rerulekoba.66ghz.com/humidified_high_flow_nasal_cannula_oxygen_guideline.pdf
199.59.243.222200 OK 1.1 kB URL HTTP/1.1 rerulekoba.66ghz.com/humidified_high_flow_nasal_cannula_oxygen_guideline.pdf
IP 199.59.243.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1504), with no line terminators
Hash e8bae13013210bb3c10ba6ee48360521
b435c94be93e10a69c9a9488aa1895dc678a1d26
fa522ca85f6587670323a34d52f158f02046f8ccf915c1a8d46270cd7c2edde2
GET /humidified_high_flow_nasal_cannula_oxygen_guideline.pdf HTTP/1.1
Host: rerulekoba.66ghz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 04:53:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=ddadb9ae-0e17-2e96-440d-e4d5a4696c21; expires=Wed, 09-Nov-2022 05:08:46 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_gYAE6FXABco67tH5MkX/nA9EaMym92zw33hmhdtZu0r1Sed0bRmaNA0ZJS3kfz/RiW7QlBMJRwoJgx++N2nQ/Q==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5603
Expires: Wed, 09 Nov 2022 06:27:09 GMT
Date: Wed, 09 Nov 2022 04:53:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3507
Cache-Control: max-age=110152
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:53:46 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:29:38 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3507
Cache-Control: max-age=110152
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:53:46 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:29:38 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8004
Expires: Wed, 09 Nov 2022 07:07:10 GMT
Date: Wed, 09 Nov 2022 04:53:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: x+TuobLIqnuFnb9jIIPdvhBZrIzKLQWmPQJE65FzhYtdteHSrUHqu9ctPrGWhPm6V4Lgvg9Hpa8=
x-amz-request-id: 15S6FHC8CWY9B5TF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 04:11:35 GMT
age: 2531
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 04:53:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rerulekoba.66ghz.com/js/parking.2.100.1.js
199.59.243.222200 OK 22 kB URL HTTP/1.1 rerulekoba.66ghz.com/js/parking.2.100.1.js
IP 199.59.243.222:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 8a07d873fd7c830dbc17ab3acd035c82
63fc8bf7b204f03cc4075296813547c0878b6df8
ed987754e2b1330b100c69aef0b7d42cc6891042dcccdaaa2db90159162438f9
GET /js/parking.2.100.1.js HTTP/1.1
Host: rerulekoba.66ghz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rerulekoba.66ghz.com/humidified_high_flow_nasal_cannula_oxygen_guideline.pdf
Cookie: parking_session=ddadb9ae-0e17-2e96-440d-e4d5a4696c21
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 04:53:46 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 07 Nov 2022 16:05:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
rerulekoba.66ghz.com/_fd
199.59.243.222200 OK 424 B IP 199.59.243.222:0
File type ASCII text, with very long lines (537), with no line terminators
Hash 9c24af07fbb37f52068851c962e0681d
fceabce090cf0903674087732d22fc14c1d1a0b3
82e32531dd8eb7ebbca4ff3ac97b8502e608830e52ccd7f60c92d58561eb3120
POST /_fd HTTP/1.1
Host: rerulekoba.66ghz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://rerulekoba.66ghz.com/humidified_high_flow_nasal_cannula_oxygen_guideline.pdf
Content-Type: application/json
Origin: http://rerulekoba.66ghz.com
Connection: keep-alive
Cookie: parking_session=ddadb9ae-0e17-2e96-440d-e4d5a4696c21
Content-Length: 0
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 09 Nov 2022 04:53:46 GMT
X-Version: 2.100.1
Set-Cookie: parking_session=ddadb9ae-0e17-2e96-440d-e4d5a4696c21; expires=Wed, 09-Nov-2022 05:08:46 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
rerulekoba.66ghz.com/px.gif?ch=1&rn=4.537081415866795
199.59.243.222200 OK 42 B URL HTTP/1.1 rerulekoba.66ghz.com/px.gif?ch=1&rn=4.537081415866795
IP 199.59.243.222:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=1&rn=4.537081415866795 HTTP/1.1
Host: rerulekoba.66ghz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rerulekoba.66ghz.com/humidified_high_flow_nasal_cannula_oxygen_guideline.pdf
Cookie: parking_session=ddadb9ae-0e17-2e96-440d-e4d5a4696c21
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 04:53:46 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
rerulekoba.66ghz.com/px.gif?ch=2&rn=4.537081415866795
199.59.243.222200 OK 42 B URL HTTP/1.1 rerulekoba.66ghz.com/px.gif?ch=2&rn=4.537081415866795
IP 199.59.243.222:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=2&rn=4.537081415866795 HTTP/1.1
Host: rerulekoba.66ghz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rerulekoba.66ghz.com/humidified_high_flow_nasal_cannula_oxygen_guideline.pdf
Cookie: parking_session=ddadb9ae-0e17-2e96-440d-e4d5a4696c21
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 04:53:46 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dee3039809fc2026852697eaa005560c
f4f6b76cf09e0a9e756ab6b9b8be26cb6e15b2c7
8091750102499bbd5d92ea3e89cf364e833df30e186963d67a0d66a13751ef8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:53:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rerulekoba.66ghz.com/favicon.ico
199.59.243.222200 OK 0 B URL HTTP/1.1 rerulekoba.66ghz.com/favicon.ico
IP 199.59.243.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: rerulekoba.66ghz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rerulekoba.66ghz.com/humidified_high_flow_nasal_cannula_oxygen_guideline.pdf
Cookie: parking_session=ddadb9ae-0e17-2e96-440d-e4d5a4696c21
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 09 Nov 2022 04:53:46 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
ETag: "61424bb6-0"
x-backend-server: ip-10-201-16-121.ec2.internal
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:53:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5444
Cache-Control: max-age=107023
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:53:47 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:37:30 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mQnIleY+kYfWkpeRu+iuqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: puBwwEY9HHOU0EsZETPjtPjFeDY=
rerulekoba.66ghz.com/_zc
199.59.243.222200 OK 166 B IP 199.59.243.222:0
File type ASCII text, with no line terminators
Hash 81331628528ff92fc002e153f3578df1
217f971e96a82c7386236576654b602c8d302023
377fe040102291b2a81f85543c589c52b657e667a694cd8d0261b1d1e5f2cab6
POST /_zc HTTP/1.1
Host: rerulekoba.66ghz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://rerulekoba.66ghz.com/humidified_high_flow_nasal_cannula_oxygen_guideline.pdf
Content-Type: application/json
Origin: http://rerulekoba.66ghz.com
Content-Length: 2069
Connection: keep-alive
Cookie: parking_session=ddadb9ae-0e17-2e96-440d-e4d5a4696c21
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 09 Nov 2022 04:53:47 GMT
X-Version: 2.100.1
Set-Cookie: parking_session=ddadb9ae-0e17-2e96-440d-e4d5a4696c21; expires=Wed, 09-Nov-2022 05:08:47 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww01.66ghz.com/?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue
185.27.134.133200 OK 264 B URL HTTP/1.1 ww01.66ghz.com/?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue
IP 185.27.134.133:0
ASN #34119 Wildcard UK Limited
File type HTML document text\012- HTML document, ASCII text, with very long lines (315), with no line terminators
Hash cc685d61dda3cf89de0c418ba048279c
5ce05eaafbcc24dd3ae56fff2e39216f8e2e6ccf
651d7e06e403f5a20ec05fc09657b90c39b826d0b7d1c128d742b38e125987d5
GET /?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue HTTP/1.1
Host: ww01.66ghz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rerulekoba.66ghz.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 04:53:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Content-Encoding: gzip
ww01.66ghz.com/?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue&i=1
185.27.134.133301 Moved Permanently 354 B URL HTTP/1.1 ww01.66ghz.com/?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue&i=1
IP 185.27.134.133:0
ASN #34119 Wildcard UK Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f07dfd52bfa6afa38706278f1f451d4b
8a1ef461c6ea25dc86202f3e4a14f64002003740
59a2ab67677a68ccb7cd42ce39ddf4299f6af35495f8497e49d516a6d11fcdbb
GET /?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue&i=1 HTTP/1.1
Host: ww01.66ghz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww01.66ghz.com/?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue
Cookie: _test=7da11f1c3aec6fedc537eb0a7f6e670d
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 09 Nov 2022 04:53:46 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 354
Connection: keep-alive
Location: http://ww01.66ghz.com/?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue
Cache-Control: max-age=0
Expires: Wed, 09 Nov 2022 04:53:46 GMT
ww01.66ghz.com/?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue
185.27.134.133302 Found 0 B URL HTTP/1.1 ww01.66ghz.com/?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue
IP 185.27.134.133:0
ASN #34119 Wildcard UK Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue HTTP/1.1
Host: ww01.66ghz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww01.66ghz.com/?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue
Connection: keep-alive
Cookie: _test=7da11f1c3aec6fedc537eb0a7f6e670d
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 09 Nov 2022 04:53:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sexdate.today/?u=qnhw0k9&o=wkxphzk
Cache-Control: max-age=0
Expires: Wed, 09 Nov 2022 04:53:46 GMT
ww01.66ghz.com/favicon.ico
185.27.134.133301 Moved Permanently 230 B URL HTTP/1.1 ww01.66ghz.com/favicon.ico
IP 185.27.134.133:0
ASN #34119 Wildcard UK Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5636230389c531a468a951c5895b8342
f2e648febafa6721514e0fbf28c8cef19ce8ebf3
f04d6ee1e87672bfbf76d908f877ff04824744e4ea375b8b5a30c11c56daaf9a
GET /favicon.ico HTTP/1.1
Host: ww01.66ghz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww01.66ghz.com/?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue
Cookie: _test=7da11f1c3aec6fedc537eb0a7f6e670d
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 09 Nov 2022 04:53:46 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 230
Connection: keep-alive
Location: http://ww01.66ghz.com/
Cache-Control: max-age=0
Expires: Wed, 09 Nov 2022 04:53:46 GMT
ww01.66ghz.com/
185.27.134.133302 Found 0 B IP 185.27.134.133:0
ASN #34119 Wildcard UK Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: ww01.66ghz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww01.66ghz.com/?pid=9POT3387I&pbsubid=ddadb9ae-0e17-2e96-440d-e4d5a4696c21&noads=http%3A%2F%2Fww01.66ghz.com%2F%3Fskipskenzo%3Dtrue
Connection: keep-alive
Cookie: _test=7da11f1c3aec6fedc537eb0a7f6e670d
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 09 Nov 2022 04:53:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://sexparty.today/?u=qnhw0k9&o=wkxphzk
Cache-Control: max-age=0
Expires: Wed, 09 Nov 2022 04:53:46 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 561ddf4ad74a5d9d165d52c95640544c
ead5867bb946734e231873c8f6d59a04b5812551
7a790b73d2a82e9cb90b5dc873ab969c0d3f6eb65d0cb7fe0573920c0ad74399
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A790B73D2A82E9CB90B5DC873AB969C0D3F6EB65D0CB7FE0573920C0AD74399"
Last-Modified: Sun, 06 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 09 Nov 2022 10:53:48 GMT
Date: Wed, 09 Nov 2022 04:53:48 GMT
Connection: keep-alive
sexdate.today/?u=qnhw0k9&o=wkxphzk
5.8.47.51200 OK 7.2 kB URL HTTP/1.1 sexdate.today/?u=qnhw0k9&o=wkxphzk
IP 5.8.47.51:0
ASN #209813 Fast Content Delivery LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (531), with CRLF line terminators
Hash 8fd394867a5c98e455e493daa7b48f27
d7f2d06350dc1fc49bfa4bc21c3e3857f2a010d0
59dda07af1639907f64bc06944df53f7d11285a1d306418fcb35f5c9796c9ecb
GET /?u=qnhw0k9&o=wkxphzk HTTP/1.1
Host: sexdate.today
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww01.66ghz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 04:53:48 GMT
Content-Type: text/html
Content-Length: 7215
Connection: keep-alive
set-cookie: sid=t3~ebjb4v4i0t4nokf2ssafu2u1; path=/
cache-control: private, no-transform
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sexdate.today/media/bb.js
5.8.47.51200 OK 873 B URL HTTP/1.1 sexdate.today/media/bb.js
IP 5.8.47.51:0
ASN #209813 Fast Content Delivery LTD
File type ASCII text, with very long lines (639), with no line terminators
Hash 569d998b15881edb2aeee2e15850a63f
8201e792965ae7204e64091beb46ef7916403d49
f10e8990477d1b9997e37f2f57586caa8cca522ee2e4799970beefb9a5afb3b2
Analyzer Verdict Alert fortinet Phishing
GET /media/bb.js HTTP/1.1
Host: sexdate.today
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexdate.today/?u=qnhw0k9&o=wkxphzk
Cookie: sid=t3~ebjb4v4i0t4nokf2ssafu2u1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 04:53:48 GMT
Content-Type: application/javascript
Connection: close
Last-Modified: Thu, 28 Jul 2022 18:00:18 GMT
Vary: Accept-Encoding
ETag: W/"62e2ceb2-27f"
Content-Encoding: br
Cache-Control: no-transform
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5221
Expires: Wed, 09 Nov 2022 06:20:49 GMT
Date: Wed, 09 Nov 2022 04:53:48 GMT
Connection: keep-alive
sexdate.today/media/exit-new/exit1.js
5.8.47.51200 OK 1.7 kB URL HTTP/1.1 sexdate.today/media/exit-new/exit1.js
IP 5.8.47.51:0
ASN #209813 Fast Content Delivery LTD
File type ASCII text, with very long lines (641), with CRLF line terminators
Hash 2ba144b3e392cb722c86c61ddf8e1f51
5ae14fcb6fcd092231b661bd0fc674a7aff52df9
8776880a20d3d280ade8580f1ea545aea05c762f913420d4a33c01bb53a6ccb7
Analyzer Verdict Alert fortinet Phishing
GET /media/exit-new/exit1.js HTTP/1.1
Host: sexdate.today
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexdate.today/?u=qnhw0k9&o=wkxphzk
Cookie: sid=t3~ebjb4v4i0t4nokf2ssafu2u1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 04:53:48 GMT
Content-Type: application/javascript
Connection: close
Last-Modified: Mon, 31 May 2021 11:57:39 GMT
Vary: Accept-Encoding
ETag: W/"60b4cf33-d91"
Content-Encoding: br
Cache-Control: no-transform
sexdate.today/media/dating/toon2/js/jquery-2.2.4.min.js
5.8.47.51200 OK 30 kB URL HTTP/1.1 sexdate.today/media/dating/toon2/js/jquery-2.2.4.min.js
IP 5.8.47.51:0
ASN #209813 Fast Content Delivery LTD
File type ASCII text, with very long lines (32065)
Hash ce60eb3f7e5bebf5822803a4a7059b1f
7d1ae091a5abc28b0d5219f7361c3bf5626c543c
fff8166bc4046238b8fd212d0c8774d707579b8fef463bade513766a732d1b95
Analyzer Verdict Alert fortinet Phishing
GET /media/dating/toon2/js/jquery-2.2.4.min.js HTTP/1.1
Host: sexdate.today
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexdate.today/?u=qnhw0k9&o=wkxphzk
Cookie: sid=t3~ebjb4v4i0t4nokf2ssafu2u1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 04:53:48 GMT
Content-Type: application/javascript
Connection: close
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Vary: Accept-Encoding
ETag: W/"60a50cf6-14e4a"
Content-Encoding: br
Cache-Control: no-transform
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba11c7c9-77b7-4b0d-aa7f-493ab46c77b1.jpeg
34.120.237.76200 OK 2.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba11c7c9-77b7-4b0d-aa7f-493ab46c77b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1b4ae74d6a926ef85ce993a33f7d8a3f
9ce8d453c5ab8f7682e5ee3641a37b1abe1a8857
61b2fea439945e122a8502ab05e6c68bc1b3a9d8c639344ef5b04dfcc6889a65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba11c7c9-77b7-4b0d-aa7f-493ab46c77b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2766
x-amzn-requestid: 934d6215-528a-4e78-bc46-3b0838d94671
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bG3d2HMGIAMF7Gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365d2be-0c11c2fb6ebc48eb1f0a3aef;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 03:04:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2MtnIC1pavEcDYixORBwRS07BU7q0n-eDUdZAAe3NDSGF6T8yau4ug==
via: 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:17:38 GMT
age: 70570
etag: "9ce8d453c5ab8f7682e5ee3641a37b1abe1a8857"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5221
Expires: Wed, 09 Nov 2022 06:20:49 GMT
Date: Wed, 09 Nov 2022 04:53:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ae49d16-09cf-4def-b9d2-7463e61acc35.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ae49d16-09cf-4def-b9d2-7463e61acc35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee8f7d6daf8c20aeb6b71bc18225661f
17d67f22e69197701dd8e77aed0907007e444f26
3c42a717dab0144a05c23465af0bed25b76de574b2d8e62339ad2a2f2c41febd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ae49d16-09cf-4def-b9d2-7463e61acc35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14211
x-amzn-requestid: fd1004b0-95ea-4d28-9498-4882b4d7043e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeREHvnIAMFlFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-4abe287a66322b5f6422c58f;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j027aaw3nm35HERuz2PJXxUJQGsb57_Pf3pJHnP28RzX-k5_CccoKA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 04:22:01 GMT
age: 1907
etag: "17d67f22e69197701dd8e77aed0907007e444f26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84bc0bac-c8ba-4055-b51a-0c279033a4e9.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84bc0bac-c8ba-4055-b51a-0c279033a4e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1382cce063e7b64ce1a9360db1cb1a03
e773fbc5ba8bb957bce566d353c4580e46d4b31c
88332359957b997367612f496d866de90680f3ff458ead4e6cdc052ad3fe8858
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84bc0bac-c8ba-4055-b51a-0c279033a4e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6458
x-amzn-requestid: 7dc5df31-e521-476f-aee2-6a59192d8c94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTuEwBoAMFpVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-1a1866f906458f916d6baac8;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TpRz9GwPmcySJ-e0FjxKkBYmlb6wV8LnMoSMD_GJOpSk_phabHP-7Q==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:16:10 GMT
age: 23858
etag: "e773fbc5ba8bb957bce566d353c4580e46d4b31c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61972b3-81fe-4685-88de-21199403755b.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61972b3-81fe-4685-88de-21199403755b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cc233d853dae1e8f6127bc8f7ddd3ae
a99cfd0dc7b73fab94fbecc9c8bdf5945a3387a7
169e6f462cf903a188a13cb95791731fb20f2fdb04c236065e90f834606bb0a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61972b3-81fe-4685-88de-21199403755b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5282
x-amzn-requestid: e50bfdbf-6301-4451-9ae9-80127861f8fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTnaHR8IAMFSfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc95-4ee3045e3af315160dc7e933;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:39:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sPVnehGtMgbgGW_D41Q4vGyLdl8cSGpXEf1H0Td5Cy32w7carwcjTg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:44:22 GMT
age: 25766
etag: "a99cfd0dc7b73fab94fbecc9c8bdf5945a3387a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:08:56 GMT
age: 71092
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F892db5b6-1bca-4d8f-b844-3201ef7b3ef0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F892db5b6-1bca-4d8f-b844-3201ef7b3ef0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e3d20f900a883cec8e0cab687df8a251
1105130523fb346dbab9ad2bb8d71c3f505425ce
b5ade9b1302479c4589eb659125d0111c55bb4520d72501cc47b295fd65e8a6e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F892db5b6-1bca-4d8f-b844-3201ef7b3ef0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12510
x-amzn-requestid: ad966326-25a8-44df-880a-608572bf2538
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTuExNIAMFilA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-4eaa4fda178720702d9a9583;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZlRHZYYt_p4bzFjTJAzXR08Oj0B_m9qLrpOAysjxJ2F9tzzF4G7U8g==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:44 GMT
age: 25804
etag: "1105130523fb346dbab9ad2bb8d71c3f505425ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.195200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sexdate.today
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 17:10:21 GMT
expires: Wed, 08 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 42207
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext
142.250.74.10200 OK 25 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext
IP 142.250.74.10:0
Hash b32e7bd40a9ecd8a8ae621d99cc41083
adae9d4eb30ea28c3e9d095b789221bb35db8af5
35a76c2881f6132f9b2a8b2a64ea57dc86e95be1082948e9cccdd43a3abc3589
GET /css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexdate.today/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 09 Nov 2022 04:53:48 GMT
date: Wed, 09 Nov 2022 04:53:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 04:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sexdate.today/favicon.ico
5.8.47.51200 OK 0 B URL HTTP/1.1 sexdate.today/favicon.ico
IP 5.8.47.51:0
ASN #209813 Fast Content Delivery LTD
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: sexdate.today
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexdate.today/?u=qnhw0k9&o=wkxphzk
Cookie: sid=t3~ebjb4v4i0t4nokf2ssafu2u1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 04:53:49 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
last-modified: Sat, 06 Jun 2020 22:52:24 GMT
accept-ranges: bytes
etag: "5f5ecc24553cd61:0"
Cache-Control: no-transform
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff4595af-345a-41e9-bc77-5e5f5719a251.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff4595af-345a-41e9-bc77-5e5f5719a251.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee6ac2ea7efd3fab3c55044dc9b01879
a3564349a6c866d4a36fb2d86944b69628bdb8e6
95745616900a0ea1527a69558a415beab18fde9b871e1bf4cf246fa8777dcb91
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff4595af-345a-41e9-bc77-5e5f5719a251.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8586
x-amzn-requestid: 4ae185c6-868f-4d10-9c41-a423cdf42101
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTUCG1doAMFtYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc19-3d3201177e8e60866ce59b01;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:29 GMT
x-amz-cf-pop: SFO20-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jkIbA9XW12Vn_yXrK0MDe5IhTzzzvfQONeCwPEYwEbbD5W6fTzAIiQ==
via: 1.1 f9d4b21c935c23e15cfc47b3d33e44e6.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 22:39:53 GMT
age: 22442
etag: "a3564349a6c866d4a36fb2d86944b69628bdb8e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js
142.250.74.164200 OK 0 B URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 142.250.74.164:0
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rerulekoba.66ghz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Wed, 09 Nov 2022 04:53:46 GMT
expires: Wed, 09 Nov 2022 04:53:46 GMT
cache-control: private, max-age=3600
etag: "15109376822791001969"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sexdate.today/media/dating/toon2/css/animate.min.css
5.8.47.51200 OK 0 B URL HTTP/1.1 sexdate.today/media/dating/toon2/css/animate.min.css
IP 5.8.47.51:0
ASN #209813 Fast Content Delivery LTD
GET /media/dating/toon2/css/animate.min.css HTTP/1.1
Host: sexdate.today
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexdate.today/?u=qnhw0k9&o=wkxphzk
Cookie: sid=t3~ebjb4v4i0t4nokf2ssafu2u1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 04:53:48 GMT
Content-Type: text/css
Connection: close
Last-Modified: Wed, 19 May 2021 13:04:53 GMT
Vary: Accept-Encoding
ETag: W/"60a50cf5-ce35"
Content-Encoding: br
Cache-Control: no-transform
sexdate.today/util/utils.js
5.8.47.51200 OK 0 B URL HTTP/1.1 sexdate.today/util/utils.js
IP 5.8.47.51:0
ASN #209813 Fast Content Delivery LTD
Analyzer Verdict Alert fortinet Phishing
GET /util/utils.js HTTP/1.1
Host: sexdate.today
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexdate.today/?u=qnhw0k9&o=wkxphzk
Cookie: sid=t3~ebjb4v4i0t4nokf2ssafu2u1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 04:53:48 GMT
Content-Type: application/javascript
Connection: close
Last-Modified: Fri, 29 Jul 2022 09:09:07 GMT
Vary: Accept-Encoding
ETag: W/"62e3a3b3-1d58"
Content-Encoding: br
Cache-Control: no-transform
sexdate.today/media/dating/toon2/images/bg.jpg
5.8.47.51200 OK 0 B URL HTTP/1.1 sexdate.today/media/dating/toon2/images/bg.jpg
IP 5.8.47.51:0
ASN #209813 Fast Content Delivery LTD
GET /media/dating/toon2/images/bg.jpg HTTP/1.1
Host: sexdate.today
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexdate.today/media/dating/toon2/css/style.css
Cookie: sid=t3~ebjb4v4i0t4nokf2ssafu2u1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 04:53:48 GMT
Content-Type: image/jpeg
Connection: close
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Vary: Accept-Encoding
ETag: W/"60a50cf6-1d3ca"
Content-Encoding: br
Cache-Control: no-transform
sexdate.today/cookie/js.cookie.js
5.8.47.51200 OK 0 B URL HTTP/1.1 sexdate.today/cookie/js.cookie.js
IP 5.8.47.51:0
ASN #209813 Fast Content Delivery LTD
Analyzer Verdict Alert fortinet Phishing
GET /cookie/js.cookie.js HTTP/1.1
Host: sexdate.today
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexdate.today/?u=qnhw0k9&o=wkxphzk
Cookie: sid=t3~ebjb4v4i0t4nokf2ssafu2u1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 04:53:48 GMT
Content-Type: application/javascript
Connection: close
Last-Modified: Thu, 21 Jul 2022 10:04:53 GMT
Vary: Accept-Encoding
ETag: W/"62d924c5-10a8"
Content-Encoding: br
Cache-Control: no-transform
sexdate.today/media/dating/toon2/images/123.jpg
5.8.47.51200 OK 0 B URL HTTP/1.1 sexdate.today/media/dating/toon2/images/123.jpg
IP 5.8.47.51:0
ASN #209813 Fast Content Delivery LTD
GET /media/dating/toon2/images/123.jpg HTTP/1.1
Host: sexdate.today
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexdate.today/?u=qnhw0k9&o=wkxphzk
Cookie: sid=t3~ebjb4v4i0t4nokf2ssafu2u1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 04:53:48 GMT
Content-Type: image/jpeg
Connection: close
Last-Modified: Wed, 19 May 2021 13:04:54 GMT
Vary: Accept-Encoding
ETag: W/"60a50cf6-2bbe8"
Content-Encoding: br
Cache-Control: no-transform
sexdate.today/media/dating/toon2/css/style.css
5.8.47.51200 OK 0 B URL HTTP/1.1 sexdate.today/media/dating/toon2/css/style.css
IP 5.8.47.51:0
ASN #209813 Fast Content Delivery LTD
GET /media/dating/toon2/css/style.css HTTP/1.1
Host: sexdate.today
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sexdate.today/?u=qnhw0k9&o=wkxphzk
Cookie: sid=t3~ebjb4v4i0t4nokf2ssafu2u1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 04:53:48 GMT
Content-Type: text/css
Connection: close
Last-Modified: Wed, 19 May 2021 13:04:53 GMT
Vary: Accept-Encoding
ETag: W/"60a50cf5-21a0"
Content-Encoding: br
Cache-Control: no-transform