 05:14:40 GMT
date: Fri, 18 Nov 2022 05:14:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/service-worker.js HTTP/1.1 
Host: jqkkq.excelientdates.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: unique_id=6376b046000325dd; unique_id2=6376b04600047c48; 6376b04600047c48_c=1; ref_token=15966_1018_808_178740; impression=; 6376b04600047c48_sl=[274421]
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 18 Nov 2022 05:14:41 GMT
expires: Fri, 25 Nov 2022 05:14:41 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing