urlquery - report: cs-fail.net/

Overview

URL	cs-fail.net/
IP	104.21.2.22
ASN	CLOUDFLARENET
Location
Report completed	2022-07-07 01:00:07 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-07	2	cs-fail.net/	Phishing
2022-07-07	2	cs-fail.net/assets/pvydgflzorzs/fnqduadizanu.js	Phishing
2022-07-07	2	cs-fail.net/dxagpyvlyojbhufvmimjvumvwstanntvubntisflrluwtn	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (12)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	r3.o.lencr.org (3)	344	2020-12-02 08:52:13 UTC	2022-07-06 04:41:34 UTC	23.36.77.32
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.118
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-07-06 19:05:02 UTC	93.184.220.29
[Mnemonic Passive DNS]	ocsp.pki.goog (4)	175	2017-06-14 07:23:31 UTC	2022-07-06 04:42:12 UTC	142.250.74.3
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-07-06 17:02:11 UTC	34.120.237.76
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-06 04:55:23 UTC	54.230.111.7
[Mnemonic Passive DNS]	cs-fail.net (4)	0	No data	No data	104.21.2.22	Unknown ranking
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-07-06 04:47:23 UTC	44.240.216.68
[Mnemonic Passive DNS]	fonts.gstatic.com (1)	0	2017-01-30 04:59:51 UTC	2022-07-06 04:41:59 UTC	142.250.74.163	Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS]	i.ibb.co (1)	13485	No data	No data	51.210.32.132
[Mnemonic Passive DNS]	e1.o.lencr.org (2)	6159	2021-08-20 07:36:30 UTC	2022-07-06 04:48:56 UTC	23.36.76.226

Recent reports on same IP/ASN/Domain

No other reports on IP: 104.21.2.22

Last 10 reports on ASN: CLOUDFLARENET

Date	UQ / IDS / BL	URL	IP
2022-08-20 05:07:36 +0000	0 - 0 - 3	signforcover.com/ejaculation/ZG93bmxvYWR8MnFv (...)	104.21.42.8
2022-08-20 05:07:29 +0000	16 - 0 - 0	king-prawn-app-u4ypn.ondigitalocean.app/werrx (...)	104.16.243.78
2022-08-20 04:56:04 +0000	0 - 0 - 1	walletconnectapp.com/	104.21.38.132
2022-08-20 04:53:17 +0000	0 - 0 - 3	seachtop.com/gent/UnVuIGhpbmRpIG1vdmllIG1wNCB (...)	172.67.206.252
2022-08-20 04:52:44 +0000	0 - 0 - 1	rink.cc/uy208	104.26.1.138
2022-08-20 04:52:00 +0000	0 - 0 - 9	cuevana3.rip/peliculas-online/	104.21.24.217
2022-08-20 04:35:30 +0000	0 - 0 - 0	cb.run	104.21.78.69
2022-08-20 04:35:01 +0000	0 - 0 - 1	fufe.oprihostio.top/	172.67.196.108
2022-08-20 04:34:46 +0000	0 - 0 - 3	dik.si/fyJwH	104.21.64.92
2022-08-20 04:20:00 +0000	0 - 0 - 1	rivieracocoreviews.com/	172.67.128.203

No other reports on domain: cs-fail.net

JavaScript

Executed Scripts (2)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (27)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "78A5DCFAF2D93D9C87CFB6DBC56100E9F22965D4500554BA65F71CB7D84DD666" Last-Modified: Wed, 06 Jul 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9936 Expires: Thu, 07 Jul 2022 03:45:30 GMT Date: Thu, 07 Jul 2022 00:59:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1bd93fff937cfdc8744b841243b93fd5 Sha1: 240c31be9cdaeb5d1e4f9e3558c812ba007e6d22 Sha256: 78a5dcfaf2d93d9c87cfb6dbc56100e9f22965d4500554ba65f71cb7d84dd666
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.118 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Thu, 07 Jul 2022 00:56:25 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: QxNPZYb6yXiBITj9ArRrDrJgEyplrZJA0SleSYNo7wawdndw9IkAmA== Age: 209 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 54.230.111.7 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Wed, 06 Jul 2022 03:26:46 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: dI5RVQLVScB2l9skkJY9i45vlcmKfMUsS74q8Y5KTL7fMFfw0UoAEQ== age: 77589 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 00:59:54 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.118 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Thu, 07 Jul 2022 00:34:56 GMT Cache-Control: max-age=3600 Expires: Thu, 07 Jul 2022 01:11:40 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 9nUUa-Xnt06B_i2i8NreBNIminTj_qj4jJS9NabEf3V2S1xTqjaQSQ== Age: 1498 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3390 Cache-Control: max-age=115461 Date: Thu, 07 Jul 2022 00:59:54 GMT Etag: "62c542d1-1d7" Expires: Fri, 08 Jul 2022 09:04:15 GMT Last-Modified: Wed, 06 Jul 2022 08:07:45 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 54a5ebdb4e3b060878632555583e462f Sha1: df627b311d6276eabf36fe1390a8219714839aed Sha256: 5c77d20265a9a328455b745ec5191e036ec35814586c1e6bcd1c8b2de01b3ff2
GET / HTTP/1.1 Host: cs-fail.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, Unicode text, UTF-8 (with BOM) text, with very long lines (1027) Size: 2731 Md5: b0935d9b03f21b8d750f4200018b23e2$ 104.21.2.22 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Thu, 07 Jul 2022 00:59:54 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BSlPBvBn3sK67KEQhZ%2BlgRCzsM4N0Rodpkb8rF94HzQlw%2BXJ11y4YjFoMkyckRwpgm04nQ%2FiL%2FHNSr%2BkWknQfyktZ%2BPxPJj94%2FTbkKul2IDiC6XNnQ4m%2F14AsexEA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 726ca3ddabefb4ff-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, Unicode text, UTF-8 (with BOM) text, with very long lines (1027) Size: 2731 Md5: b0935d9b03f21b8d750f4200018b23e2 Sha1: 5908bb07eb11c201f02688c20af6b494f121781a Sha256: cdbb888a2d995b6048524f5b0733e63ee3b1f0c5f14383a285cb01c26c98ab8a Alerts: Blocklists: - fortinet: Phishing
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: SdFPwXs0v2VODGfC4Vc4sA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	44.240.216.68 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: USvK05ddmZKKGIrtPKtwQkAPZl4= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 00:59:55 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 10d404f870d318b84e322360bc834261 Sha1: f35781be2433d340099cc514510d6ead30aac6e4 Sha256: f9a7d211b5b22a4435bc14daf28b55995d948f50b335e058e05f4c438746cf11
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 00:59:55 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 10d404f870d318b84e322360bc834261 Sha1: f35781be2433d340099cc514510d6ead30aac6e4 Sha256: f9a7d211b5b22a4435bc14daf28b55995d948f50b335e058e05f4c438746cf11
GET /FD126C42-EBFA-4E12-B309-BB3FDD723AC1/main.js?attr=abtBboJzUw98SnBUG_v2pwO6MGBbV-wGoBnypyDVIw9CbDJ9XGnKEEjcEEx-KbmVcLzJZ7i5KrwzNnYB6TpgOl1KkN0TIfD--2treAkJ5R652cLI1TAl3luuw6iaeUkRWLGmsKueNKp6J3yALBKUGw HTTP/1.1 Host: cs-fail.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cs-fail.net/	$Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 116 Md5: d30dc29a0a37021c19ce82dfd63f38e2$ 104.21.2.22 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Thu, 07 Jul 2022 00:59:56 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsOX0o17uiqdhO3NzvdYHNgOkGZIXZ2zBvLld3Cx05zfz3RF4znD7UenSf6k1HsuIkkTb%2FPxh8p3uC69IksLk0SSb5iahjXDhJX%2BZhf7Q3wVZp5RVP5Azs1IDLjCbg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 726ca3e54880b4ff-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 116 Md5: d30dc29a0a37021c19ce82dfd63f38e2 Sha1: f8a5f684b1ceff1df00e7b98f206721db21c8c80 Sha256: f86707006f9eb679fe56a9238e5d5194aac6f4168a3f366f57128a1001a2857d
GET /assets/pvydgflzorzs/fnqduadizanu.js HTTP/1.1 Host: cs-fail.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cs-fail.net/	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators Size: 58211 Md5: 87c85e047d35781cac6e30f16cf591ab$ 104.21.2.22 HTTP/1.1 200 OK Content-Type: application/javascript; charset=UTF-8 Date: Thu, 07 Jul 2022 00:59:56 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Tue, 28 Jun 2022 10:49:41 GMT ETag: W/"62badcc5-2573a" Cache-Control: max-age=14400 CF-Cache-Status: MISS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDK423EB6ESHpJoHQtUc6tE1X4isJi1BXdjC1fj8vEfxvc2BgyW9WVLNo8UhGMFCiUR0EVYkE3qYh2YOiMAoUvNFY7M3U0g4h7iI1gTvacxUjEquLV8KZXz4f94LJA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 726ca3e54f180b55-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators Size: 58211 Md5: 87c85e047d35781cac6e30f16cf591ab Sha1: 0db1b226d9748df07a2c02bdbe6074c5298140ae Sha256: fe4c3527da1baba06b977625ca498f75fc27b32d67bac3f82030f8a9100ccdf6 Alerts: Blocklists: - fortinet: Phishing
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 00:59:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 347e2358aa2df71261aeb7a8b1b1f6fe Sha1: fa29c219039d0b2086f21bacbdcedc4469ed1be2 Sha256: 9d29368fcc9aaac6d1858baf2cd321eef3ffb3169dd614e5cfcbd17369998a97
GET /s/rubik/v20/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0U1.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://cs-fail.net Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: Web Open Font Format (Version 2), TrueType, length 17224, version 1.0\012- data Size: 17224 Md5: 1898474721f807e2ea0e8b71b20f687d$ 142.250.74.163 HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 17224 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 06 Jul 2022 20:02:50 GMT expires: Thu, 06 Jul 2023 20:02:50 GMT cache-control: public, max-age=31536000 age: 17826 last-modified: Wed, 27 Apr 2022 15:42:33 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 17224, version 1.0\012- data Size: 17224 Md5: 1898474721f807e2ea0e8b71b20f687d Sha1: a8e84c1e434bf45fa9eefd619ccf90afeabc0071 Sha256: 0d5b881bcdd0671b1a53c8412eeb0e3cd2c2b932e903214ebcdecbe23ba7154f
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 00:59:56 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 347e2358aa2df71261aeb7a8b1b1f6fe Sha1: fa29c219039d0b2086f21bacbdcedc4469ed1be2 Sha256: 9d29368fcc9aaac6d1858baf2cd321eef3ffb3169dd614e5cfcbd17369998a97
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5674 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 00:59:56 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5674 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 00:59:56 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
GET /2FHGHyR/2022-06-21-021132000.png HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cs-fail.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PNG image data, 640 x 331, 8-bit/color RGB, non-interlaced\012- data Size: 149363 Md5: f681b029a428d1800420fcb20b5f2d30$ 51.210.32.132 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 00:59:56 GMT content-type: image/png content-length: 149363 last-modified: Mon, 20 Jun 2022 19:11:32 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 640 x 331, 8-bit/color RGB, non-interlaced\012- data Size: 149363 Md5: f681b029a428d1800420fcb20b5f2d30 Sha1: dbf396517575e87d019dcc394a27c99d3193ae20 Sha256: 3230f3af6f3149d3b0bfffd7b8c6c9b20fa7679e62509430df6a51efa2f58a68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2fc71a-842c-433d-8506-e191aa0edcd6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4243 Md5: 4dadb5bd9157f2899ea250117bf6655e$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 4243 x-amzn-requestid: 7529aa91-0ea7-442d-a0b7-c3c74f0d5d5b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UthU8HNdoAMFpUw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c215b9-527e994b56eb0630557d6dd5;Sampled=0 x-amzn-remapped-date: Sun, 03 Jul 2022 22:18:33 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: DQPLClNEQSPyiJJEq83p-1_lCk1cLIqpXQuPUQA2EzYd4kc0D9ILaw== via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 04:44:24 GMT age: 72932 etag: "5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4243 Md5: 4dadb5bd9157f2899ea250117bf6655e Sha1: 5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3 Sha256: 236f94db1ce5926743b6f0692509ab20c17fca595b5c062133a9d24fc80d6f0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1f48beb-da86-42f3-b5da-39fa82b568cb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7249 Md5: 5c958b0c904620aff5f5f8a74f80d9f9$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7249 x-amzn-requestid: 74cbc653-182e-4ef0-9fe5-901ddaa4edaf x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UoBIEGKqIAMFp8Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bfe233-383f73a750696511624ff453;Sampled=0 x-amzn-remapped-date: Sat, 02 Jul 2022 06:14:11 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: BVo4WA3x-2hGSrOBQTIcT5yjiYcdzQby4NDOrnrWpREFtHG5x52Jzg== via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 09:18:45 GMT age: 56471 etag: "2f79d1e28bb827f7fa60b6675dba8022c28a1a3d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7249 Md5: 5c958b0c904620aff5f5f8a74f80d9f9 Sha1: 2f79d1e28bb827f7fa60b6675dba8022c28a1a3d Sha256: 8bba608d028bbb678f021eaca3364856f930069f44b647346e649eca4c383955
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13136825-0301-44c6-8c81-faf21628fe4c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6737 Md5: 44f59062cacc44be268845c493de29de$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6737 x-amzn-requestid: 9a9c33df-daa2-49fb-ba8e-fd5a3149828e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UeP9ZG93oAMFX6A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bbf9ef-248528170cf451be2662dbef;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 07:06:23 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: GZWZ5vCdHbLeGN4FdZbd8ysfjqcGd-7MsBW_steUpJ38jyLd16JNtw== via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 03:53:29 GMT age: 75987 etag: "5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6737 Md5: 44f59062cacc44be268845c493de29de Sha1: 5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f Sha256: c37305dfa7a241e526c7246a6eb71360dbfa2fe5d7f369f37ef7ddbfe1b97749
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf054370-6b80-40cd-a42e-91d4d8e3c37e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7271 Md5: 1d4f4e3ad0f3ca501b797538d0f3aaac$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7271 x-amzn-requestid: 3fa97801-72ce-40f1-9609-10406e6d70ff x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UoS0BFjuoAMFw8w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bffe7f-103b3e9a2928a3ed39c62b1b;Sampled=0 x-amzn-remapped-date: Sat, 02 Jul 2022 08:14:55 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: TrgAb-pYFci7r56srzmwDp_mnZ6ApHI6KRaOyrHTYgJHmLcx6iNr1g== via: 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 21:50:30 GMT age: 11366 etag: "949707b56fd4aa6464f5f4a5d52b18ab72d307ff" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7271 Md5: 1d4f4e3ad0f3ca501b797538d0f3aaac Sha1: 949707b56fd4aa6464f5f4a5d52b18ab72d307ff Sha256: 66cf72056531f6151e2e72d48f07f1ba063753316160fe165cb00e125efbca90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0584e039-a479-41c4-ad51-d842dbd32f7c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5198 Md5: cd4e7dda9491e473d4b36a87915a82df$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 5198 x-amzn-requestid: f56b5dea-3209-4e32-985e-fbcb45c70e71 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: U0xnWFKCIAMFe2w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c4fc95-159a1632285a681d7478353a;Sampled=0 x-amzn-remapped-date: Wed, 06 Jul 2022 03:08:05 GMT x-amz-cf-pop: SFO20-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: jh8Cn-5251TNBafhSRsz0jUA8md-ZKQpjj_N1YYcUaVnJAYIdFAQ2A== via: 1.1 21e2c668bb54ebb4456425e394c3356a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 03:19:59 GMT age: 77997 etag: "76b2ac44ab4590c5345063d314975f483a61cb1f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5198 Md5: cd4e7dda9491e473d4b36a87915a82df Sha1: 76b2ac44ab4590c5345063d314975f483a61cb1f Sha256: f1e7681478f46029c90d707def4755f3d91a9f0b1d3509008bfca84d84a9634a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94470e3-8873-4e4e-909a-df8539096335.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12294 Md5: 8b57e1aba0bce88ae13af9ccf60089bd$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 12294 x-amzn-requestid: e6b35bb1-bc6b-4b98-aa16-cff64cf3e4b9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Ua_AwHdPIAMFSzQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62baab9e-4659e88772f9e8551e06800a;Sampled=0 x-amzn-remapped-date: Tue, 28 Jun 2022 07:19:58 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: EWsndyPnvdV629tcpvI0HUzSA6Ocbb0acwQ6v5i0VWoEeGIKaF7fcw== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 21:59:49 GMT age: 10807 etag: "7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12294 Md5: 8b57e1aba0bce88ae13af9ccf60089bd Sha1: 7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7 Sha256: 84a48013d8c91a7ae77719feb3d5996409197bdafe93a9e6deb02dbeffe0cb4b
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "B2C9AA7D96AD702AA08D3FD242BBA849A97037D96F88455CC5B08E41638D487D" Last-Modified: Mon, 04 Jul 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21600 Expires: Thu, 07 Jul 2022 06:59:56 GMT Date: Thu, 07 Jul 2022 00:59:56 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: d44cd3fafb829eb0c85d621616699c29 Sha1: e4a09bfe3a92eaa483a20517e0b66959a57b6c56 Sha256: b2c9aa7d96ad702aa08d3fd242bba849a97037d96f88455cc5b08e41638d487d
POST /dxagpyvlyojbhufvmimjvumvwstanntvubntisflrluwtn HTTP/1.1 Host: cs-fail.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded Content-Length: 18 Origin: http://cs-fail.net Connection: keep-alive Referer: http://cs-fail.net/	$Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 122 Md5: 60ec35e30b30589871d70a83fbd66a23$ 104.21.2.22 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Thu, 07 Jul 2022 00:59:57 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2I1eg6x1DaIoAU80dqzORwbKe7HUWEvTHq3axOrL2fB%2FJdB9w0ck5e3AkwTXsxDcjCzJMRjoSIoO4ow0S%2B0sGOzGKIwY%2BhJaGorbIoO%2F5rvflDcQWT5bwlGUv9TwwA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 726ca3ed3a940b55-OSL Content-Encoding: gzip alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 122 Md5: 60ec35e30b30589871d70a83fbd66a23 Sha1: 782170751fc0dc6eb9d49ac99f83415a173cfa5e Sha256: 7f5d875848012c22cda1751bd44c2d339de926572d5276378ec1e9ff651ff83f Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 344 ETag: "B2C9AA7D96AD702AA08D3FD242BBA849A97037D96F88455CC5B08E41638D487D" Last-Modified: Mon, 04 Jul 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21599 Expires: Thu, 07 Jul 2022 06:59:56 GMT Date: Thu, 07 Jul 2022 00:59:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 344 Md5: d44cd3fafb829eb0c85d621616699c29 Sha1: e4a09bfe3a92eaa483a20517e0b66959a57b6c56 Sha256: b2c9aa7d96ad702aa08d3fd242bba849a97037d96f88455cc5b08e41638d487d